diff --git a/.nojekyll b/.nojekyll new file mode 100644 index 0000000000..8b13789179 --- /dev/null +++ b/.nojekyll @@ -0,0 +1 @@ + diff --git a/404.html b/404.html new file mode 100644 index 0000000000..8a77251886 --- /dev/null +++ b/404.html @@ -0,0 +1 @@ + 404: Page not found | Techno Tim
404: Page not found
diff --git a/about/index.html b/about/index.html new file mode 100644 index 0000000000..e6dad6e7d8 --- /dev/null +++ b/about/index.html @@ -0,0 +1 @@ + About | Techno Tim
About

About

Hero image

YouTube Subscribers Twitter Followers GitHub followers Twitch Status Discord Invite GitHub Sponsors Support me on Patreon

👋 Hi!

I’m Timothy Stewart (Techno Tim), a full stack software engineer, content creator, and a HomeLab enthusiast. I create fun and easy to follow tech content on YouTube, host a community live stream on Twitch, and share tech related content on all social platforms.I even host a community wiki that is open for anyone to contribute to from our Discord Community. I also create and contribute to many open source projects. Even my documentation site for all my videos is open source! I really enjoy building open source software, creating and contributing to communities, teaching through video content, and helping out anywhere on the web.

Contact

If you’d like to connect with me please see my list of social links here!

diff --git a/ads.txt b/ads.txt new file mode 100644 index 0000000000..bde326fa41 --- /dev/null +++ b/ads.txt @@ -0,0 +1 @@ +google.com, pub-1872619258207885, DIRECT, f08c47fec0942fa0 diff --git a/assets/css/jekyll-theme-chirpy.css b/assets/css/jekyll-theme-chirpy.css new file mode 100644 index 0000000000..2493acd6b9 --- /dev/null +++ b/assets/css/jekyll-theme-chirpy.css @@ -0,0 +1 @@ +#search-results a,h5,h4,h3,h2,h1{color:var(--heading-color);font-weight:400;font-family:Lato,"Microsoft Yahei",sans-serif}main h5,main h4,main h3,main h2{margin-top:2.5rem;margin-bottom:1.25rem}main h5:focus,main h4:focus,main h3:focus,main h2:focus{outline:none}h5 .anchor,h4 .anchor,h3 .anchor,h2 .anchor{font-size:80%}@media(hover: hover){h5 .anchor,h4 .anchor,h3 .anchor,h2 .anchor{visibility:hidden;opacity:0;transition:opacity .25s ease-in,visibility 0s ease-in .25s}h5:hover .anchor,h4:hover .anchor,h3:hover .anchor,h2:hover .anchor{visibility:visible;opacity:1;transition:opacity .25s ease-in,visibility 0s ease-in 0s}}.post-tags .post-tag:hover,.tag:hover{background:var(--tag-hover);transition:background .35s ease-in-out}.table-wrapper>table tbody tr td,.table-wrapper>table thead th{padding:.4rem 1rem;font-size:95%;white-space:nowrap}#page-category a:hover,#page-tag a:hover,.post-tags .post-tag:hover,.post-tail-wrapper .license-wrapper>a:hover,#search-results a:hover,#topbar #breadcrumb a:hover,.content a:not(.img-link):hover,.post-meta a:not([class]):hover,#access-lastmod a:hover,footer a:hover{color:#d2603a !important;border-bottom:1px solid #d2603a;text-decoration:none}#search-results a,#search-hints .post-tag,a{color:var(--link-color)}.post-tail-wrapper .post-meta a:not(:hover),.content a:not(.img-link){border-bottom:1px solid var(--link-underline-color)}#sidebar .sidebar-bottom a,#sidebar .site-title a,#sidebar .profile-wrapper{transition:all .3s ease-in-out}#sidebar .sidebar-bottom .icon-border,.content a.popup,i.far,i.fas,.code-header{-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none}#page-category ul>li>a,#page-tag ul>li>a,.post-tags .post-tag:hover,#search-results a,main .categories a:not(:hover),main #tags a:not(:hover),main #archives a:not(:hover),#access-lastmod a{border-bottom:none}.post-tail-wrapper .share-wrapper .share-icons button,#search-cancel,.code-header button{cursor:pointer}#related-posts time,#post-list .card .card-body .post-meta em,.post-meta em{font-style:normal}.categories.card,.categories .list-group,.embed-video,.post-preview::before,.post-preview,.preview-img img,.preview-img,blockquote[class^=prompt-],.code-header button,div[class^=language-],.highlight{border-radius:.625rem}.content a.popup+em{display:block;text-align:center;font-style:normal;font-size:80%;padding:0;color:#6d6c6c}#sidebar .sidebar-bottom .mode-toggle,#sidebar a{color:var(--sidebar-muted-color);-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none}#related-posts .card h4,#post-list .card .card-body .card-text.content p,#post-list .card .card-body .card-title{display:-webkit-box;overflow:hidden;text-overflow:ellipsis;-webkit-line-clamp:2;-webkit-box-orient:vertical}.post-tail-wrapper .license-wrapper>a,h1+.post-meta em,h1+.post-meta time,footer em,footer a{color:var(--text-muted-hightlight-color);font-weight:600}.post-tail-wrapper .license-wrapper span:last-child,.post-tail-wrapper,.post-meta{font-size:.85rem}#related-posts time,footer{font-size:.8rem}sup:target,.footnotes>ol>li:target{background-color:var(--footnote-target-bg);width:-moz-fit-content;width:-webkit-fit-content;width:fit-content;transition:background-color 1.75s ease-in-out}@media(prefers-color-scheme: light){html:not([data-mode]),html[data-mode=light]{--language-border-color: #ececec;--highlight-bg-color: #f6f8fa;--highlighter-rouge-color: #3f596f;--highlight-lineno-color: #9e9e9e;--inline-code-bg: #f6f6f7;--code-color: #3a3a3a;--code-header-text-color: #a3a3a3;--code-header-muted-color: #e5e5e5;--code-header-icon-color: #c9c8c8;--clipboard-checked-color: #43c743}html:not([data-mode]) [class^=prompt-],html[data-mode=light] [class^=prompt-]{--inline-code-bg: #fbfafa}html:not([data-mode]) .highlight table td,html[data-mode=light] .highlight table td{padding:5px}html:not([data-mode]) .highlight table pre,html[data-mode=light] .highlight table pre{margin:0}html:not([data-mode]) .highlight,html:not([data-mode]) .highlight .w,html[data-mode=light] .highlight,html[data-mode=light] .highlight .w{color:#24292f;background-color:#f6f8fa}html:not([data-mode]) .highlight .k,html:not([data-mode]) .highlight .kd,html:not([data-mode]) .highlight .kn,html:not([data-mode]) .highlight .kp,html:not([data-mode]) .highlight .kr,html:not([data-mode]) .highlight .kt,html:not([data-mode]) .highlight .kv,html[data-mode=light] .highlight .k,html[data-mode=light] .highlight .kd,html[data-mode=light] .highlight .kn,html[data-mode=light] .highlight .kp,html[data-mode=light] .highlight .kr,html[data-mode=light] .highlight .kt,html[data-mode=light] .highlight .kv{color:#cf222e}html:not([data-mode]) .highlight .gr,html[data-mode=light] .highlight .gr{color:#f6f8fa}html:not([data-mode]) .highlight .gd,html[data-mode=light] .highlight .gd{color:#82071e;background-color:#ffebe9}html:not([data-mode]) .highlight .nb,html[data-mode=light] .highlight .nb{color:#953800}html:not([data-mode]) .highlight .nc,html[data-mode=light] .highlight .nc{color:#953800}html:not([data-mode]) .highlight .no,html[data-mode=light] .highlight .no{color:#953800}html:not([data-mode]) .highlight .nn,html[data-mode=light] .highlight .nn{color:#953800}html:not([data-mode]) .highlight .sr,html[data-mode=light] .highlight .sr{color:#116329}html:not([data-mode]) .highlight .na,html[data-mode=light] .highlight .na{color:#116329}html:not([data-mode]) .highlight .nt,html[data-mode=light] .highlight .nt{color:#116329}html:not([data-mode]) .highlight .gi,html[data-mode=light] .highlight .gi{color:#116329;background-color:#dafbe1}html:not([data-mode]) .highlight .kc,html[data-mode=light] .highlight .kc{color:#0550ae}html:not([data-mode]) .highlight .l,html:not([data-mode]) .highlight .ld,html:not([data-mode]) .highlight .m,html:not([data-mode]) .highlight .mb,html:not([data-mode]) .highlight .mf,html:not([data-mode]) .highlight .mh,html:not([data-mode]) .highlight .mi,html:not([data-mode]) .highlight .il,html:not([data-mode]) .highlight .mo,html:not([data-mode]) .highlight .mx,html[data-mode=light] .highlight .l,html[data-mode=light] .highlight .ld,html[data-mode=light] .highlight .m,html[data-mode=light] .highlight .mb,html[data-mode=light] .highlight .mf,html[data-mode=light] .highlight .mh,html[data-mode=light] .highlight .mi,html[data-mode=light] .highlight .il,html[data-mode=light] .highlight .mo,html[data-mode=light] .highlight .mx{color:#0550ae}html:not([data-mode]) .highlight .sb,html[data-mode=light] .highlight .sb{color:#0550ae}html:not([data-mode]) .highlight .bp,html[data-mode=light] .highlight .bp{color:#0550ae}html:not([data-mode]) .highlight .ne,html[data-mode=light] .highlight .ne{color:#0550ae}html:not([data-mode]) .highlight .nl,html[data-mode=light] .highlight .nl{color:#0550ae}html:not([data-mode]) .highlight .py,html[data-mode=light] .highlight .py{color:#0550ae}html:not([data-mode]) .highlight .nv,html:not([data-mode]) .highlight .vc,html:not([data-mode]) .highlight .vg,html:not([data-mode]) .highlight .vi,html:not([data-mode]) .highlight .vm,html[data-mode=light] .highlight .nv,html[data-mode=light] .highlight .vc,html[data-mode=light] .highlight .vg,html[data-mode=light] .highlight .vi,html[data-mode=light] .highlight .vm{color:#0550ae}html:not([data-mode]) .highlight .o,html:not([data-mode]) .highlight .ow,html[data-mode=light] .highlight .o,html[data-mode=light] .highlight .ow{color:#0550ae}html:not([data-mode]) .highlight .gh,html[data-mode=light] .highlight .gh{color:#0550ae;font-weight:bold}html:not([data-mode]) .highlight .gu,html[data-mode=light] .highlight .gu{color:#0550ae;font-weight:bold}html:not([data-mode]) .highlight .s,html:not([data-mode]) .highlight .sa,html:not([data-mode]) .highlight .sc,html:not([data-mode]) .highlight .dl,html:not([data-mode]) .highlight .sd,html:not([data-mode]) .highlight .s2,html:not([data-mode]) .highlight .se,html:not([data-mode]) .highlight .sh,html:not([data-mode]) .highlight .sx,html:not([data-mode]) .highlight .s1,html:not([data-mode]) .highlight .ss,html[data-mode=light] .highlight .s,html[data-mode=light] .highlight .sa,html[data-mode=light] .highlight .sc,html[data-mode=light] .highlight .dl,html[data-mode=light] .highlight .sd,html[data-mode=light] .highlight .s2,html[data-mode=light] .highlight .se,html[data-mode=light] .highlight .sh,html[data-mode=light] .highlight .sx,html[data-mode=light] .highlight .s1,html[data-mode=light] .highlight .ss{color:#0a3069}html:not([data-mode]) .highlight .nd,html[data-mode=light] .highlight .nd{color:#8250df}html:not([data-mode]) .highlight .nf,html:not([data-mode]) .highlight .fm,html[data-mode=light] .highlight .nf,html[data-mode=light] .highlight .fm{color:#8250df}html:not([data-mode]) .highlight .err,html[data-mode=light] .highlight .err{color:#f6f8fa;background-color:#82071e}html:not([data-mode]) .highlight .c,html:not([data-mode]) .highlight .ch,html:not([data-mode]) .highlight .cd,html:not([data-mode]) .highlight .cm,html:not([data-mode]) .highlight .cp,html:not([data-mode]) .highlight .cpf,html:not([data-mode]) .highlight .c1,html:not([data-mode]) .highlight .cs,html[data-mode=light] .highlight .c,html[data-mode=light] .highlight .ch,html[data-mode=light] .highlight .cd,html[data-mode=light] .highlight .cm,html[data-mode=light] .highlight .cp,html[data-mode=light] .highlight .cpf,html[data-mode=light] .highlight .c1,html[data-mode=light] .highlight .cs{color:#68717a}html:not([data-mode]) .highlight .gl,html[data-mode=light] .highlight .gl{color:#68717a}html:not([data-mode]) .highlight .gt,html[data-mode=light] .highlight .gt{color:#68717a}html:not([data-mode]) .highlight .ni,html[data-mode=light] .highlight .ni{color:#24292f}html:not([data-mode]) .highlight .si,html[data-mode=light] .highlight .si{color:#24292f}html:not([data-mode]) .highlight .ge,html[data-mode=light] .highlight .ge{color:#24292f;font-style:italic}html:not([data-mode]) .highlight .gs,html[data-mode=light] .highlight .gs{color:#24292f;font-weight:bold}html[data-mode=dark]{--language-border-color: #2d2d2d;--highlight-bg-color: #151515;--highlighter-rouge-color: #c9def1;--highlight-lineno-color: #808080;--inline-code-bg: #323238;--code-color: #b0b0b0;--code-header-text-color: #6a6a6a;--code-header-muted-color: #353535;--code-header-icon-color: #565656;--clipboard-checked-color: #2bcc2b;--filepath-text-color: #cacaca}html[data-mode=dark] .highlight .gp{color:#87939d}html[data-mode=dark] .highlight table td{padding:5px}html[data-mode=dark] .highlight table pre{margin:0}html[data-mode=dark] .highlight,html[data-mode=dark] .highlight .w{color:#d0d0d0;background-color:#151515}html[data-mode=dark] .highlight .err{color:#151515;background-color:#ac4142}html[data-mode=dark] .highlight .c,html[data-mode=dark] .highlight .ch,html[data-mode=dark] .highlight .cd,html[data-mode=dark] .highlight .cm,html[data-mode=dark] .highlight .cpf,html[data-mode=dark] .highlight .c1,html[data-mode=dark] .highlight .cs{color:#848484}html[data-mode=dark] .highlight .cp{color:#f4bf75}html[data-mode=dark] .highlight .nt{color:#f4bf75}html[data-mode=dark] .highlight .o,html[data-mode=dark] .highlight .ow{color:#d0d0d0}html[data-mode=dark] .highlight .p,html[data-mode=dark] .highlight .pi{color:#d0d0d0}html[data-mode=dark] .highlight .gi{color:#90a959}html[data-mode=dark] .highlight .gd{color:#f08a8b;background-color:#320000}html[data-mode=dark] .highlight .gh{color:#6a9fb5;background-color:#151515;font-weight:bold}html[data-mode=dark] .highlight .k,html[data-mode=dark] .highlight .kn,html[data-mode=dark] .highlight .kp,html[data-mode=dark] .highlight .kr,html[data-mode=dark] .highlight .kv{color:#aa759f}html[data-mode=dark] .highlight .kc{color:#d28445}html[data-mode=dark] .highlight .kt{color:#d28445}html[data-mode=dark] .highlight .kd{color:#d28445}html[data-mode=dark] .highlight .s,html[data-mode=dark] .highlight .sb,html[data-mode=dark] .highlight .sc,html[data-mode=dark] .highlight .dl,html[data-mode=dark] .highlight .sd,html[data-mode=dark] .highlight .s2,html[data-mode=dark] .highlight .sh,html[data-mode=dark] .highlight .sx,html[data-mode=dark] .highlight .s1{color:#90a959}html[data-mode=dark] .highlight .sa{color:#aa759f}html[data-mode=dark] .highlight .sr{color:#75b5aa}html[data-mode=dark] .highlight .si{color:#b76d45}html[data-mode=dark] .highlight .se{color:#b76d45}html[data-mode=dark] .highlight .nn{color:#f4bf75}html[data-mode=dark] .highlight .nc{color:#f4bf75}html[data-mode=dark] .highlight .no{color:#f4bf75}html[data-mode=dark] .highlight .na{color:#6a9fb5}html[data-mode=dark] .highlight .m,html[data-mode=dark] .highlight .mb,html[data-mode=dark] .highlight .mf,html[data-mode=dark] .highlight .mh,html[data-mode=dark] .highlight .mi,html[data-mode=dark] .highlight .il,html[data-mode=dark] .highlight .mo,html[data-mode=dark] .highlight .mx{color:#90a959}html[data-mode=dark] .highlight .ss{color:#90a959}}@media(prefers-color-scheme: dark){html:not([data-mode]),html[data-mode=dark]{--language-border-color: #2d2d2d;--highlight-bg-color: #151515;--highlighter-rouge-color: #c9def1;--highlight-lineno-color: #808080;--inline-code-bg: #323238;--code-color: #b0b0b0;--code-header-text-color: #6a6a6a;--code-header-muted-color: #353535;--code-header-icon-color: #565656;--clipboard-checked-color: #2bcc2b;--filepath-text-color: #cacaca}html:not([data-mode]) .highlight .gp,html[data-mode=dark] .highlight .gp{color:#87939d}html:not([data-mode]) .highlight table td,html[data-mode=dark] .highlight table td{padding:5px}html:not([data-mode]) .highlight table pre,html[data-mode=dark] .highlight table pre{margin:0}html:not([data-mode]) .highlight,html:not([data-mode]) .highlight .w,html[data-mode=dark] .highlight,html[data-mode=dark] .highlight .w{color:#d0d0d0;background-color:#151515}html:not([data-mode]) .highlight .err,html[data-mode=dark] .highlight .err{color:#151515;background-color:#ac4142}html:not([data-mode]) .highlight .c,html:not([data-mode]) .highlight .ch,html:not([data-mode]) .highlight .cd,html:not([data-mode]) .highlight .cm,html:not([data-mode]) .highlight .cpf,html:not([data-mode]) .highlight .c1,html:not([data-mode]) .highlight .cs,html[data-mode=dark] .highlight .c,html[data-mode=dark] .highlight .ch,html[data-mode=dark] .highlight .cd,html[data-mode=dark] .highlight .cm,html[data-mode=dark] .highlight .cpf,html[data-mode=dark] .highlight .c1,html[data-mode=dark] .highlight .cs{color:#848484}html:not([data-mode]) .highlight .cp,html[data-mode=dark] .highlight .cp{color:#f4bf75}html:not([data-mode]) .highlight .nt,html[data-mode=dark] .highlight .nt{color:#f4bf75}html:not([data-mode]) .highlight .o,html:not([data-mode]) .highlight .ow,html[data-mode=dark] .highlight .o,html[data-mode=dark] .highlight .ow{color:#d0d0d0}html:not([data-mode]) .highlight .p,html:not([data-mode]) .highlight .pi,html[data-mode=dark] .highlight .p,html[data-mode=dark] .highlight .pi{color:#d0d0d0}html:not([data-mode]) .highlight .gi,html[data-mode=dark] .highlight .gi{color:#90a959}html:not([data-mode]) .highlight .gd,html[data-mode=dark] .highlight .gd{color:#f08a8b;background-color:#320000}html:not([data-mode]) .highlight .gh,html[data-mode=dark] .highlight .gh{color:#6a9fb5;background-color:#151515;font-weight:bold}html:not([data-mode]) .highlight .k,html:not([data-mode]) .highlight .kn,html:not([data-mode]) .highlight .kp,html:not([data-mode]) .highlight .kr,html:not([data-mode]) .highlight .kv,html[data-mode=dark] .highlight .k,html[data-mode=dark] .highlight .kn,html[data-mode=dark] .highlight .kp,html[data-mode=dark] .highlight .kr,html[data-mode=dark] .highlight .kv{color:#aa759f}html:not([data-mode]) .highlight .kc,html[data-mode=dark] .highlight .kc{color:#d28445}html:not([data-mode]) .highlight .kt,html[data-mode=dark] .highlight .kt{color:#d28445}html:not([data-mode]) .highlight .kd,html[data-mode=dark] .highlight .kd{color:#d28445}html:not([data-mode]) .highlight .s,html:not([data-mode]) .highlight .sb,html:not([data-mode]) .highlight .sc,html:not([data-mode]) .highlight .dl,html:not([data-mode]) .highlight .sd,html:not([data-mode]) .highlight .s2,html:not([data-mode]) .highlight .sh,html:not([data-mode]) .highlight .sx,html:not([data-mode]) .highlight .s1,html[data-mode=dark] .highlight .s,html[data-mode=dark] .highlight .sb,html[data-mode=dark] .highlight .sc,html[data-mode=dark] .highlight .dl,html[data-mode=dark] .highlight .sd,html[data-mode=dark] .highlight .s2,html[data-mode=dark] .highlight .sh,html[data-mode=dark] .highlight .sx,html[data-mode=dark] .highlight .s1{color:#90a959}html:not([data-mode]) .highlight .sa,html[data-mode=dark] .highlight .sa{color:#aa759f}html:not([data-mode]) .highlight .sr,html[data-mode=dark] .highlight .sr{color:#75b5aa}html:not([data-mode]) .highlight .si,html[data-mode=dark] .highlight .si{color:#b76d45}html:not([data-mode]) .highlight .se,html[data-mode=dark] .highlight .se{color:#b76d45}html:not([data-mode]) .highlight .nn,html[data-mode=dark] .highlight .nn{color:#f4bf75}html:not([data-mode]) .highlight .nc,html[data-mode=dark] .highlight .nc{color:#f4bf75}html:not([data-mode]) .highlight .no,html[data-mode=dark] .highlight .no{color:#f4bf75}html:not([data-mode]) .highlight .na,html[data-mode=dark] .highlight .na{color:#6a9fb5}html:not([data-mode]) .highlight .m,html:not([data-mode]) .highlight .mb,html:not([data-mode]) .highlight .mf,html:not([data-mode]) .highlight .mh,html:not([data-mode]) .highlight .mi,html:not([data-mode]) .highlight .il,html:not([data-mode]) .highlight .mo,html:not([data-mode]) .highlight .mx,html[data-mode=dark] .highlight .m,html[data-mode=dark] .highlight .mb,html[data-mode=dark] .highlight .mf,html[data-mode=dark] .highlight .mh,html[data-mode=dark] .highlight .mi,html[data-mode=dark] .highlight .il,html[data-mode=dark] .highlight .mo,html[data-mode=dark] .highlight .mx{color:#90a959}html:not([data-mode]) .highlight .ss,html[data-mode=dark] .highlight .ss{color:#90a959}html[data-mode=light]{--language-border-color: #ececec;--highlight-bg-color: #f6f8fa;--highlighter-rouge-color: #3f596f;--highlight-lineno-color: #9e9e9e;--inline-code-bg: #f6f6f7;--code-color: #3a3a3a;--code-header-text-color: #a3a3a3;--code-header-muted-color: #e5e5e5;--code-header-icon-color: #c9c8c8;--clipboard-checked-color: #43c743}html[data-mode=light] [class^=prompt-]{--inline-code-bg: #fbfafa}html[data-mode=light] .highlight table td{padding:5px}html[data-mode=light] .highlight table pre{margin:0}html[data-mode=light] .highlight,html[data-mode=light] .highlight .w{color:#24292f;background-color:#f6f8fa}html[data-mode=light] .highlight .k,html[data-mode=light] .highlight .kd,html[data-mode=light] .highlight .kn,html[data-mode=light] .highlight .kp,html[data-mode=light] .highlight .kr,html[data-mode=light] .highlight .kt,html[data-mode=light] .highlight .kv{color:#cf222e}html[data-mode=light] .highlight .gr{color:#f6f8fa}html[data-mode=light] .highlight .gd{color:#82071e;background-color:#ffebe9}html[data-mode=light] .highlight .nb{color:#953800}html[data-mode=light] .highlight .nc{color:#953800}html[data-mode=light] .highlight .no{color:#953800}html[data-mode=light] .highlight .nn{color:#953800}html[data-mode=light] .highlight .sr{color:#116329}html[data-mode=light] .highlight .na{color:#116329}html[data-mode=light] .highlight .nt{color:#116329}html[data-mode=light] .highlight .gi{color:#116329;background-color:#dafbe1}html[data-mode=light] .highlight .kc{color:#0550ae}html[data-mode=light] .highlight .l,html[data-mode=light] .highlight .ld,html[data-mode=light] .highlight .m,html[data-mode=light] .highlight .mb,html[data-mode=light] .highlight .mf,html[data-mode=light] .highlight .mh,html[data-mode=light] .highlight .mi,html[data-mode=light] .highlight .il,html[data-mode=light] .highlight .mo,html[data-mode=light] .highlight .mx{color:#0550ae}html[data-mode=light] .highlight .sb{color:#0550ae}html[data-mode=light] .highlight .bp{color:#0550ae}html[data-mode=light] .highlight .ne{color:#0550ae}html[data-mode=light] .highlight .nl{color:#0550ae}html[data-mode=light] .highlight .py{color:#0550ae}html[data-mode=light] .highlight .nv,html[data-mode=light] .highlight .vc,html[data-mode=light] .highlight .vg,html[data-mode=light] .highlight .vi,html[data-mode=light] .highlight .vm{color:#0550ae}html[data-mode=light] .highlight .o,html[data-mode=light] .highlight .ow{color:#0550ae}html[data-mode=light] .highlight .gh{color:#0550ae;font-weight:bold}html[data-mode=light] .highlight .gu{color:#0550ae;font-weight:bold}html[data-mode=light] .highlight .s,html[data-mode=light] .highlight .sa,html[data-mode=light] .highlight .sc,html[data-mode=light] .highlight .dl,html[data-mode=light] .highlight .sd,html[data-mode=light] .highlight .s2,html[data-mode=light] .highlight .se,html[data-mode=light] .highlight .sh,html[data-mode=light] .highlight .sx,html[data-mode=light] .highlight .s1,html[data-mode=light] .highlight .ss{color:#0a3069}html[data-mode=light] .highlight .nd{color:#8250df}html[data-mode=light] .highlight .nf,html[data-mode=light] .highlight .fm{color:#8250df}html[data-mode=light] .highlight .err{color:#f6f8fa;background-color:#82071e}html[data-mode=light] .highlight .c,html[data-mode=light] .highlight .ch,html[data-mode=light] .highlight .cd,html[data-mode=light] .highlight .cm,html[data-mode=light] .highlight .cp,html[data-mode=light] .highlight .cpf,html[data-mode=light] .highlight .c1,html[data-mode=light] .highlight .cs{color:#68717a}html[data-mode=light] .highlight .gl{color:#68717a}html[data-mode=light] .highlight .gt{color:#68717a}html[data-mode=light] .highlight .ni{color:#24292f}html[data-mode=light] .highlight .si{color:#24292f}html[data-mode=light] .highlight .ge{color:#24292f;font-style:italic}html[data-mode=light] .highlight .gs{color:#24292f;font-weight:bold}}div[class^=language-],figure.highlight,.highlight{background-color:var(--highlight-bg-color)}td.rouge-code{padding-left:1rem;padding-right:1.5rem}.highlighter-rouge{color:var(--highlighter-rouge-color);margin-top:.5rem;margin-bottom:1.2em}.highlight{overflow:auto;padding-bottom:.75rem}.highlight pre{margin-bottom:0;font-size:.85rem;line-height:1.4rem;word-wrap:normal}.highlight table td:first-child{display:inline-block;margin-left:1rem;margin-right:.75rem}.highlight table td:last-child{padding-right:2rem !important}.highlight table td pre{overflow:visible;word-break:normal}.highlight .lineno{text-align:right;color:var(--highlight-lineno-color);-webkit-user-select:none;-moz-user-select:none;-o-user-select:none;-ms-user-select:none;user-select:none}code{-webkit-hyphens:none;-ms-hyphens:none;hyphens:none;color:var(--code-color)}code.highlighter-rouge{font-size:.85rem;padding:3px 5px;word-break:break-word;border-radius:4px;background-color:var(--inline-code-bg)}code.filepath{background-color:inherit;color:var(--filepath-text-color);font-weight:600;padding:0}a>code.highlighter-rouge{padding-bottom:0;color:inherit}a:hover>code.highlighter-rouge{border-bottom:none}blockquote code{color:inherit}td.rouge-code a{color:inherit !important;border-bottom:none !important;pointer-events:none}div[class^=language-]{box-shadow:var(--language-border-color) 0 0 0 1px}.content>div[class^=language-]{margin-left:-1rem;margin-right:-1rem;border-radius:0}div[class^=language-] .highlight{border-top-left-radius:0;border-top-right-radius:0}div.nolineno td:first-child,div.language-plaintext td:first-child,div.language-console td:first-child,div.language-terminal td:first-child{padding:0 !important;margin-right:0}div.nolineno td:first-child .lineno,div.language-plaintext td:first-child .lineno,div.language-console td:first-child .lineno,div.language-terminal td:first-child .lineno{display:none}.code-header{display:flex;justify-content:space-between;align-items:center;height:2.25rem;margin-left:.75rem;margin-right:.25rem}.code-header span{line-height:2.25rem}.code-header span i{font-size:1rem;width:1.75rem;color:var(--code-header-icon-color)}.code-header span i.small{font-size:70%}[file] .code-header span>i{position:relative;top:1px}.code-header span::after{content:attr(data-label-text);font-size:.85rem;font-weight:600;color:var(--code-header-text-color)}.code-header button{border:1px solid rgba(0,0,0,0);height:2.25rem;width:2.25rem;padding:0;background-color:inherit}.code-header button i{color:var(--code-header-icon-color)}.code-header button[timeout]:hover{border-color:var(--clipboard-checked-color)}.code-header button[timeout] i{color:var(--clipboard-checked-color)}.code-header button:focus{outline:none}.code-header button:not([timeout]):hover{background-color:rgba(128,128,128,.37)}.code-header button:not([timeout]):hover i{color:#fff}@media all and (min-width: 576px){.content>div[class^=language-]{margin-left:0;margin-right:0;border-radius:.625rem}div[class^=language-] .code-header{margin-left:0;margin-right:0}div[class^=language-] .code-header::before{content:"";display:inline-block;margin-left:1rem;width:.75rem;height:.75rem;border-radius:50%;background-color:var(--code-header-muted-color);box-shadow:1.25rem 0 0 var(--code-header-muted-color),2.5rem 0 0 var(--code-header-muted-color)}div[class^=language-] .code-header span{margin-left:-0.875rem}}html{font-size:16px}@media(prefers-color-scheme: light){html:not([data-mode]),html[data-mode=light]{--main-bg: white;--mask-bg: #c1c3c5;--main-border-color: #f3f3f3;--text-color: #34343c;--text-muted-color: #757575;--text-muted-hightlight-color: inherit;--heading-color: #2a2a2a;--label-color: #585858;--blockquote-border-color: #eeeeee;--blockquote-text-color: #757575;--link-color: #0056b2;--link-underline-color: #dee2e6;--button-bg: #ffffff;--btn-border-color: #e9ecef;--btn-backtotop-color: #686868;--btn-backtotop-border-color: #f1f1f1;--btn-box-shadow: #eaeaea;--checkbox-color: #c5c5c5;--checkbox-checked-color: #07a8f7;--img-bg: radial-gradient( circle, rgb(255, 255, 255) 0%, rgb(239, 239, 239) 100% );--shimmer-bg: linear-gradient( 90deg, rgba(250, 250, 250, 0) 0%, rgba(232, 230, 230, 1) 50%, rgba(250, 250, 250, 0) 100% );--site-title-color: rgb(113, 113, 113);--site-subtitle-color: #717171;--sidebar-bg: #f6f8fa;--sidebar-border-color: #efefef;--sidebar-muted-color: #545454;--sidebar-active-color: #1d1d1d;--sidebar-hover-bg: rgb(223, 233, 241, 0.64);--sidebar-btn-bg: white;--sidebar-btn-color: #8e8e8e;--avatar-border-color: white;--topbar-bg: rgb(255, 255, 255, 0.7);--topbar-text-color: rgb(78, 78, 78);--search-border-color: rgb(240, 240, 240);--search-icon-color: #c2c6cc;--input-focus-border-color: #b8b8b8;--post-list-text-color: dimgray;--btn-patinator-text-color: #555555;--btn-paginator-hover-color: var(--sidebar-bg);--toc-highlight: #0550ae;--btn-share-color: gray;--btn-share-hover-color: #0d6efd;--card-bg: white;--card-hovor-bg: #e2e2e2;--card-shadow: rgb(104, 104, 104, 0.05) 0 2px 6px 0, rgba(211, 209, 209, 0.15) 0 0 0 1px;--footnote-target-bg: lightcyan;--tb-odd-bg: #fbfcfd;--tb-border-color: #eaeaea;--dash-color: silver;--kbd-wrap-color: #bdbdbd;--kbd-text-color: var(--text-color);--kbd-bg-color: white;--prompt-text-color: rgb(46, 46, 46, 0.77);--prompt-tip-bg: rgb(123, 247, 144, 0.2);--prompt-tip-icon-color: #03b303;--prompt-info-bg: #e1f5fe;--prompt-info-icon-color: #0070cb;--prompt-warning-bg: rgb(255, 243, 205);--prompt-warning-icon-color: #ef9c03;--prompt-danger-bg: rgb(248, 215, 218, 0.56);--prompt-danger-icon-color: #df3c30;--tag-border: #dee2e6;--tag-shadow: var(--btn-border-color);--tag-hover: rgb(222, 226, 230);--search-tag-bg: #f8f9fa;--categories-border: rgba(0, 0, 0, 0.125);--categories-hover-bg: var(--btn-border-color);--categories-icon-hover-color: darkslategray;--timeline-color: rgba(0, 0, 0, 0.075);--timeline-node-bg: #c2c6cc;--timeline-year-dot-color: #ffffff}html:not([data-mode]) [class^=prompt-],html[data-mode=light] [class^=prompt-]{--link-underline-color: rgb(219, 216, 216)}html:not([data-mode]) .dark,html[data-mode=light] .dark{display:none}html[data-mode=dark]{--main-bg: rgb(27, 27, 30);--mask-bg: rgb(68, 69, 70);--main-border-color: rgb(44, 45, 45);--text-color: rgb(175, 176, 177);--text-muted-color: #868686;--text-muted-hightlight-color: #aeaeae;--heading-color: #cccccc;--label-color: #a7a7a7;--blockquote-border-color: rgb(66, 66, 66);--blockquote-text-color: #868686;--link-color: rgb(138, 180, 248);--link-underline-color: rgb(82, 108, 150);--button-bg: #1e1e1e;--btn-border-color: #2e2f31;--btn-backtotop-color: var(--text-color);--btn-backtotop-border-color: #212122;--btn-box-shadow: var(--main-bg);--card-header-bg: #292929;--checkbox-color: rgb(118, 120, 121);--checkbox-checked-color: var(--link-color);--img-bg: radial-gradient(circle, rgb(22, 22, 24) 0%, rgb(32, 32, 32) 100%);--shimmer-bg: linear-gradient( 90deg, rgba(255, 255, 255, 0) 0%, rgba(58, 55, 55, 0.4) 50%, rgba(255, 255, 255, 0) 100% );--site-title-color: #717070;--site-subtitle-color: #868686;--sidebar-bg: #1e1e1e;--sidebar-border-color: #292929;--sidebar-muted-color: #868686;--sidebar-active-color: rgb(255, 255, 255, 0.95);--sidebar-hover-bg: #262626;--sidebar-btn-bg: #232328;--sidebar-btn-color: #787878;--avatar-border-color: rgb(206, 206, 206, 0.9);--topbar-bg: rgb(27, 27, 30, 0.64);--topbar-text-color: var(--text-color);--search-border-color: rgb(55, 55, 55);--search-icon-color: rgb(100, 102, 105);--input-focus-border-color: rgb(112, 114, 115);--post-list-text-color: rgb(175, 176, 177);--btn-patinator-text-color: var(--text-color);--btn-paginator-hover-color: #2e2e2e;--toc-highlight: rgb(116, 178, 243);--tag-hover: rgb(43, 56, 62);--tb-odd-bg: #252526;--tb-even-bg: rgb(31, 31, 34);--tb-border-color: var(--tb-odd-bg);--footnote-target-bg: rgb(63, 81, 181);--btn-share-color: #6c757d;--btn-share-hover-color: #bfc1ca;--card-bg: #1e1e1e;--card-hovor-bg: #464d51;--card-shadow: rgb(21, 21, 21, 0.72) 0 6px 18px 0, rgb(137, 135, 135, 0.24) 0 0 0 1px;--kbd-wrap-color: #6a6a6a;--kbd-text-color: #d3d3d3;--kbd-bg-color: #242424;--prompt-text-color: rgb(216, 212, 212, 0.75);--prompt-tip-bg: rgb(22, 60, 36, 0.64);--prompt-tip-icon-color: rgb(15, 164, 15, 0.81);--prompt-info-bg: rgb(7, 59, 104, 0.8);--prompt-info-icon-color: #0075d1;--prompt-warning-bg: rgb(90, 69, 3, 0.88);--prompt-warning-icon-color: rgb(255, 165, 0, 0.8);--prompt-danger-bg: rgb(86, 28, 8, 0.8);--prompt-danger-icon-color: #cd0202;--tag-border: rgb(59, 79, 88);--tag-shadow: rgb(32, 33, 33);--dash-color: rgb(63, 65, 68);--search-tag-bg: #292828;--categories-border: rgb(64, 66, 69, 0.5);--categories-hover-bg: rgb(73, 75, 76);--categories-icon-hover-color: white;--timeline-node-bg: rgb(150, 152, 156);--timeline-color: rgb(63, 65, 68);--timeline-year-dot-color: var(--timeline-color);color-scheme:dark}html[data-mode=dark] .light{display:none}html[data-mode=dark] hr{border-color:var(--main-border-color)}html[data-mode=dark] .categories.card,html[data-mode=dark] .list-group-item{background-color:var(--card-bg)}html[data-mode=dark] .categories .card-header{background-color:var(--card-header-bg)}html[data-mode=dark] .categories .list-group-item{border-left:none;border-right:none;padding-left:2rem;border-color:var(--categories-border)}html[data-mode=dark] .categories .list-group-item:last-child{border-bottom-color:var(--card-bg)}html[data-mode=dark] #archives li:nth-child(odd){background-image:linear-gradient(to left, rgb(26, 26, 30), rgb(39, 39, 45), rgb(39, 39, 45), rgb(39, 39, 45), rgb(26, 26, 30))}html[data-mode=dark] #disqus_thread{color-scheme:none}}@media(prefers-color-scheme: dark){html:not([data-mode]),html[data-mode=dark]{--main-bg: rgb(27, 27, 30);--mask-bg: rgb(68, 69, 70);--main-border-color: rgb(44, 45, 45);--text-color: rgb(175, 176, 177);--text-muted-color: #868686;--text-muted-hightlight-color: #aeaeae;--heading-color: #cccccc;--label-color: #a7a7a7;--blockquote-border-color: rgb(66, 66, 66);--blockquote-text-color: #868686;--link-color: rgb(138, 180, 248);--link-underline-color: rgb(82, 108, 150);--button-bg: #1e1e1e;--btn-border-color: #2e2f31;--btn-backtotop-color: var(--text-color);--btn-backtotop-border-color: #212122;--btn-box-shadow: var(--main-bg);--card-header-bg: #292929;--checkbox-color: rgb(118, 120, 121);--checkbox-checked-color: var(--link-color);--img-bg: radial-gradient(circle, rgb(22, 22, 24) 0%, rgb(32, 32, 32) 100%);--shimmer-bg: linear-gradient( 90deg, rgba(255, 255, 255, 0) 0%, rgba(58, 55, 55, 0.4) 50%, rgba(255, 255, 255, 0) 100% );--site-title-color: #717070;--site-subtitle-color: #868686;--sidebar-bg: #1e1e1e;--sidebar-border-color: #292929;--sidebar-muted-color: #868686;--sidebar-active-color: rgb(255, 255, 255, 0.95);--sidebar-hover-bg: #262626;--sidebar-btn-bg: #232328;--sidebar-btn-color: #787878;--avatar-border-color: rgb(206, 206, 206, 0.9);--topbar-bg: rgb(27, 27, 30, 0.64);--topbar-text-color: var(--text-color);--search-border-color: rgb(55, 55, 55);--search-icon-color: rgb(100, 102, 105);--input-focus-border-color: rgb(112, 114, 115);--post-list-text-color: rgb(175, 176, 177);--btn-patinator-text-color: var(--text-color);--btn-paginator-hover-color: #2e2e2e;--toc-highlight: rgb(116, 178, 243);--tag-hover: rgb(43, 56, 62);--tb-odd-bg: #252526;--tb-even-bg: rgb(31, 31, 34);--tb-border-color: var(--tb-odd-bg);--footnote-target-bg: rgb(63, 81, 181);--btn-share-color: #6c757d;--btn-share-hover-color: #bfc1ca;--card-bg: #1e1e1e;--card-hovor-bg: #464d51;--card-shadow: rgb(21, 21, 21, 0.72) 0 6px 18px 0, rgb(137, 135, 135, 0.24) 0 0 0 1px;--kbd-wrap-color: #6a6a6a;--kbd-text-color: #d3d3d3;--kbd-bg-color: #242424;--prompt-text-color: rgb(216, 212, 212, 0.75);--prompt-tip-bg: rgb(22, 60, 36, 0.64);--prompt-tip-icon-color: rgb(15, 164, 15, 0.81);--prompt-info-bg: rgb(7, 59, 104, 0.8);--prompt-info-icon-color: #0075d1;--prompt-warning-bg: rgb(90, 69, 3, 0.88);--prompt-warning-icon-color: rgb(255, 165, 0, 0.8);--prompt-danger-bg: rgb(86, 28, 8, 0.8);--prompt-danger-icon-color: #cd0202;--tag-border: rgb(59, 79, 88);--tag-shadow: rgb(32, 33, 33);--dash-color: rgb(63, 65, 68);--search-tag-bg: #292828;--categories-border: rgb(64, 66, 69, 0.5);--categories-hover-bg: rgb(73, 75, 76);--categories-icon-hover-color: white;--timeline-node-bg: rgb(150, 152, 156);--timeline-color: rgb(63, 65, 68);--timeline-year-dot-color: var(--timeline-color);color-scheme:dark}html:not([data-mode]) .light,html[data-mode=dark] .light{display:none}html:not([data-mode]) hr,html[data-mode=dark] hr{border-color:var(--main-border-color)}html:not([data-mode]) .categories.card,html:not([data-mode]) .list-group-item,html[data-mode=dark] .categories.card,html[data-mode=dark] .list-group-item{background-color:var(--card-bg)}html:not([data-mode]) .categories .card-header,html[data-mode=dark] .categories .card-header{background-color:var(--card-header-bg)}html:not([data-mode]) .categories .list-group-item,html[data-mode=dark] .categories .list-group-item{border-left:none;border-right:none;padding-left:2rem;border-color:var(--categories-border)}html:not([data-mode]) .categories .list-group-item:last-child,html[data-mode=dark] .categories .list-group-item:last-child{border-bottom-color:var(--card-bg)}html:not([data-mode]) #archives li:nth-child(odd),html[data-mode=dark] #archives li:nth-child(odd){background-image:linear-gradient(to left, rgb(26, 26, 30), rgb(39, 39, 45), rgb(39, 39, 45), rgb(39, 39, 45), rgb(26, 26, 30))}html:not([data-mode]) #disqus_thread,html[data-mode=dark] #disqus_thread{color-scheme:none}html[data-mode=light]{--main-bg: white;--mask-bg: #c1c3c5;--main-border-color: #f3f3f3;--text-color: #34343c;--text-muted-color: #757575;--text-muted-hightlight-color: inherit;--heading-color: #2a2a2a;--label-color: #585858;--blockquote-border-color: #eeeeee;--blockquote-text-color: #757575;--link-color: #0056b2;--link-underline-color: #dee2e6;--button-bg: #ffffff;--btn-border-color: #e9ecef;--btn-backtotop-color: #686868;--btn-backtotop-border-color: #f1f1f1;--btn-box-shadow: #eaeaea;--checkbox-color: #c5c5c5;--checkbox-checked-color: #07a8f7;--img-bg: radial-gradient( circle, rgb(255, 255, 255) 0%, rgb(239, 239, 239) 100% );--shimmer-bg: linear-gradient( 90deg, rgba(250, 250, 250, 0) 0%, rgba(232, 230, 230, 1) 50%, rgba(250, 250, 250, 0) 100% );--site-title-color: rgb(113, 113, 113);--site-subtitle-color: #717171;--sidebar-bg: #f6f8fa;--sidebar-border-color: #efefef;--sidebar-muted-color: #545454;--sidebar-active-color: #1d1d1d;--sidebar-hover-bg: rgb(223, 233, 241, 0.64);--sidebar-btn-bg: white;--sidebar-btn-color: #8e8e8e;--avatar-border-color: white;--topbar-bg: rgb(255, 255, 255, 0.7);--topbar-text-color: rgb(78, 78, 78);--search-border-color: rgb(240, 240, 240);--search-icon-color: #c2c6cc;--input-focus-border-color: #b8b8b8;--post-list-text-color: dimgray;--btn-patinator-text-color: #555555;--btn-paginator-hover-color: var(--sidebar-bg);--toc-highlight: #0550ae;--btn-share-color: gray;--btn-share-hover-color: #0d6efd;--card-bg: white;--card-hovor-bg: #e2e2e2;--card-shadow: rgb(104, 104, 104, 0.05) 0 2px 6px 0, rgba(211, 209, 209, 0.15) 0 0 0 1px;--footnote-target-bg: lightcyan;--tb-odd-bg: #fbfcfd;--tb-border-color: #eaeaea;--dash-color: silver;--kbd-wrap-color: #bdbdbd;--kbd-text-color: var(--text-color);--kbd-bg-color: white;--prompt-text-color: rgb(46, 46, 46, 0.77);--prompt-tip-bg: rgb(123, 247, 144, 0.2);--prompt-tip-icon-color: #03b303;--prompt-info-bg: #e1f5fe;--prompt-info-icon-color: #0070cb;--prompt-warning-bg: rgb(255, 243, 205);--prompt-warning-icon-color: #ef9c03;--prompt-danger-bg: rgb(248, 215, 218, 0.56);--prompt-danger-icon-color: #df3c30;--tag-border: #dee2e6;--tag-shadow: var(--btn-border-color);--tag-hover: rgb(222, 226, 230);--search-tag-bg: #f8f9fa;--categories-border: rgba(0, 0, 0, 0.125);--categories-hover-bg: var(--btn-border-color);--categories-icon-hover-color: darkslategray;--timeline-color: rgba(0, 0, 0, 0.075);--timeline-node-bg: #c2c6cc;--timeline-year-dot-color: #ffffff}html[data-mode=light] [class^=prompt-]{--link-underline-color: rgb(219, 216, 216)}html[data-mode=light] .dark{display:none}}body{background:var(--main-bg);padding:env(safe-area-inset-top) env(safe-area-inset-right) env(safe-area-inset-bottom) env(safe-area-inset-left);color:var(--text-color);-webkit-font-smoothing:antialiased;font-family:"Source Sans Pro","Microsoft Yahei",sans-serif}h1{font-size:1.92rem}h2{font-size:1.54rem}h3{font-size:1.36rem}h4{font-size:1.18rem}h5{font-size:1rem}a{text-decoration:none}img{max-width:100%;height:auto;transition:all .35s ease-in-out}.blur img{-webkit-filter:blur(20px);filter:blur(20px)}blockquote{border-left:5px solid var(--blockquote-border-color);padding-left:1rem;color:var(--blockquote-text-color)}blockquote>p:last-child{margin-bottom:0}blockquote[class^=prompt-]{border-left:0;position:relative;padding:1rem 1rem 1rem 3rem;color:var(--prompt-text-color)}blockquote[class^=prompt-]::before{text-align:center;width:3rem;position:absolute;left:.25rem;margin-top:.4rem;text-rendering:auto;-webkit-font-smoothing:antialiased}blockquote.prompt-tip{background-color:var(--prompt-tip-bg)}blockquote.prompt-tip::before{content:"";color:var(--prompt-tip-icon-color);font:var(--fa-font-regular)}blockquote.prompt-info{background-color:var(--prompt-info-bg)}blockquote.prompt-info::before{content:"";color:var(--prompt-info-icon-color);font:var(--fa-font-solid)}blockquote.prompt-warning{background-color:var(--prompt-warning-bg)}blockquote.prompt-warning::before{content:"";color:var(--prompt-warning-icon-color);font:var(--fa-font-solid)}blockquote.prompt-danger{background-color:var(--prompt-danger-bg)}blockquote.prompt-danger::before{content:"";color:var(--prompt-danger-icon-color);font:var(--fa-font-solid)}kbd{font-family:inherit;display:inline-block;vertical-align:middle;line-height:1.3rem;min-width:1.75rem;text-align:center;margin:0 .3rem;padding-top:.1rem;color:var(--kbd-text-color);background-color:var(--kbd-bg-color);border-radius:.25rem;border:solid 1px var(--kbd-wrap-color);box-shadow:inset 0 -2px 0 var(--kbd-wrap-color)}footer{background-color:var(--main-bg);height:5rem;border-top:1px solid var(--main-border-color)}footer p{text-align:center;margin-bottom:0}.access{top:2rem;transition:top .2s ease-in-out;margin-top:3rem;margin-bottom:4rem}.access:only-child{position:-webkit-sticky;position:sticky}.access>section{padding-left:1rem;border-left:1px solid var(--main-border-color)}.access>section:not(:last-child){margin-bottom:4rem}.access .content{font-size:.9rem}#panel-wrapper .panel-heading{font-family:inherit;line-height:inherit;color:var(--label-color);font-size:inherit;font-weight:600}#panel-wrapper .post-tag{line-height:1.05rem;font-size:.85rem;border-radius:.8rem;padding:.3rem .5rem;margin:0 .35rem .5rem 0}#panel-wrapper .post-tag:hover{transition:all .3s ease-in}#access-lastmod a{color:inherit}.footnotes>ol{padding-left:2rem;margin-top:.5rem}.footnotes>ol>li:not(:last-child){margin-bottom:.3rem}.footnotes>ol>li>p{margin-left:.25em;margin-top:0;margin-bottom:0}a.footnote{margin-left:1px;margin-right:1px;padding-left:2px;padding-right:2px;border-bottom-style:none !important}a.reversefootnote{font-size:.6rem;line-height:1;position:relative;bottom:.25em;margin-left:.25em;border-bottom-style:none !important}.table-wrapper{overflow-x:auto;margin-bottom:1.5rem}.table-wrapper>table{min-width:100%;overflow-x:auto;border-spacing:0}.table-wrapper>table thead{border-bottom:solid 2px rgba(210,215,217,.75)}.table-wrapper>table tbody tr{border-bottom:1px solid var(--tb-border-color)}.table-wrapper>table tbody tr:nth-child(2n){background-color:var(--tb-even-bg)}.table-wrapper>table tbody tr:nth-child(2n+1){background-color:var(--tb-odd-bg)}.preview-img{aspect-ratio:40/21;width:100%;height:100%;overflow:hidden}.preview-img:not(.no-bg){background:var(--img-bg)}.preview-img img{height:100%;-o-object-fit:cover;object-fit:cover}#post-list .preview-img img{width:100%}.post-preview{border:0;background:var(--card-bg);box-shadow:var(--card-shadow)}.post-preview::before{content:"";width:100%;height:100%;position:absolute;background-color:var(--card-hovor-bg);opacity:0;transition:opacity .35s ease-in-out}.post-preview:hover::before{opacity:.3}main{line-height:1.75}main h1{margin-top:2rem;margin-bottom:1.5rem}main p>a.popup:not(.normal):not(.left):not(.right){position:relative;left:50%;transform:translateX(-50%)}.content{font-size:1.08rem;margin-top:2rem;overflow-wrap:break-word}.content a.popup{margin-top:.5rem;margin-bottom:.5rem;cursor:zoom-in}.content ol:not([class]),.content ol.task-list,.content ul:not([class]),.content ul.task-list{-webkit-padding-start:1.75rem;padding-inline-start:1.75rem}.content ol:not([class]) li,.content ol.task-list li,.content ul:not([class]) li,.content ul.task-list li{margin:.25rem 0;padding-left:.25rem}.content ol:not([class]) ol,.content ol:not([class]) ul,.content ol.task-list ol,.content ol.task-list ul,.content ul:not([class]) ol,.content ul:not([class]) ul,.content ul.task-list ol,.content ul.task-list ul{-webkit-padding-start:1.25rem;padding-inline-start:1.25rem;margin:.5rem 0}.content ul.task-list{-webkit-padding-start:1.25rem;padding-inline-start:1.25rem}.content ul.task-list li{list-style-type:none;padding-left:0}.content ul.task-list li>i{width:2rem;margin-left:-1.25rem;color:var(--checkbox-color)}.content ul.task-list li>i.checked{color:var(--checkbox-checked-color)}.content ul.task-list li ul{-webkit-padding-start:1.75rem;padding-inline-start:1.75rem}.content ul.task-list input[type=checkbox]{margin:0 .5rem .2rem -1.3rem;vertical-align:middle}.content dl>dd{margin-left:1rem}.content ::marker{color:var(--text-muted-color)}.post-tag{display:inline-block;min-width:2rem;text-align:center;border-radius:.5rem;border:1px solid var(--btn-border-color);padding:0 .4rem;color:var(--text-muted-color);line-height:1.3rem}.post-tag:not(:last-child){margin-right:.2rem}.rounded-10{border-radius:10px !important}.img-link{color:rgba(0,0,0,0);display:inline-flex}.shimmer{overflow:hidden;position:relative;background:var(--img-bg)}.shimmer::before{content:"";position:absolute;background:var(--shimmer-bg);height:100%;width:100%;-webkit-animation:shimmer 1.3s infinite;animation:shimmer 1.3s infinite}@-webkit-keyframes shimmer{0%{transform:translateX(-100%)}100%{transform:translateX(100%)}}@keyframes shimmer{0%{transform:translateX(-100%)}100%{transform:translateX(100%)}}.embed-video{width:100%;height:100%;margin-bottom:1rem}.embed-video.youtube,.embed-video.bilibili{aspect-ratio:16/9}.embed-video.twitch{aspect-ratio:310/189}.btn-lang{border:1px solid !important;padding:1px 3px;border-radius:3px;color:var(--link-color)}.btn-lang:focus{box-shadow:none}.loaded{display:block !important}.d-flex.loaded{display:flex !important}.unloaded{display:none !important}.visible{visibility:visible !important}.hidden{visibility:hidden !important}.flex-grow-1{flex-grow:1 !important}.btn-box-shadow{box-shadow:var(--card-shadow)}.text-muted{color:var(--text-muted-color) !important}.tooltip-inner{font-size:.7rem;max-width:220px;text-align:left}.btn.btn-outline-primary:not(.disabled):hover{border-color:#007bff !important}.disabled{color:#cec4c4;pointer-events:auto;cursor:not-allowed}.hide-border-bottom{border-bottom:none !important}.input-focus{box-shadow:none;border-color:var(--input-focus-border-color) !important;background:center !important;transition:background-color .15s ease-in-out,border-color .15s ease-in-out}.left{float:left;margin:.75rem 1rem 1rem 0}.right{float:right;margin:.75rem 0 1rem 1rem}figure .mfp-title{text-align:center;padding-right:0;margin-top:.5rem}.mfp-img{transition:none}.mermaid{text-align:center}mjx-container{overflow-y:hidden;min-width:auto !important}#sidebar{padding-left:0;padding-right:0;position:fixed;top:0;left:0;height:100%;overflow-y:auto;width:260px;z-index:99;background:var(--sidebar-bg);border-right:1px solid var(--sidebar-border-color);-ms-overflow-style:none;scrollbar-width:none}#sidebar::-webkit-scrollbar{display:none}#sidebar .sidebar-bottom .mode-toggle:hover,#sidebar .sidebar-bottom a:hover,#sidebar .site-title a:hover{color:var(--sidebar-active-color)}#sidebar #avatar{display:block;width:7rem;height:7rem;overflow:hidden;box-shadow:var(--avatar-border-color) 0 0 0 2px;transform:translateZ(0)}#sidebar #avatar img{transition:transform .5s}#sidebar #avatar img:hover{transform:scale(1.2)}#sidebar .profile-wrapper{margin-top:2.5rem;margin-bottom:2.5rem;padding-left:2.5rem;padding-right:1.25rem;width:100%}#sidebar .site-title{font-family:inherit;font-weight:900;font-size:1.75rem;line-height:1.2;letter-spacing:.25px;margin-top:1.25rem;margin-bottom:.5rem}#sidebar .site-title a{color:var(--site-title-color)}#sidebar .site-subtitle{font-size:95%;color:var(--site-subtitle-color);margin-top:.25rem;word-spacing:1px;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none}#sidebar ul{margin-bottom:2rem}#sidebar ul li.nav-item{opacity:.9;width:100%;padding-left:1.5rem;padding-right:1.5rem}#sidebar ul li.nav-item a.nav-link{padding-top:.6rem;padding-bottom:.6rem;display:flex;align-items:center;border-radius:.75rem;font-weight:600}#sidebar ul li.nav-item a.nav-link:hover{background-color:var(--sidebar-hover-bg)}#sidebar ul li.nav-item a.nav-link i{font-size:95%;opacity:.8;margin-right:1.5rem}#sidebar ul li.nav-item a.nav-link span{font-size:90%;letter-spacing:.2px}#sidebar ul li.nav-item.active .nav-link{color:var(--sidebar-active-color);background-color:var(--sidebar-hover-bg)}#sidebar ul li.nav-item.active .nav-link span{opacity:1}#sidebar ul li.nav-item:not(:first-child){margin-top:.25rem}#sidebar .sidebar-bottom{padding-left:2rem;padding-right:1rem;margin-bottom:1.5rem}#sidebar .sidebar-bottom .mode-toggle,#sidebar .sidebar-bottom a{width:1.75rem;height:1.75rem;margin-bottom:.5rem;border-radius:50%;color:var(--sidebar-btn-color);background-color:var(--sidebar-btn-bg);text-align:center;display:flex;align-items:center;justify-content:center;box-shadow:var(--sidebar-border-color) 0 0 0 1px}#sidebar .sidebar-bottom .mode-toggle:hover,#sidebar .sidebar-bottom a:hover{background-color:var(--sidebar-hover-bg)}#sidebar .sidebar-bottom a:not(:last-child){margin-right:.8rem}#sidebar .sidebar-bottom i{line-height:1.75rem}#sidebar .sidebar-bottom .mode-toggle{padding:0;border:0}#sidebar .sidebar-bottom .icon-border{margin-left:calc((.8rem - 3px)/2);margin-right:calc((.8rem - 3px)/2);background-color:var(--sidebar-btn-color);content:"";width:3px;height:3px;border-radius:50%;margin-bottom:.5rem}@media(hover: hover){#sidebar ul>li:last-child::after{transition:top .5s ease}.nav-link{transition:background-color .3s ease-in-out}.post-preview{transition:background-color .35s ease-in-out}}#search-result-wrapper{display:none;height:100%;width:100%;overflow:auto}#search-result-wrapper .content{margin-top:2rem}#topbar-wrapper{height:3rem;background-color:var(--topbar-bg)}#topbar button i{color:#999}#topbar #breadcrumb{font-size:1rem;color:var(--text-muted-color);padding-left:.5rem}#topbar #breadcrumb span:not(:last-child)::after{content:"›";padding:0 .3rem}::-webkit-input-placeholder{color:var(--text-muted-color) !important}::-moz-placeholder{color:var(--text-muted-color) !important}:-ms-input-placeholder{color:var(--text-muted-color) !important}::-ms-input-placeholder{color:var(--text-muted-color) !important}::placeholder{color:var(--text-muted-color) !important}:focus::-webkit-input-placeholder{opacity:.6}:focus::-moz-placeholder{opacity:.6}:focus:-ms-input-placeholder{opacity:.6}:focus::-ms-input-placeholder{opacity:.6}:focus::placeholder{opacity:.6}search{display:flex;width:100%;border-radius:1rem;border:1px solid var(--search-border-color);background:var(--main-bg);padding:0 .5rem}search i{z-index:2;font-size:.9rem;color:var(--search-icon-color)}#sidebar-trigger,#search-trigger{display:none}#search-cancel{color:var(--link-color);display:none;white-space:nowrap}#search-input{background:center;border:0;border-radius:0;padding:.18rem .3rem;color:var(--text-color);height:auto}#search-input:focus{box-shadow:none}#search-hints{padding:0 1rem}#search-hints h4{margin-bottom:1.5rem}#search-hints .post-tag{display:inline-block;line-height:1rem;font-size:1rem;background:var(--search-tag-bg);border:none;padding:.5rem;margin:0 1.25rem 1rem 0}#search-hints .post-tag::before{content:"#";color:var(--text-muted-color);padding-right:.2rem}#search-results{padding-bottom:3rem}#search-results a{font-size:1.4rem;line-height:2.5rem}#search-results>article{width:100%}#search-results>article:not(:last-child){margin-bottom:1rem}#search-results>article i{color:#818182;margin-right:.15rem;font-size:80%}#search-results>article>p{overflow:hidden;text-overflow:ellipsis;display:-webkit-box;-webkit-line-clamp:3;-webkit-box-orient:vertical}#topbar-title{display:none;font-size:1.1rem;font-weight:600;font-family:sans-serif;color:var(--topbar-text-color);text-align:center;width:70%;overflow:hidden;text-overflow:ellipsis;word-break:keep-all;white-space:nowrap}#mask{display:none;position:fixed;inset:0 0 0 0;height:100%;width:100%;z-index:1}[sidebar-display] #mask{display:block !important}#main-wrapper{position:relative;padding-left:0;padding-right:0}#main-wrapper>.container{min-height:100vh}#topbar-wrapper.row,#main-wrapper>.container>.row,#search-result-wrapper>.row{margin-left:0;margin-right:0}#tail-wrapper>:not(script){margin-top:3rem}#back-to-top{display:none;z-index:1;cursor:pointer;position:fixed;right:1rem;bottom:4.625rem;background:var(--button-bg);color:var(--btn-backtotop-color);padding:0;width:2.75rem;height:2.75rem;border-radius:50%;border:1px solid var(--btn-backtotop-border-color);transition:transform .2s ease-out;-webkit-transition:transform .2s ease-out}#back-to-top:hover{transform:translate3d(0, -5px, 0);-webkit-transform:translate3d(0, -5px, 0)}#back-to-top i{line-height:2.75rem;position:relative;bottom:2px}@-webkit-keyframes popup{from{opacity:0;bottom:0}}@keyframes popup{from{opacity:0;bottom:0}}#notification .toast-header{background:none;border-bottom:none;color:inherit}#notification .toast-body{font-family:Lato,sans-serif;line-height:1.25rem}#notification .toast-body button{font-size:90%;min-width:4rem}#notification.toast.show{display:block;min-width:20rem;border-radius:.5rem;-webkit-backdrop-filter:blur(10px);backdrop-filter:blur(10px);background-color:rgba(255,255,255,.5);color:rgba(27,27,30,.7294117647);position:fixed;left:50%;bottom:20%;transform:translateX(-50%);-webkit-animation:popup .8s;animation:popup .8s}@media all and (max-width: 576px){main .content>blockquote[class^=prompt-]{margin-left:-1rem;margin-right:-1rem;border-radius:0;max-width:none}#avatar{width:5rem;height:5rem}}@media all and (max-width: 768px){#main-wrapper>.container,#topbar{max-width:100%}#main-wrapper>.container{padding-left:0;padding-right:0}}@media all and (max-width: 849px){footer{transition:transform .4s ease;height:6rem;padding:1.5rem 0}[sidebar-display] #sidebar{transform:translateX(0)}[sidebar-display] #main-wrapper{transform:translateX(260px)}[sidebar-display] #back-to-top{visibility:hidden}#sidebar{transition:transform .4s ease;transform:translateX(-260px);-webkit-transform:translateX(-260px)}#main-wrapper{transition:transform .4s ease}#topbar,#main-wrapper>.container{max-width:100%}#search-result-wrapper{width:100%}#breadcrumb,search{display:none}#topbar-wrapper{transition:transform .4s ease,top .2s ease;left:0}main,#panel-wrapper{margin-top:0}#topbar-title,#sidebar-trigger,#search-trigger{display:block}#search-result-wrapper .content{letter-spacing:0}#tags{justify-content:center !important}h1.dynamic-title{display:none}h1.dynamic-title~.content{margin-top:2.5rem}}@media all and (min-width: 850px){html{overflow-y:scroll}#main-wrapper{margin-left:260px}#sidebar .profile-wrapper{margin-top:3rem}#search-hints{display:none}search{max-width:200px}#search-result-wrapper{max-width:1250px;justify-content:start !important}main h1{margin-top:3rem}div.content .table-wrapper>table{min-width:70%}#back-to-top{right:5%;bottom:3.625rem}#topbar-title{text-align:left}}@media all and (min-width: 992px)and (max-width: 1199px){#main-wrapper>.container .col-lg-11{flex:0 0 96%;max-width:96%}}@media all and (min-width: 850px)and (max-width: 1199px){#search-results>div{max-width:700px}#breadcrumb{width:65%;overflow:hidden;text-overflow:ellipsis;word-break:keep-all;white-space:nowrap}}@media all and (max-width: 1199px){#panel-wrapper{display:none}#main-wrapper>.container>div.row{justify-content:center !important}}@media all and (min-width: 1200px){search{margin-right:4rem}#search-input{transition:all .3s ease-in-out}#search-results>article{width:45%}#search-results>article:nth-child(odd){margin-right:1.5rem}#search-results>article:nth-child(even){margin-left:1.5rem}#search-results>article:last-child:nth-child(odd){position:relative;right:24.3%}.content{font-size:1.03rem}}@media all and (min-width: 1400px){#back-to-top{right:calc((100vw - 260px - 1140px)/2 + 3rem)}}@media all and (min-width: 1650px){#main-wrapper{margin-left:300px}#topbar-wrapper{left:300px}search{margin-right:calc(112.5px - .75rem)}#main-wrapper>.container{max-width:1250px;padding-left:1.75rem !important;padding-right:1.75rem !important}main.col-12,#tail-wrapper{padding-right:4.5rem !important}#back-to-top{right:calc((100vw - 300px - 1250px)/2 + 2rem)}#sidebar{width:300px}#sidebar .profile-wrapper{margin-top:3.5rem;margin-bottom:2.5rem;padding-left:3.5rem}#sidebar ul li.nav-item{padding-left:2.75rem;padding-right:2.75rem}#sidebar .sidebar-bottom{padding-left:2.75rem;margin-bottom:1.75rem}#sidebar .sidebar-bottom a:not(:last-child){margin-right:1rem}#sidebar .sidebar-bottom .icon-border{margin-left:calc((1rem - 3px)/2);margin-right:calc((1rem - 3px)/2)}}#post-list{margin-top:2rem}#post-list .card-wrapper:hover{text-decoration:none}#post-list .card-wrapper:not(:last-child){margin-bottom:1.25rem}#post-list .card{border:0;background:none}#post-list .card .preview-img img,#post-list .card .preview-img{border-radius:.625rem .625rem 0 0}#post-list .card .card-body{height:100%;padding:1rem}#post-list .card .card-body .card-title{color:var(--heading-color) !important;font-size:1.25rem}#post-list .card .card-body .post-meta,#post-list .card .card-body .card-text.content{color:var(--text-muted-color) !important}#post-list .card .card-body .card-text.content p{line-height:1.5;margin:0}#post-list .card .card-body .post-meta i:not(:first-child){margin-left:1.5rem}#post-list .card .card-body .post-meta em{color:inherit}#post-list .card .card-body .post-meta>div:first-child{display:block;white-space:nowrap;overflow:hidden;text-overflow:ellipsis}.pagination{color:var(--text-color);font-family:Lato,sans-serif;justify-content:space-evenly}.pagination a:hover{text-decoration:none}.pagination .page-item .page-link{color:var(--btn-patinator-text-color);padding:0 .6rem;display:-webkit-box;-webkit-box-pack:center;-webkit-box-align:center;border-radius:.5rem;border:0;background-color:inherit}.pagination .page-item.active .page-link{background-color:var(--btn-paginator-hover-color)}.pagination .page-item:not(.active) .page-link:hover{box-shadow:inset var(--btn-border-color) 0 0 0 1px}.pagination .page-item.disabled{cursor:not-allowed}.pagination .page-item.disabled .page-link{color:rgba(108,117,125,.57)}@media all and (min-width: 768px){#post-list .card .preview-img,#post-list .card .preview-img img{border-radius:0 .625rem .625rem 0}#post-list .card .card-body{padding:1.75rem 1.75rem 1.25rem 1.75rem}#post-list .card .card-body .card-text{display:inherit !important}#post-list .card .card-body .post-meta i:not(:first-child){margin-left:1.75rem}}@media all and (max-width: 830px){.pagination .page-item:not(:first-child):not(:last-child){display:none}}@media all and (min-width: 831px){#post-list{margin-top:2.5rem}.pagination{font-size:.85rem;justify-content:center}.pagination .page-item:not(:last-child){margin-right:.7rem}.pagination .page-index{display:none}}.post-navigation .btn.disabled,.post-navigation .btn{width:50%;position:relative;border-color:var(--btn-border-color)}h1+.post-meta>span+span::before{content:"•";padding-left:.25rem;padding-right:.25rem}h1+.post-meta em a{color:inherit}.post-tail-wrapper{margin-top:6rem;border-bottom:1px double var(--main-border-color)}.post-tail-wrapper .license-wrapper{line-height:1.2rem}.post-tail-wrapper .share-wrapper{vertical-align:middle;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none}.post-tail-wrapper .share-wrapper .share-icons>*,.post-tail-wrapper .share-wrapper .share-icons i{font-size:1.125rem}.post-tail-wrapper .share-wrapper .share-icons{display:flex}.post-tail-wrapper .share-wrapper .share-icons i{color:var(--btn-share-color)}.post-tail-wrapper .share-wrapper .share-icons>*{margin-left:.5rem}.post-tail-wrapper .share-wrapper .share-icons button{padding:0;border:none;line-height:inherit}.share-mastodon{--wc-stm-font-family: $font-family-base;--wc-stm-dialog-background-color: var(--card-bg);--wc-stm-form-button-border: 1px solid var(--btn-border-color);--wc-stm-form-submit-background-color: var(--sidebar-btn-bg);--wc-stm-form-cancel-background-color: var(--sidebar-btn-bg);--wc-stm-form-button-background-color-hover: #007bff;--wc-stm-form-button-color-hover: white;font-size:1rem}.post-tags{line-height:2rem}.post-navigation .btn:not(:hover){color:var(--link-color)}.post-navigation .btn:hover:not(.disabled)::before{color:#f5f5f5}.post-navigation .btn.disabled{pointer-events:auto;cursor:not-allowed;background:none;color:gray}.post-navigation .btn.btn-outline-primary.disabled:focus{box-shadow:none}.post-navigation .btn::before{color:var(--text-muted-color);font-size:.65rem;text-transform:uppercase;content:attr(aria-label)}.post-navigation .btn:first-child{border-radius:.625rem 0 0 .625rem;left:.5px}.post-navigation .btn:last-child{border-radius:0 .625rem .625rem 0;right:.5px}.post-navigation p{font-size:1.1rem;line-height:1.5rem;margin-top:.3rem;white-space:normal}@media(hover: hover){.post-navigation .btn,.post-navigation .btn::before{transition:all .35s ease-in-out}}@-webkit-keyframes fade-up{from{opacity:0;position:relative;top:2rem}to{opacity:1;position:relative;top:0}}@keyframes fade-up{from{opacity:0;position:relative;top:2rem}to{opacity:1;position:relative;top:0}}#toc-wrapper{border-left:1px solid rgba(158,158,158,.17);position:-webkit-sticky;position:sticky;top:4rem;transition:top .2s ease-in-out;-webkit-animation:fade-up .8s;animation:fade-up .8s}#toc-wrapper ul{list-style:none;font-size:.85rem;line-height:1.25;padding-left:0}#toc-wrapper ul li:not(:last-child){margin:.4rem 0}#toc-wrapper ul li a{padding:.2rem 0 .2rem 1.25rem}#toc-wrapper ul .toc-link{display:block;white-space:nowrap;overflow:hidden;text-overflow:ellipsis}#toc-wrapper ul .toc-link:hover{color:var(--toc-highlight);text-decoration:none}#toc-wrapper ul .toc-link::before{display:none}#toc-wrapper ul .is-active-link{color:var(--toc-highlight) !important;font-weight:600}#toc-wrapper ul .is-active-link::before{display:inline-block;width:1px;left:-1px;height:1.25rem;background-color:var(--toc-highlight) !important}#toc-wrapper ul ul{padding-left:.75rem}#related-posts>h3{color:var(--label-color);font-size:1.1rem;font-weight:600}#related-posts time{color:var(--text-muted-color)}#related-posts p{font-size:.9rem;margin-bottom:.5rem;overflow:hidden;text-overflow:ellipsis;display:-webkit-box;-webkit-line-clamp:2;-webkit-box-orient:vertical}#disqus_thread{min-height:8.5rem}.utterances{max-width:100%}.post-tail-wrapper .share-wrapper .share-icons>*:hover i{color:var(--btn-share-hover-color) !important}.share-label{color:inherit;font-size:inherit;font-weight:400}.share-label::after{content:":"}@media all and (max-width: 576px){.post-tail-bottom{flex-wrap:wrap-reverse !important}.post-tail-bottom>div:first-child{width:100%;margin-top:1rem}}@media all and (max-width: 768px){.content>p>img{max-width:calc(100% + 1rem)}}@media all and (max-width: 849px){.post-navigation{padding-left:0;padding-right:0;margin-left:-0.5rem;margin-right:-0.5rem}}.tag{border-radius:.7em;padding:6px 8px 7px;margin-right:.8rem;line-height:3rem;letter-spacing:0;border:1px solid var(--tag-border) !important;box-shadow:0 0 3px 0 var(--tag-shadow)}.tag span{margin-left:.6em;font-size:.7em;font-family:Oswald,sans-serif}#archives{letter-spacing:.03rem}#archives ul li::before,#archives .year:first-child::before,#archives .year::before{content:"";width:4px;position:relative;float:left;background-color:var(--timeline-color)}#archives .year{height:3.5rem;font-size:1.5rem;position:relative;left:2px;margin-left:-4px}#archives .year::before{height:72px;left:79px;bottom:16px}#archives .year:first-child::before{height:32px;top:24px}#archives .year::after{content:"";display:inline-block;position:relative;border-radius:50%;width:12px;height:12px;left:21.5px;border:3px solid;background-color:var(--timeline-year-dot-color);border-color:var(--timeline-node-bg);box-shadow:0 0 2px 0 #c2c6cc;z-index:1}#archives ul li{font-size:1.1rem;line-height:3rem;white-space:nowrap;overflow:hidden;text-overflow:ellipsis}#archives ul li:nth-child(odd){background-color:var(--main-bg, #ffffff);background-image:linear-gradient(to left, #ffffff, #fbfbfb, #fbfbfb, #fbfbfb, #ffffff)}#archives ul li::before{top:0;left:77px;height:3.1rem}#archives ul:last-child li:last-child::before{height:1.5rem}#archives .date{white-space:nowrap;display:inline-block;position:relative;right:.5rem}#archives .date.month{width:1.4rem;text-align:center}#archives .date.day{font-size:85%;font-family:Lato,sans-serif}#archives a{margin-left:2.5rem;position:relative;top:.1rem}#archives a:hover{border-bottom:none}#archives a::before{content:"";display:inline-block;position:relative;border-radius:50%;width:8px;height:8px;float:left;top:1.35rem;left:71px;background-color:var(--timeline-node-bg);box-shadow:0 0 3px 0 #c2c6cc;z-index:1}@media all and (max-width: 576px){#archives{margin-top:-1rem}#archives ul{letter-spacing:0}}.categories i{color:gray}.categories{margin-bottom:2rem;border-color:var(--categories-border)}.categories .card-header{padding:.75rem;border-radius:calc(.625rem - 1px);border-bottom:0}.categories .card-header.hide-border-bottom{border-bottom-left-radius:0;border-bottom-right-radius:0}.categories i{font-size:86%}.categories .list-group-item{border-left:none;border-right:none;padding-left:2rem}.categories .list-group-item:first-child{border-top-left-radius:0;border-top-right-radius:0}.categories .list-group-item:last-child{border-bottom:0}.category-trigger{width:1.7rem;height:1.7rem;border-radius:50%;text-align:center;color:#6c757d !important}.category-trigger i{position:relative;height:.7rem;width:1rem;transition:transform 300ms ease}.category-trigger:hover i{color:var(--categories-icon-hover-color)}@media(hover: hover){.category-trigger:hover{background-color:var(--categories-hover-bg)}}.rotate{transform:rotate(-90deg)}.dash{margin:0 .5rem .6rem .5rem;border-bottom:2px dotted var(--dash-color)}#page-category ul>li,#page-tag ul>li{line-height:1.5rem;padding:.6rem 0}#page-category ul>li::before,#page-tag ul>li::before{background:#999;width:5px;height:5px;border-radius:50%;display:block;content:"";position:relative;top:.6rem;margin-right:.5rem}#page-category ul>li>a,#page-tag ul>li>a{font-size:1.1rem}#page-tag h1>i{font-size:1.2rem}#page-category h1>i{font-size:1.25rem}#page-category a:hover,#page-tag a:hover,#access-lastmod a:hover{margin-bottom:-1px}@media all and (max-width: 576px){#page-category ul>li::before,#page-tag ul>li::before{margin:0 .5rem}#page-category ul>li>a,#page-tag ul>li>a{white-space:nowrap;overflow:hidden;text-overflow:ellipsis}}/*# sourceMappingURL=jekyll-theme-chirpy.css.map */ \ No newline at end of file diff --git a/assets/css/jekyll-theme-chirpy.css.map b/assets/css/jekyll-theme-chirpy.css.map new file mode 100644 index 0000000000..8f3cdb672f --- /dev/null +++ b/assets/css/jekyll-theme-chirpy.css.map @@ -0,0 +1 @@ +{"version":3,"sourceRoot":"","sources":["../../vendor/bundle/ruby/3.2.0/gems/jekyll-theme-chirpy-6.5.5/_sass/addon/module.scss","../../vendor/bundle/ruby/3.2.0/gems/jekyll-theme-chirpy-6.5.5/_sass/addon/variables.scss","../../vendor/bundle/ruby/3.2.0/gems/jekyll-theme-chirpy-6.5.5/_sass/addon/syntax.scss","../../vendor/bundle/ruby/3.2.0/gems/jekyll-theme-chirpy-6.5.5/_sass/colors/syntax-light.scss","../../vendor/bundle/ruby/3.2.0/gems/jekyll-theme-chirpy-6.5.5/_sass/colors/syntax-dark.scss","../../vendor/bundle/ruby/3.2.0/gems/jekyll-theme-chirpy-6.5.5/_sass/addon/commons.scss","../../vendor/bundle/ruby/3.2.0/gems/jekyll-theme-chirpy-6.5.5/_sass/colors/typography-light.scss","../../vendor/bundle/ruby/3.2.0/gems/jekyll-theme-chirpy-6.5.5/_sass/colors/typography-dark.scss","../../vendor/bundle/ruby/3.2.0/gems/jekyll-theme-chirpy-6.5.5/_sass/layout/home.scss","../../vendor/bundle/ruby/3.2.0/gems/jekyll-theme-chirpy-6.5.5/_sass/layout/post.scss","../../vendor/bundle/ruby/3.2.0/gems/jekyll-theme-chirpy-6.5.5/_sass/layout/tags.scss","../../vendor/bundle/ruby/3.2.0/gems/jekyll-theme-chirpy-6.5.5/_sass/layout/archives.scss","../../vendor/bundle/ruby/3.2.0/gems/jekyll-theme-chirpy-6.5.5/_sass/layout/categories.scss","../../vendor/bundle/ruby/3.2.0/gems/jekyll-theme-chirpy-6.5.5/_sass/layout/category-tag.scss"],"names":[],"mappings":"CAMA,iCACE,2BACA,gBACA,YCuBoB,kCDnBpB,gCACE,kBACA,sBAEA,wDACE,aAMJ,4CACE,cAGF,qBACE,4CACE,kBACA,UACA,2DAIA,oEACE,mBACA,UACA,0DAMR,sCACE,4BACA,uCAGF,+DACE,mBACA,cACA,mBAGF,2QACE,yBACA,gCACA,qBAGF,4CACE,wBAGF,sEACE,oDAGF,4EACE,+BAGF,gFACE,yBACA,sBACA,qBACA,iBAGF,6LACE,mBAGF,yFACE,eAGF,4EACE,kBAGF,wMACE,cC5EY,QDgFZ,oBACE,cACA,kBACA,kBACA,cACA,UACA,cAIJ,iDACE,iCACA,yBACA,sBACA,qBACA,iBAGF,iHACE,oBACA,gBACA,uBACA,qBACA,4BAGF,6FACE,yCACA,gBAGF,kFACE,iBAGF,2BACE,gBAIA,mCACE,2CACA,uBACA,0BACA,kBACA,8CEvIF,oCACE,4CCHF,iCACA,8BACA,mCACA,kCACA,0BACA,sBACA,kCACA,mCACA,kCACA,mCAEA,8EACE,0BAKF,oFACE,YAGF,sFACE,SAGF,0IAEE,cACA,yBAGF,ogBAOE,cAGF,0EACE,cAGF,0EACE,cACA,yBAGF,0EACE,cAGF,0EACE,cAGF,0EACE,cAGF,0EACE,cAGF,0EACE,cAGF,0EACE,cAGF,0EACE,cAGF,0EACE,cACA,yBAGF,0EACE,cAGF,guBAUE,cAGF,0EACE,cAGF,0EACE,cAGF,0EACE,cAGF,0EACE,cAGF,0EACE,cAGF,kXAKE,cAGF,kJAEE,cAGF,0EACE,cACA,iBAGF,0EACE,cACA,iBAGF,4yBAWE,cAGF,0EACE,cAGF,oJAEE,cAGF,4EACE,cACA,yBAGF,glBAQE,cAGF,0EACE,cAGF,0EACE,cAGF,0EACE,cAGF,0EACE,cAGF,0EACE,cACA,kBAGF,0EACE,cACA,iBDrMA,qBETF,iCACA,8BACA,mCACA,kCACA,0BACA,sBACA,kCACA,mCACA,kCACA,mCACA,+BAEA,oCACE,cAKF,yCACE,YAGF,0CACE,SAGF,mEAEE,cACA,yBAGF,qCACE,cACA,yBAGF,4PAOE,cAGF,oCACE,cAGF,oCACE,cAGF,uEAEE,cAGF,uEAEE,cAGF,oCACE,cAGF,oCACE,cACA,yBAGF,oCACE,cACA,yBACA,iBAGF,mLAKE,cAGF,oCACE,cAGF,oCACE,cAGF,oCACE,cAGF,mUASE,cAGF,oCACE,cAGF,oCACE,cAGF,oCACE,cAGF,oCACE,cAGF,oCACE,cAGF,oCACE,cAGF,oCACE,cAGF,oCACE,cAGF,+RAQE,cAGF,oCACE,eF9IF,mCACE,2CEfF,iCACA,8BACA,mCACA,kCACA,0BACA,sBACA,kCACA,mCACA,kCACA,mCACA,+BAEA,yEACE,cAKF,mFACE,YAGF,qFACE,SAGF,wIAEE,cACA,yBAGF,2EACE,cACA,yBAGF,+fAOE,cAGF,yEACE,cAGF,yEACE,cAGF,gJAEE,cAGF,gJAEE,cAGF,yEACE,cAGF,yEACE,cACA,yBAGF,yEACE,cACA,yBACA,iBAGF,2WAKE,cAGF,yEACE,cAGF,yEACE,cAGF,yEACE,cAGF,+oBASE,cAGF,yEACE,cAGF,yEACE,cAGF,yEACE,cAGF,yEACE,cAGF,yEACE,cAGF,yEACE,cAGF,yEACE,cAGF,yEACE,cAGF,skBAQE,cAGF,yEACE,cFxIA,sBCnBF,iCACA,8BACA,mCACA,kCACA,0BACA,sBACA,kCACA,mCACA,kCACA,mCAEA,uCACE,0BAKF,0CACE,YAGF,2CACE,SAGF,qEAEE,cACA,yBAGF,kQAOE,cAGF,qCACE,cAGF,qCACE,cACA,yBAGF,qCACE,cAGF,qCACE,cAGF,qCACE,cAGF,qCACE,cAGF,qCACE,cAGF,qCACE,cAGF,qCACE,cAGF,qCACE,cACA,yBAGF,qCACE,cAGF,gXAUE,cAGF,qCACE,cAGF,qCACE,cAGF,qCACE,cAGF,qCACE,cAGF,qCACE,cAGF,yLAKE,cAGF,yEAEE,cAGF,qCACE,cACA,iBAGF,qCACE,cACA,iBAGF,sZAWE,cAGF,qCACE,cAGF,0EAEE,cAGF,sCACE,cACA,yBAGF,wSAQE,cAGF,qCACE,cAGF,qCACE,cAGF,qCACE,cAGF,qCACE,cAGF,qCACE,cACA,kBAGF,qCACE,cACA,kBDlLJ,kDACE,2CAGF,cACE,kBACA,qBAGF,mBACE,qCACA,iBACA,oBAGF,WAQE,cACA,sBAEA,eACE,gBACA,UDtCa,OCuCb,mBACA,iBAKE,gCACE,qBACA,iBACA,oBAGF,+BACE,8BAGF,wBACE,iBACA,kBAKN,mBACE,iBACA,oCACA,yBACA,sBACA,oBACA,qBACA,iBAIJ,KACE,qBACA,iBACA,aACA,wBAEA,uBACE,UDhFa,OCiFb,gBACA,sBACA,kBACA,uCAGF,cACE,yBACA,iCACA,gBACA,UAGF,yBACE,iBACA,cAGF,+BACE,mBAGF,gBACE,cAWF,gBACE,yBACA,8BACA,oBAIJ,sBAIE,kDAEA,+BFIA,YEHiB,MFIjB,aEJiB,MAEf,gBAGF,iCACE,yBACA,0BAUA,2IACE,qBACA,eAEA,2KACE,aAMR,aAGE,aACA,8BACA,mBACA,ODlKmB,QCmKnB,mBACA,oBAGA,kBACE,YDxKiB,QC2KjB,oBACE,eACA,MD1KY,QC2KZ,oCAEA,0BACE,cAIK,2BACP,kBACA,QAIF,yBACE,8BACA,iBACA,gBACA,oCAKJ,oBAIE,+BACA,ODzMiB,QC0MjB,MD1MiB,QC2MjB,UACA,yBAEA,sBACE,oCAIA,mCACE,4CAGF,+BACE,qCAIJ,0BACE,aAGF,yCACE,uCAEA,2CACE,WAMR,kCAEI,+BFzGF,YE0GmB,EFzGnB,aEyGmB,EAEf,cDrPQ,QCwPV,mCF/GF,YEgHmB,EF/GnB,aE+GmB,EAIf,2CACE,WACA,qBACA,YALW,KAMX,MD1PQ,OC2PR,OD3PQ,OC4PR,kBACA,gDACA,gGAMF,wCAEE,uBG7RR,KAuBE,eAtBA,oCACE,4CCEF,iBACA,mBACA,6BAGA,sBACA,4BACA,uCACA,yBACA,uBACA,mCACA,iCACA,sBACA,gCACA,qBACA,4BACA,+BACA,sCACA,0BACA,0BACA,kCACA,oFAKA,2HAQA,uCACA,+BACA,sBACA,gCACA,+BACA,gCACA,6CACA,wBACA,6BACA,6BAGA,qCACA,qCACA,0CACA,6BACA,oCAGA,gCACA,oCACA,+CAGA,yBACA,wBACA,iCACA,iBACA,yBACA,yFAEA,gCACA,qBACA,2BACA,qBACA,0BACA,oCACA,sBACA,2CACA,yCACA,iCACA,0BACA,kCACA,wCACA,qCACA,6CACA,oCAGA,sBACA,sCACA,gCACA,yBAWA,0CACA,+CACA,6CAGA,uCACA,4BACA,mCAhBA,8EACE,2CAGF,wDACE,aD1FA,qBEHF,2BACA,2BACA,qCAGA,iCACA,4BACA,uCACA,yBACA,uBACA,2CACA,iCACA,iCACA,0CACA,qBACA,4BACA,yCACA,sCACA,iCACA,0BACA,qCACA,4CACA,4EACA,0HAQA,4BACA,+BACA,sBACA,gCACA,+BACA,iDACA,4BACA,0BACA,6BACA,+CAGA,mCACA,uCACA,uCACA,wCACA,+CAGA,2CACA,8CACA,qCAGA,oCACA,6BACA,qBACA,8BACA,oCACA,uCACA,2BACA,iCACA,mBACA,yBACA,sFAEA,0BACA,0BACA,wBACA,8CACA,uCACA,gDACA,uCACA,kCACA,0CACA,mDACA,wCACA,oCAGA,8BACA,8BACA,8BACA,yBAGA,0CACA,uCACA,qCAGA,uCACA,kCACA,iDA4CA,kBA1CA,4BACE,aAGF,wBACE,sCAIF,4EAEE,gCAIA,8CACE,uCAGF,kDACE,iBACA,kBACA,kBACA,sCAEA,6DACE,mCAKN,iDACE,+HAaF,oCACE,mBFtIF,mCACE,2CETF,2BACA,2BACA,qCAGA,iCACA,4BACA,uCACA,yBACA,uBACA,2CACA,iCACA,iCACA,0CACA,qBACA,4BACA,yCACA,sCACA,iCACA,0BACA,qCACA,4CACA,4EACA,0HAQA,4BACA,+BACA,sBACA,gCACA,+BACA,iDACA,4BACA,0BACA,6BACA,+CAGA,mCACA,uCACA,uCACA,wCACA,+CAGA,2CACA,8CACA,qCAGA,oCACA,6BACA,qBACA,8BACA,oCACA,uCACA,2BACA,iCACA,mBACA,yBACA,sFAEA,0BACA,0BACA,wBACA,8CACA,uCACA,gDACA,uCACA,kCACA,0CACA,mDACA,wCACA,oCAGA,8BACA,8BACA,8BACA,yBAGA,0CACA,uCACA,qCAGA,uCACA,kCACA,iDA4CA,kBA1CA,yDACE,aAGF,iDACE,sCAIF,0JAEE,gCAIA,6FACE,uCAGF,qGACE,iBACA,kBACA,kBACA,sCAEA,2HACE,mCAKN,mGACE,+HAaF,yEACE,kBFhIA,sBCdF,iBACA,mBACA,6BAGA,sBACA,4BACA,uCACA,yBACA,uBACA,mCACA,iCACA,sBACA,gCACA,qBACA,4BACA,+BACA,sCACA,0BACA,0BACA,kCACA,oFAKA,2HAQA,uCACA,+BACA,sBACA,gCACA,+BACA,gCACA,6CACA,wBACA,6BACA,6BAGA,qCACA,qCACA,0CACA,6BACA,oCAGA,gCACA,oCACA,+CAGA,yBACA,wBACA,iCACA,iBACA,yBACA,yFAEA,gCACA,qBACA,2BACA,qBACA,0BACA,oCACA,sBACA,2CACA,yCACA,iCACA,0BACA,kCACA,wCACA,qCACA,6CACA,oCAGA,sBACA,sCACA,gCACA,yBAWA,0CACA,+CACA,6CAGA,uCACA,4BACA,mCAhBA,uCACE,2CAGF,4BACE,cDvEJ,KACE,0BACA,kHAEA,wBACA,mCACA,YJHiB,+CISjB,GAeI,kBAfJ,GAeI,kBAfJ,GAeI,kBAfJ,GAeI,kBAfJ,GAiBI,eAKN,EAGE,qBAGF,IACE,eACA,YACA,gCAEA,UAGE,0BACA,kBAIJ,WACE,qDACA,kBACA,mCAEA,wBACE,gBAGF,2BACE,cACA,kBACA,4BACA,+BAIA,mCACE,kBACA,WACA,kBACA,YACA,iBACA,oBACA,mCLqFJ,sBACE,sCAEA,8BACE,QKrFmB,ILsFnB,mCACA,4BANJ,uBACE,uCAEA,+BACE,QKpFoB,ILqFpB,oCACA,0BANJ,0BACE,0CAEA,kCACE,QKnFuB,ILoFvB,uCACA,0BANJ,yBACE,yCAEA,iCACE,QKlFsB,ILmFtB,sCACA,0BKjFN,IACE,oBACA,qBACA,sBACA,mBACA,kBACA,kBACA,eACA,kBACA,4BACA,qCACA,qBACA,uCACA,gDAGF,OACE,gCACA,OJtHc,KIuHd,8CAgBA,SACE,kBACA,gBAcJ,QACE,SACA,+BACA,gBACA,mBAEA,mBACE,wBACA,gBAGF,gBACE,kBACA,+CAEA,iCACE,mBAIJ,iBACE,gBAMF,8BACE,oBACA,oBLjBF,MADwD,mBAExD,UKkBiB,QLjBjB,YAH2C,IKuB3C,yBACE,oBACA,iBACA,oBACA,oBACA,wBAEA,+BACE,2BAMJ,kBAOE,cAIJ,cACE,kBACA,iBAGE,kCACE,oBAKF,mBACE,kBACA,aACA,gBAMK,WL1FT,YK2FiB,IL1FjB,aK0FiB,ILjFjB,aKkFiB,ILjFjB,cKiFiB,IAEf,oCASO,kBACP,gBACA,cACA,kBACA,aACA,kBACA,oCAOJ,eACE,gBACA,qBAEA,qBACE,eACA,gBACA,iBAEA,2BACE,8CAQA,8BACE,+CAEA,4CACE,mCAGF,8CACE,kCAaV,aACE,mBACA,WACA,YACA,gBAIA,yBACE,yBAGF,iBACE,YACA,oBACA,iBAIS,4BACP,WAKN,cAGE,SACA,0BACA,8BAEA,sBAGE,WACA,WACA,YACA,kBACA,sCACA,UACA,oCAIA,4BACE,WAKN,KACE,iBAEA,QACE,gBACA,qBAKE,mDL3LJ,kBACA,SACA,2BKsNF,SACE,kBACA,gBACA,yBAGE,iBLhQF,WKmQmB,MLlQnB,cKkQmB,MAEf,eAcF,8FAEE,8BACA,6BAEA,0GACE,gBACA,oBAGF,oNAEE,8BACA,6BACA,eAKN,sBACE,8BACA,6BAEA,yBACE,qBACA,eAGA,2BACE,WACA,qBACA,4BAEA,mCACE,oCAIJ,4BACE,8BACA,6BAIJ,2CACE,6BACA,sBAIJ,eACE,iBAGF,kBACE,8BAQJ,UACE,qBACA,eACA,kBACA,oBACA,yCACA,gBACA,8BACA,mBAEA,2BACE,mBAIJ,YACE,8BAGF,UACE,oBACA,oBAGF,SACE,gBACA,kBACA,yBAEA,iBACE,WACA,kBACA,6BACA,YACA,WACA,wCACA,gCAGF,2BACE,GACE,4BAGF,KACE,4BAIJ,mBACE,GACE,4BAGF,KACE,4BAKN,aACE,WACA,YACA,mBAIA,2CAEE,kBAGF,oBACE,qBAKJ,UACE,4BACA,gBACA,kBACA,wBAEA,gBACE,gBAMJ,QACE,yBAES,eACP,wBAIJ,UACE,wBAGF,SACE,8BAGF,QACE,6BAGF,aACE,uBAGF,gBACE,8BAIF,YACE,yCAIF,eACE,gBACA,gBACA,gBAKA,8CACE,gCAIJ,UACE,cACA,oBACA,mBAGF,oBACE,8BAGF,aACE,gBACA,wDACA,6BACA,2EAGF,MACE,WACA,0BAGF,OACE,YACA,0BAOF,kBACE,kBACA,gBACA,iBAGF,SACE,gBAIF,SACE,kBAIF,cACE,kBACA,0BASF,SLvgBE,aKwgBe,ELvgBf,cKugBe,EAEf,eACA,MACA,OACA,YACA,gBACA,MJ9qBc,MI+qBd,WACA,6BACA,mDAQA,wBACA,qBANA,4BACE,aAQA,0GACE,kCAQJ,iBACE,cACA,WACA,YACA,gBACA,gDACA,wBAEA,qBACE,yBAEA,2BACE,qBAKN,0BLvkBA,WKwkBiB,OLvkBjB,cKukBiB,OAGf,oBACA,sBACA,WAGF,qBACE,oBACA,gBACA,kBACA,gBACA,qBACA,mBACA,oBAEA,uBAIE,8BAIJ,wBACE,cACA,iCACA,kBACA,iBACA,yBACA,sBACA,qBACA,iBAGF,YACE,mBAEA,wBACE,WACA,WACA,oBACA,qBAEA,mCL3mBJ,YK4mBqB,ML3mBrB,eK2mBqB,MAEf,aACA,mBACA,qBACA,gBAEA,yCACE,yCAGF,qCACE,cACA,WACA,oBAGF,wCACE,cACA,oBAKF,yCACE,kCACA,yCAEA,8CACE,UAKN,0CACE,kBAKN,yBACE,kBACA,mBACA,qBAIA,iEACE,MAHS,QAIT,OAJS,QAKT,cApJG,MAqJH,kBACA,+BACA,uCACA,kBACA,aACA,mBACA,uBACA,iDAEA,6EACE,yCASF,4CACE,aJ30BK,MI+0BT,2BACE,YA/BS,QAkCX,sCACE,UACA,SAOF,sCLzsBF,YK2sBmB,sBL1sBnB,aK0sBmB,sBAEf,0CACA,WACA,MAjMa,IAkMb,OAlMa,IAmMb,kBACA,cAnMG,MAwMT,qBACE,iCACE,wBAGF,UACE,4CAGF,cACE,8CAIJ,uBACE,aACA,YACA,WACA,cAEA,gCACE,gBAMJ,gBACE,OJj4Bc,KIk4Bd,kCAIA,iBACE,WAGF,oBACE,eACA,8BACA,mBAQI,iDACE,YACA,gBAOV,4BLjwBE,yCKqwBF,mBLrwBE,yCKywBF,uBLzwBE,yCK6wBF,wBL7wBE,yCKixBF,cLjxBE,yCKqxBF,kCLjxBE,WKqxBF,yBLrxBE,WKyxBF,6BLzxBE,WK6xBF,8BL7xBE,WKiyBF,oBLjyBE,WKqyBF,OACE,aACA,WACA,mBACA,4CACA,0BACA,gBAEA,SACE,UACA,gBACA,+BAIJ,iCAEE,aAIF,eACE,wBACA,aACA,mBAKF,cACE,kBACA,SACA,gBACA,qBACA,wBACA,YAEA,oBACE,gBAIJ,cACE,eAEA,iBACE,qBAGF,wBACE,qBACA,iBACA,eACA,gCACA,YACA,cACA,wBAEA,gCACE,YACA,8BACA,oBAON,gBACE,oBAEA,kBASE,iBACA,mBAGF,wBACE,WAEA,yCACE,mBAIF,0BACE,cACA,oBACA,cAGF,0BACE,gBACA,uBACA,oBACA,qBACA,4BAKN,cACE,aACA,iBACA,gBACA,uBACA,+BACA,kBACA,UACA,gBACA,uBACA,oBACA,mBAGF,MACE,aACA,eACA,cACA,YACA,WACA,UAES,wBACP,yBAMJ,cACE,kBLx7BA,aK07Be,ELz7Bf,cKy7Be,EAEf,yBACE,iBAIJ,8EL38BE,YK88Be,EL78Bf,aK68Be,EAIf,2BACE,gBAMJ,aACE,aACA,UACA,eACA,eACA,WACA,gBACA,4BACA,iCACA,UACA,MJ3mCc,QI4mCd,OJ5mCc,QI6mCd,kBACA,mDACA,kCACA,0CAEA,mBACE,kCACA,0CAGF,eACE,YJxnCY,QIynCZ,kBACA,WAKF,yBACE,KACE,UACA,UAIJ,iBACE,KACE,UACA,UAIJ,4BACE,gBACA,mBACA,cAGF,0BACE,4BACA,oBAEA,iCACE,cACA,eAKF,yBACE,cACA,gBACA,oBACA,mCACA,2BACA,sCACA,iCACA,eACA,SACA,WACA,2BACA,4BACA,oBAcN,kCAGM,yCLpjCJ,YKqjCqB,MLpjCrB,aKojCqB,MAEf,gBACA,eAKN,QACE,WACA,aAIJ,kCACE,iCACE,eAOF,yBLlkCA,aKokCiB,ELnkCjB,cKmkCiB,GAKnB,kCAWE,OAJI,WALM,mBAYR,OJ5uCkB,KI6uClB,iBAIA,2BACE,wBAGF,gCACE,4BAGF,+BACE,kBAIJ,SAzBI,WALM,mBAiCR,6BACA,qCAGF,cAhCI,WALM,mBAyCV,iCAEE,eAGF,uBACE,WAGF,mBAEE,aAGF,gBApDI,2CAuDF,OAGF,oBAEE,aAGF,+CAGE,cAGF,gCACE,iBAGF,MACE,kCAGF,iBACE,aAEA,0BACE,mBAMN,kCAEE,KACE,kBAGF,cACE,YJ30CY,MI+0CZ,0BACE,gBAIJ,cACE,aAGF,OACE,UJj1Ce,MIo1CjB,uBACE,UJl1CqB,OIm1CrB,iCAIA,QACE,gBAIJ,iCACE,cAIF,aACE,SACA,gBAGF,cACE,iBAKJ,yDACE,oCACE,aACA,eAKJ,yDACE,oBACE,gBAGF,YACE,UACA,gBACA,uBACA,oBACA,oBAKJ,mCACE,eACE,aAGF,iCACE,mCAMJ,mCACE,OACE,kBAGF,cACE,+BAGF,wBACE,UAEA,uCACE,oBAGF,wCACE,mBAGF,kDACE,kBACA,YAIJ,SACE,mBAIJ,mCACE,aACE,+CAIJ,mCAGE,cACE,YJl8CkB,MIq8CpB,gBACE,KJt8CkB,MIy8CpB,OACE,oCAKF,yBACE,UJt8CqB,OIu8CrB,gCACA,iCAGF,0BAEE,gCAGF,aACE,8CAKF,SACE,MJj+CkB,MIm+ClB,0BACE,kBACA,qBACA,oBAIA,wBL50CJ,aK60CqB,QL50CrB,cK40CqB,QAInB,yBACE,qBACA,sBAEA,4CACE,aJl/CQ,KIq/CV,sCLn2CJ,YKo2CqB,qBLn2CrB,aKm2CqB,sBG3/CvB,WACE,gBAGE,+BACE,qBAGF,0CACE,sBAIJ,iBACE,SACA,gBAEA,gEACE,kCAWF,4BACE,YACA,aAEA,wCAGE,sCACA,kBAGF,sFACE,yCAMA,iDAGE,gBACA,SAQA,2DACE,mBAIJ,0CAGE,cAGF,uDACE,cACA,mBACA,gBACA,uBAOV,YACE,wBACA,4BACA,6BAEA,oBACE,qBAIA,kCACE,sCACA,gBACA,oBACA,wBACA,yBACA,oBACA,SACA,yBAIA,yCACE,kDAMA,qDACE,mDAKN,gCACE,mBAEA,2CACE,4BAOR,kCACE,gEACE,kCAKE,4BACE,wCAEA,uCACE,2BAKE,2DACE,qBAUd,kCAGM,0DACE,cAOR,kCACE,WACE,kBAGF,YACE,iBACA,uBAGE,wCACE,mBAIJ,wBACE,cCrLN,qDACE,UACA,kBACA,qCAUA,gCANA,YACA,aAFc,OAGd,cAH4B,OAiB1B,mBACE,cAKN,mBAGE,gBACA,kDAEA,oCACE,mBAmBF,kCACE,sBACA,yBACA,sBACA,qBACA,iBAEA,kGACE,mBAGF,+CACE,aAEA,iDACE,6BAKF,iDAGE,kBASF,sDACE,UACA,YACA,oBAQR,gBAEE,wCACA,iDACA,+DACA,6DACA,6DACA,qDACA,wCAEA,eAGF,WACE,iBAeE,kCACE,wBAIA,mDACE,cAIJ,+BAGE,oBACA,mBACA,gBACA,WAGF,yDACE,gBAGF,8BACE,8BACA,iBACA,yBACA,yBAGF,kCACE,kCACA,UAGF,iCACE,kCACA,WAIJ,mBACE,iBACA,mBACA,iBACA,mBAIJ,qBAEI,oDAEE,iCAKN,2BACE,KACE,UACA,kBACA,SAGF,GACE,UACA,kBACA,OAIJ,mBACE,KACE,UACA,kBACA,SAGF,GACE,UACA,kBACA,OAIJ,aACE,4CACA,wBACA,gBACA,SACA,+BACA,8BACA,sBAEA,gBACE,gBACA,iBACA,iBACA,eAGE,oCACE,eAGF,qBACE,8BAMJ,0BACE,cACA,mBACA,gBACA,uBAEA,gCACE,2BACA,qBAGF,kCACE,aAIJ,gCACE,sCACA,gBAEA,wCACE,qBACA,UACA,UACA,eACA,iDAIJ,mBACE,oBAQJ,kBTxGA,MADwD,mBAExD,USwGiB,OTvGjB,YSuGyB,IAGzB,oBAIE,8BAGF,iBACE,gBACA,oBACA,gBACA,uBACA,oBACA,qBACA,4BAWJ,eACE,kBAGF,YACE,eAGF,yDACE,8CAGF,aTjJE,MSkJ6B,QTjJ7B,USiJe,QThJf,YSgJwB,IAExB,oBACE,YAIJ,kCACE,kBACE,kCAEA,kCACE,WACA,iBAKN,kCACE,eACE,6BAKJ,kCACE,iBACE,eACA,gBACA,oBACA,sBC9VJ,KACE,mBACA,oBACA,mBACA,iBACA,iBACA,8CACA,uCAEA,UACE,iBACA,eACA,8BCZJ,UACE,sBAIA,oFACE,WACA,MAJe,IAKf,kBACA,WACA,uCAGF,gBACE,cACA,iBACA,kBACA,SACA,iBAEA,wBAGE,YACA,UACA,YAGF,oCAGE,YACA,SAIF,uBACE,WACA,qBACA,kBACA,kBACA,WACA,YACA,YACA,iBACA,gDACA,qCACA,6BACA,UAKF,gBACE,iBACA,iBACA,mBACA,gBACA,uBAEA,+BACE,yCACA,uFAUF,wBAGE,MACA,UACA,cAIJ,8CACE,cAIJ,gBACE,mBACA,qBACA,kBACA,YAEA,sBACE,aACA,kBAGF,oBACE,cACA,4BAIJ,YAEE,mBACA,kBACA,UAEA,kBACE,mBAGF,oBAEE,WACA,qBACA,kBACA,kBACA,UACA,WACA,WACA,YACA,UACA,yCACA,6BACA,UAKN,kCACE,UACE,iBAEA,aACE,kBCxIN,cACE,WAGF,YACE,mBACA,sCAOA,yBAGE,eACA,cAHS,oBAIT,gBAEA,4CACE,4BACA,6BAIJ,cAGE,cAGF,6BACE,iBACA,kBACA,kBAEA,yCACE,yBACA,0BAGF,wCACE,gBAKN,kBACE,aACA,cACA,kBACA,kBACA,yBAEA,oBACE,kBACA,aACA,WACA,gCAIA,0BACE,yCAMN,qBACE,wBACE,6CAIJ,QACE,yBC7EF,MACE,2BACA,2CAKA,qCACE,mBACA,gBAGA,qDACE,gBACA,UACA,WACA,kBACA,cACA,WACA,kBACA,UACA,mBAIF,yCAGE,iBAMN,eACE,iBAGF,oBACE,kBAMA,iEAGE,mBAIJ,kCAIM,qDACE,eAGF,yCACE,mBACA,gBACA","sourcesContent":["/*\n* Mainly scss modules, only imported to `assets/css/main.scss`\n*/\n\n/* ---------- scss placeholder --------- */\n\n%heading {\n color: var(--heading-color);\n font-weight: 400;\n font-family: $font-family-heading;\n}\n\n%section {\n main & {\n margin-top: 2.5rem;\n margin-bottom: 1.25rem;\n\n &:focus {\n outline: none; /* avoid outline in Safari */\n }\n }\n}\n\n%anchor {\n .anchor {\n font-size: 80%;\n }\n\n @media (hover: hover) {\n .anchor {\n visibility: hidden;\n opacity: 0;\n transition: opacity 0.25s ease-in, visibility 0s ease-in 0.25s;\n }\n\n &:hover {\n .anchor {\n visibility: visible;\n opacity: 1;\n transition: opacity 0.25s ease-in, visibility 0s ease-in 0s;\n }\n }\n }\n}\n\n%tag-hover {\n background: var(--tag-hover);\n transition: background 0.35s ease-in-out;\n}\n\n%table-cell {\n padding: 0.4rem 1rem;\n font-size: 95%;\n white-space: nowrap;\n}\n\n%link-hover {\n color: #d2603a !important;\n border-bottom: 1px solid #d2603a;\n text-decoration: none;\n}\n\n%link-color {\n color: var(--link-color);\n}\n\n%link-underline {\n border-bottom: 1px solid var(--link-underline-color);\n}\n\n%clickable-transition {\n transition: all 0.3s ease-in-out;\n}\n\n%no-cursor {\n -webkit-user-select: none;\n -moz-user-select: none;\n -ms-user-select: none;\n user-select: none;\n}\n\n%no-bottom-border {\n border-bottom: none;\n}\n\n%cursor-pointer {\n cursor: pointer;\n}\n\n%normal-font-style {\n font-style: normal;\n}\n\n%rounded {\n border-radius: $base-radius;\n}\n\n%img-caption {\n + em {\n display: block;\n text-align: center;\n font-style: normal;\n font-size: 80%;\n padding: 0;\n color: #6d6c6c;\n }\n}\n\n%sidebar-links {\n color: var(--sidebar-muted-color);\n -webkit-user-select: none;\n -moz-user-select: none;\n -ms-user-select: none;\n user-select: none;\n}\n\n%text-clip {\n display: -webkit-box;\n overflow: hidden;\n text-overflow: ellipsis;\n -webkit-line-clamp: 2;\n -webkit-box-orient: vertical;\n}\n\n%text-highlight {\n color: var(--text-muted-hightlight-color);\n font-weight: 600;\n}\n\n%text-sm {\n font-size: 0.85rem;\n}\n\n%text-xs {\n font-size: 0.8rem;\n}\n\n%sup-fn-target {\n &:target {\n background-color: var(--footnote-target-bg);\n width: -moz-fit-content;\n width: -webkit-fit-content;\n width: fit-content;\n transition: background-color 1.75s ease-in-out;\n }\n}\n\n/* ---------- scss mixin --------- */\n\n@mixin mt-mb($value) {\n margin-top: $value;\n margin-bottom: $value;\n}\n\n@mixin ml-mr($value) {\n margin-left: $value;\n margin-right: $value;\n}\n\n@mixin pt-pb($val) {\n padding-top: $val;\n padding-bottom: $val;\n}\n\n@mixin pl-pr($val) {\n padding-left: $val;\n padding-right: $val;\n}\n\n@mixin placeholder {\n color: var(--text-muted-color) !important;\n}\n\n@mixin placeholder-focus {\n opacity: 0.6;\n}\n\n@mixin label($font-size: 1rem, $font-weight: 600, $color: var(--label-color)) {\n color: $color;\n font-size: $font-size;\n font-weight: $font-weight;\n}\n\n@mixin align-center {\n position: relative;\n left: 50%;\n transform: translateX(-50%);\n}\n\n@mixin prompt($type, $fa-content, $fa-style: 'solid') {\n &.prompt-#{$type} {\n background-color: var(--prompt-#{$type}-bg);\n\n &::before {\n content: $fa-content;\n color: var(--prompt-#{$type}-icon-color);\n font: var(--fa-font-#{$fa-style});\n }\n }\n}\n","/*\n * The SCSS variables\n */\n\n/* sidebar */\n\n$sidebar-width: 260px !default; /* the basic width */\n$sidebar-width-large: 300px !default; /* screen width: >= 1650px */\n$sb-btn-gap: 0.8rem !default;\n$sb-btn-gap-lg: 1rem !default;\n\n/* other framework sizes */\n\n$topbar-height: 3rem !default;\n$search-max-width: 200px !default;\n$footer-height: 5rem !default;\n$footer-height-large: 6rem !default; /* screen width: < 850px */\n$main-content-max-width: 1250px !default;\n$base-radius: 0.625rem !default;\n$back2top-size: 2.75rem !default;\n\n/* syntax highlight */\n\n$code-font-size: 0.85rem !default;\n$code-header-height: 2.25rem !default;\n$code-dot-size: 0.75rem !default;\n$code-dot-gap: 0.5rem !default;\n$code-icon-width: 1.75rem !default;\n\n/* fonts */\n\n$font-family-base: 'Source Sans Pro', 'Microsoft Yahei', sans-serif !default;\n$font-family-heading: Lato, 'Microsoft Yahei', sans-serif !default;\n","/*\n* The syntax highlight.\n*/\n\n@import 'colors/syntax-light';\n@import 'colors/syntax-dark';\n\nhtml {\n @media (prefers-color-scheme: light) {\n &:not([data-mode]),\n &[data-mode='light'] {\n @include light-syntax;\n }\n\n &[data-mode='dark'] {\n @include dark-syntax;\n }\n }\n\n @media (prefers-color-scheme: dark) {\n &:not([data-mode]),\n &[data-mode='dark'] {\n @include dark-syntax;\n }\n\n &[data-mode='light'] {\n @include light-syntax;\n }\n }\n}\n\n/* -- code snippets -- */\n\n%code-snippet-bg {\n background-color: var(--highlight-bg-color);\n}\n\n%code-snippet-padding {\n padding-left: 1rem;\n padding-right: 1.5rem;\n}\n\n.highlighter-rouge {\n color: var(--highlighter-rouge-color);\n margin-top: 0.5rem;\n margin-bottom: 1.2em; /* Override BS Inline-code style */\n}\n\n.highlight {\n @extend %rounded;\n @extend %code-snippet-bg;\n\n @at-root figure#{&} {\n @extend %code-snippet-bg;\n }\n\n overflow: auto;\n padding-bottom: 0.75rem;\n\n pre {\n margin-bottom: 0;\n font-size: $code-font-size;\n line-height: 1.4rem;\n word-wrap: normal; /* Fixed Safari overflow-x */\n }\n\n table {\n td {\n &:first-child {\n display: inline-block;\n margin-left: 1rem;\n margin-right: 0.75rem;\n }\n\n &:last-child {\n padding-right: 2rem !important;\n }\n\n pre {\n overflow: visible; /* Fixed iOS safari overflow-x */\n word-break: normal; /* Fixed iOS safari linenos code break */\n }\n }\n }\n\n .lineno {\n text-align: right;\n color: var(--highlight-lineno-color);\n -webkit-user-select: none;\n -moz-user-select: none;\n -o-user-select: none;\n -ms-user-select: none;\n user-select: none;\n }\n} /* .highlight */\n\ncode {\n -webkit-hyphens: none;\n -ms-hyphens: none;\n hyphens: none;\n color: var(--code-color);\n\n &.highlighter-rouge {\n font-size: $code-font-size;\n padding: 3px 5px;\n word-break: break-word;\n border-radius: 4px;\n background-color: var(--inline-code-bg);\n }\n\n &.filepath {\n background-color: inherit;\n color: var(--filepath-text-color);\n font-weight: 600;\n padding: 0;\n }\n\n a > &.highlighter-rouge {\n padding-bottom: 0; /* show link's underlinke */\n color: inherit;\n }\n\n a:hover > &.highlighter-rouge {\n border-bottom: none;\n }\n\n blockquote & {\n color: inherit;\n }\n}\n\ntd.rouge-code {\n @extend %code-snippet-padding;\n\n /*\n Prevent some browser extends from\n changing the URL string of code block.\n */\n a {\n color: inherit !important;\n border-bottom: none !important;\n pointer-events: none;\n }\n}\n\ndiv[class^='language-'] {\n @extend %rounded;\n @extend %code-snippet-bg;\n\n box-shadow: var(--language-border-color) 0 0 0 1px;\n\n .content > & {\n @include ml-mr(-1rem);\n\n border-radius: 0;\n }\n\n .highlight {\n border-top-left-radius: 0;\n border-top-right-radius: 0;\n }\n}\n\n/* Hide line numbers for default, console, and terminal code snippets */\ndiv {\n &.nolineno,\n &.language-plaintext,\n &.language-console,\n &.language-terminal {\n td:first-child {\n padding: 0 !important;\n margin-right: 0;\n\n .lineno {\n display: none;\n }\n }\n }\n}\n\n.code-header {\n @extend %no-cursor;\n\n display: flex;\n justify-content: space-between;\n align-items: center;\n height: $code-header-height;\n margin-left: 0.75rem;\n margin-right: 0.25rem;\n\n /* the label block */\n span {\n line-height: $code-header-height;\n\n /* label icon */\n i {\n font-size: 1rem;\n width: $code-icon-width;\n color: var(--code-header-icon-color);\n\n &.small {\n font-size: 70%;\n }\n }\n\n @at-root [file] #{&} > i {\n position: relative;\n top: 1px; /* center the file icon */\n }\n\n /* label text */\n &::after {\n content: attr(data-label-text);\n font-size: 0.85rem;\n font-weight: 600;\n color: var(--code-header-text-color);\n }\n }\n\n /* clipboard */\n button {\n @extend %cursor-pointer;\n @extend %rounded;\n\n border: 1px solid transparent;\n height: $code-header-height;\n width: $code-header-height;\n padding: 0;\n background-color: inherit;\n\n i {\n color: var(--code-header-icon-color);\n }\n\n &[timeout] {\n &:hover {\n border-color: var(--clipboard-checked-color);\n }\n\n i {\n color: var(--clipboard-checked-color);\n }\n }\n\n &:focus {\n outline: none;\n }\n\n &:not([timeout]):hover {\n background-color: rgba(128, 128, 128, 0.37);\n\n i {\n color: white;\n }\n }\n }\n}\n\n@media all and (min-width: 576px) {\n div[class^='language-'] {\n .content > & {\n @include ml-mr(0);\n\n border-radius: $base-radius;\n }\n\n .code-header {\n @include ml-mr(0);\n\n $dot-margin: 1rem;\n\n &::before {\n content: '';\n display: inline-block;\n margin-left: $dot-margin;\n width: $code-dot-size;\n height: $code-dot-size;\n border-radius: 50%;\n background-color: var(--code-header-muted-color);\n box-shadow: ($code-dot-size + $code-dot-gap) 0 0\n var(--code-header-muted-color),\n ($code-dot-size + $code-dot-gap) * 2 0 0\n var(--code-header-muted-color);\n }\n\n span {\n // center the text of label\n margin-left: calc(($dot-margin + $code-dot-size) / 2 * -1);\n }\n }\n }\n}\n","/*\n * The syntax light mode code snippet colors.\n */\n\n@mixin light-syntax {\n /* --- custom light colors --- */\n --language-border-color: #ececec;\n --highlight-bg-color: #f6f8fa;\n --highlighter-rouge-color: #3f596f;\n --highlight-lineno-color: #9e9e9e;\n --inline-code-bg: #f6f6f7;\n --code-color: #3a3a3a;\n --code-header-text-color: #a3a3a3;\n --code-header-muted-color: #e5e5e5;\n --code-header-icon-color: #c9c8c8;\n --clipboard-checked-color: #43c743;\n\n [class^='prompt-'] {\n --inline-code-bg: #fbfafa;\n }\n\n /* --- Syntax highlight theme from `rougify style github` --- */\n\n .highlight table td {\n padding: 5px;\n }\n\n .highlight table pre {\n margin: 0;\n }\n\n .highlight,\n .highlight .w {\n color: #24292f;\n background-color: #f6f8fa;\n }\n\n .highlight .k,\n .highlight .kd,\n .highlight .kn,\n .highlight .kp,\n .highlight .kr,\n .highlight .kt,\n .highlight .kv {\n color: #cf222e;\n }\n\n .highlight .gr {\n color: #f6f8fa;\n }\n\n .highlight .gd {\n color: #82071e;\n background-color: #ffebe9;\n }\n\n .highlight .nb {\n color: #953800;\n }\n\n .highlight .nc {\n color: #953800;\n }\n\n .highlight .no {\n color: #953800;\n }\n\n .highlight .nn {\n color: #953800;\n }\n\n .highlight .sr {\n color: #116329;\n }\n\n .highlight .na {\n color: #116329;\n }\n\n .highlight .nt {\n color: #116329;\n }\n\n .highlight .gi {\n color: #116329;\n background-color: #dafbe1;\n }\n\n .highlight .kc {\n color: #0550ae;\n }\n\n .highlight .l,\n .highlight .ld,\n .highlight .m,\n .highlight .mb,\n .highlight .mf,\n .highlight .mh,\n .highlight .mi,\n .highlight .il,\n .highlight .mo,\n .highlight .mx {\n color: #0550ae;\n }\n\n .highlight .sb {\n color: #0550ae;\n }\n\n .highlight .bp {\n color: #0550ae;\n }\n\n .highlight .ne {\n color: #0550ae;\n }\n\n .highlight .nl {\n color: #0550ae;\n }\n\n .highlight .py {\n color: #0550ae;\n }\n\n .highlight .nv,\n .highlight .vc,\n .highlight .vg,\n .highlight .vi,\n .highlight .vm {\n color: #0550ae;\n }\n\n .highlight .o,\n .highlight .ow {\n color: #0550ae;\n }\n\n .highlight .gh {\n color: #0550ae;\n font-weight: bold;\n }\n\n .highlight .gu {\n color: #0550ae;\n font-weight: bold;\n }\n\n .highlight .s,\n .highlight .sa,\n .highlight .sc,\n .highlight .dl,\n .highlight .sd,\n .highlight .s2,\n .highlight .se,\n .highlight .sh,\n .highlight .sx,\n .highlight .s1,\n .highlight .ss {\n color: #0a3069;\n }\n\n .highlight .nd {\n color: #8250df;\n }\n\n .highlight .nf,\n .highlight .fm {\n color: #8250df;\n }\n\n .highlight .err {\n color: #f6f8fa;\n background-color: #82071e;\n }\n\n .highlight .c,\n .highlight .ch,\n .highlight .cd,\n .highlight .cm,\n .highlight .cp,\n .highlight .cpf,\n .highlight .c1,\n .highlight .cs {\n color: #68717a;\n }\n\n .highlight .gl {\n color: #68717a;\n }\n\n .highlight .gt {\n color: #68717a;\n }\n\n .highlight .ni {\n color: #24292f;\n }\n\n .highlight .si {\n color: #24292f;\n }\n\n .highlight .ge {\n color: #24292f;\n font-style: italic;\n }\n\n .highlight .gs {\n color: #24292f;\n font-weight: bold;\n }\n} /* light-syntax */\n","/*\n * The syntax dark mode styles.\n */\n\n@mixin dark-syntax {\n --language-border-color: #2d2d2d;\n --highlight-bg-color: #151515;\n --highlighter-rouge-color: #c9def1;\n --highlight-lineno-color: #808080;\n --inline-code-bg: #323238;\n --code-color: #b0b0b0;\n --code-header-text-color: #6a6a6a;\n --code-header-muted-color: #353535;\n --code-header-icon-color: #565656;\n --clipboard-checked-color: #2bcc2b;\n --filepath-text-color: #cacaca;\n\n .highlight .gp {\n color: #87939d;\n }\n\n /* --- Syntax highlight theme from `rougify style base16.dark` --- */\n\n .highlight table td {\n padding: 5px;\n }\n\n .highlight table pre {\n margin: 0;\n }\n\n .highlight,\n .highlight .w {\n color: #d0d0d0;\n background-color: #151515;\n }\n\n .highlight .err {\n color: #151515;\n background-color: #ac4142;\n }\n\n .highlight .c,\n .highlight .ch,\n .highlight .cd,\n .highlight .cm,\n .highlight .cpf,\n .highlight .c1,\n .highlight .cs {\n color: #848484;\n }\n\n .highlight .cp {\n color: #f4bf75;\n }\n\n .highlight .nt {\n color: #f4bf75;\n }\n\n .highlight .o,\n .highlight .ow {\n color: #d0d0d0;\n }\n\n .highlight .p,\n .highlight .pi {\n color: #d0d0d0;\n }\n\n .highlight .gi {\n color: #90a959;\n }\n\n .highlight .gd {\n color: #f08a8b;\n background-color: #320000;\n }\n\n .highlight .gh {\n color: #6a9fb5;\n background-color: #151515;\n font-weight: bold;\n }\n\n .highlight .k,\n .highlight .kn,\n .highlight .kp,\n .highlight .kr,\n .highlight .kv {\n color: #aa759f;\n }\n\n .highlight .kc {\n color: #d28445;\n }\n\n .highlight .kt {\n color: #d28445;\n }\n\n .highlight .kd {\n color: #d28445;\n }\n\n .highlight .s,\n .highlight .sb,\n .highlight .sc,\n .highlight .dl,\n .highlight .sd,\n .highlight .s2,\n .highlight .sh,\n .highlight .sx,\n .highlight .s1 {\n color: #90a959;\n }\n\n .highlight .sa {\n color: #aa759f;\n }\n\n .highlight .sr {\n color: #75b5aa;\n }\n\n .highlight .si {\n color: #b76d45;\n }\n\n .highlight .se {\n color: #b76d45;\n }\n\n .highlight .nn {\n color: #f4bf75;\n }\n\n .highlight .nc {\n color: #f4bf75;\n }\n\n .highlight .no {\n color: #f4bf75;\n }\n\n .highlight .na {\n color: #6a9fb5;\n }\n\n .highlight .m,\n .highlight .mb,\n .highlight .mf,\n .highlight .mh,\n .highlight .mi,\n .highlight .il,\n .highlight .mo,\n .highlight .mx {\n color: #90a959;\n }\n\n .highlight .ss {\n color: #90a959;\n }\n}\n","/* The common styles */\n\nhtml {\n @media (prefers-color-scheme: light) {\n &:not([data-mode]),\n &[data-mode='light'] {\n @include light-scheme;\n }\n\n &[data-mode='dark'] {\n @include dark-scheme;\n }\n }\n\n @media (prefers-color-scheme: dark) {\n &:not([data-mode]),\n &[data-mode='dark'] {\n @include dark-scheme;\n }\n\n &[data-mode='light'] {\n @include light-scheme;\n }\n }\n\n font-size: 16px;\n}\n\nbody {\n background: var(--main-bg);\n padding: env(safe-area-inset-top) env(safe-area-inset-right)\n env(safe-area-inset-bottom) env(safe-area-inset-left);\n color: var(--text-color);\n -webkit-font-smoothing: antialiased;\n font-family: $font-family-base;\n}\n\n/* --- Typography --- */\n\n@for $i from 1 through 5 {\n h#{$i} {\n @extend %heading;\n\n @if $i > 1 {\n @extend %section;\n @extend %anchor;\n }\n\n @if $i < 5 {\n $factor: 0.18rem;\n\n @if $i == 1 {\n $factor: 0.23rem;\n }\n\n font-size: 1rem + (5 - $i) * $factor;\n } @else {\n font-size: 1rem;\n }\n }\n}\n\na {\n @extend %link-color;\n\n text-decoration: none;\n}\n\nimg {\n max-width: 100%;\n height: auto;\n transition: all 0.35s ease-in-out;\n\n .blur & {\n $blur: 20px;\n\n -webkit-filter: blur($blur);\n filter: blur($blur);\n }\n}\n\nblockquote {\n border-left: 5px solid var(--blockquote-border-color);\n padding-left: 1rem;\n color: var(--blockquote-text-color);\n\n > p:last-child {\n margin-bottom: 0;\n }\n\n &[class^='prompt-'] {\n border-left: 0;\n position: relative;\n padding: 1rem 1rem 1rem 3rem;\n color: var(--prompt-text-color);\n\n @extend %rounded;\n\n &::before {\n text-align: center;\n width: 3rem;\n position: absolute;\n left: 0.25rem;\n margin-top: 0.4rem;\n text-rendering: auto;\n -webkit-font-smoothing: antialiased;\n }\n }\n\n @include prompt('tip', '\\f0eb', 'regular');\n @include prompt('info', '\\f06a');\n @include prompt('warning', '\\f06a');\n @include prompt('danger', '\\f071');\n}\n\nkbd {\n font-family: inherit;\n display: inline-block;\n vertical-align: middle;\n line-height: 1.3rem;\n min-width: 1.75rem;\n text-align: center;\n margin: 0 0.3rem;\n padding-top: 0.1rem;\n color: var(--kbd-text-color);\n background-color: var(--kbd-bg-color);\n border-radius: 0.25rem;\n border: solid 1px var(--kbd-wrap-color);\n box-shadow: inset 0 -2px 0 var(--kbd-wrap-color);\n}\n\nfooter {\n background-color: var(--main-bg);\n height: $footer-height;\n border-top: 1px solid var(--main-border-color);\n\n @extend %text-xs;\n\n a {\n @extend %text-highlight;\n\n &:hover {\n @extend %link-hover;\n }\n }\n\n em {\n @extend %text-highlight;\n }\n\n p {\n text-align: center;\n margin-bottom: 0;\n }\n}\n\n/* fontawesome icons */\ni {\n &.far,\n &.fas {\n @extend %no-cursor;\n }\n}\n\n/* --- Panels --- */\n\n.access {\n top: 2rem;\n transition: top 0.2s ease-in-out;\n margin-top: 3rem;\n margin-bottom: 4rem;\n\n &:only-child {\n position: -webkit-sticky;\n position: sticky;\n }\n\n > section {\n padding-left: 1rem;\n border-left: 1px solid var(--main-border-color);\n\n &:not(:last-child) {\n margin-bottom: 4rem;\n }\n }\n\n .content {\n font-size: 0.9rem;\n }\n}\n\n#panel-wrapper {\n /* the headings */\n .panel-heading {\n font-family: inherit;\n line-height: inherit;\n\n @include label(inherit);\n }\n\n .post-tag {\n line-height: 1.05rem;\n font-size: 0.85rem;\n border-radius: 0.8rem;\n padding: 0.3rem 0.5rem;\n margin: 0 0.35rem 0.5rem 0;\n\n &:hover {\n transition: all 0.3s ease-in;\n }\n }\n}\n\n#access-lastmod {\n a {\n &:hover {\n @extend %link-hover;\n }\n\n @extend %no-bottom-border;\n\n color: inherit;\n }\n}\n\n.footnotes > ol {\n padding-left: 2rem;\n margin-top: 0.5rem;\n\n > li {\n &:not(:last-child) {\n margin-bottom: 0.3rem;\n }\n\n @extend %sup-fn-target;\n\n > p {\n margin-left: 0.25em;\n margin-top: 0;\n margin-bottom: 0;\n }\n }\n}\n\n.footnote {\n @at-root a#{&} {\n @include ml-mr(1px);\n @include pl-pr(2px);\n\n border-bottom-style: none !important;\n }\n}\n\nsup {\n @extend %sup-fn-target;\n}\n\n.reversefootnote {\n @at-root a#{&} {\n font-size: 0.6rem;\n line-height: 1;\n position: relative;\n bottom: 0.25em;\n margin-left: 0.25em;\n border-bottom-style: none !important;\n }\n}\n\n/* --- Begin of Markdown table style --- */\n\n/* it will be created by Liquid */\n.table-wrapper {\n overflow-x: auto;\n margin-bottom: 1.5rem;\n\n > table {\n min-width: 100%;\n overflow-x: auto;\n border-spacing: 0;\n\n thead {\n border-bottom: solid 2px rgba(210, 215, 217, 0.75);\n\n th {\n @extend %table-cell;\n }\n }\n\n tbody {\n tr {\n border-bottom: 1px solid var(--tb-border-color);\n\n &:nth-child(2n) {\n background-color: var(--tb-even-bg);\n }\n\n &:nth-child(2n + 1) {\n background-color: var(--tb-odd-bg);\n }\n\n td {\n @extend %table-cell;\n }\n }\n } /* tbody */\n } /* table */\n}\n\n/* --- post --- */\n\n.preview-img {\n aspect-ratio: 40 / 21;\n width: 100%;\n height: 100%;\n overflow: hidden;\n\n @extend %rounded;\n\n &:not(.no-bg) {\n background: var(--img-bg);\n }\n\n img {\n height: 100%;\n -o-object-fit: cover;\n object-fit: cover;\n\n @extend %rounded;\n\n @at-root #post-list & {\n width: 100%;\n }\n }\n}\n\n.post-preview {\n @extend %rounded;\n\n border: 0;\n background: var(--card-bg);\n box-shadow: var(--card-shadow);\n\n &::before {\n @extend %rounded;\n\n content: '';\n width: 100%;\n height: 100%;\n position: absolute;\n background-color: var(--card-hovor-bg);\n opacity: 0;\n transition: opacity 0.35s ease-in-out;\n }\n\n &:hover {\n &::before {\n opacity: 0.3;\n }\n }\n}\n\nmain {\n line-height: 1.75;\n\n h1 {\n margin-top: 2rem;\n margin-bottom: 1.5rem;\n }\n\n p {\n > a.popup {\n &:not(.normal):not(.left):not(.right) {\n @include align-center;\n }\n }\n }\n\n .categories,\n #tags,\n #archives {\n a:not(:hover) {\n @extend %no-bottom-border;\n }\n }\n}\n\n.post-meta {\n @extend %text-sm;\n\n a {\n &:not([class]):hover {\n @extend %link-hover;\n }\n }\n\n em {\n @extend %normal-font-style;\n }\n}\n\n.content {\n font-size: 1.08rem;\n margin-top: 2rem;\n overflow-wrap: break-word;\n\n a {\n &.popup {\n @extend %no-cursor;\n @extend %img-caption;\n @include mt-mb(0.5rem);\n\n cursor: zoom-in;\n }\n\n &:not(.img-link) {\n @extend %link-underline;\n\n &:hover {\n @extend %link-hover;\n }\n }\n }\n\n ol,\n ul {\n &:not([class]),\n &.task-list {\n -webkit-padding-start: 1.75rem;\n padding-inline-start: 1.75rem;\n\n li {\n margin: 0.25rem 0;\n padding-left: 0.25rem;\n }\n\n ol,\n ul {\n -webkit-padding-start: 1.25rem;\n padding-inline-start: 1.25rem;\n margin: 0.5rem 0;\n }\n }\n }\n\n ul.task-list {\n -webkit-padding-start: 1.25rem;\n padding-inline-start: 1.25rem;\n\n li {\n list-style-type: none;\n padding-left: 0;\n\n /* checkbox icon */\n > i {\n width: 2rem;\n margin-left: -1.25rem;\n color: var(--checkbox-color);\n\n &.checked {\n color: var(--checkbox-checked-color);\n }\n }\n\n ul {\n -webkit-padding-start: 1.75rem;\n padding-inline-start: 1.75rem;\n }\n }\n\n input[type='checkbox'] {\n margin: 0 0.5rem 0.2rem -1.3rem;\n vertical-align: middle;\n }\n } /* ul */\n\n dl > dd {\n margin-left: 1rem;\n }\n\n ::marker {\n color: var(--text-muted-color);\n }\n} /* .content */\n\n.tag:hover {\n @extend %tag-hover;\n}\n\n.post-tag {\n display: inline-block;\n min-width: 2rem;\n text-align: center;\n border-radius: 0.5rem;\n border: 1px solid var(--btn-border-color);\n padding: 0 0.4rem;\n color: var(--text-muted-color);\n line-height: 1.3rem;\n\n &:not(:last-child) {\n margin-right: 0.2rem;\n }\n}\n\n.rounded-10 {\n border-radius: 10px !important;\n}\n\n.img-link {\n color: transparent;\n display: inline-flex;\n}\n\n.shimmer {\n overflow: hidden;\n position: relative;\n background: var(--img-bg);\n\n &::before {\n content: '';\n position: absolute;\n background: var(--shimmer-bg);\n height: 100%;\n width: 100%;\n -webkit-animation: shimmer 1.3s infinite;\n animation: shimmer 1.3s infinite;\n }\n\n @-webkit-keyframes shimmer {\n 0% {\n transform: translateX(-100%);\n }\n\n 100% {\n transform: translateX(100%);\n }\n }\n\n @keyframes shimmer {\n 0% {\n transform: translateX(-100%);\n }\n\n 100% {\n transform: translateX(100%);\n }\n }\n}\n\n.embed-video {\n width: 100%;\n height: 100%;\n margin-bottom: 1rem;\n\n @extend %rounded;\n\n &.youtube,\n &.bilibili {\n aspect-ratio: 16 / 9;\n }\n\n &.twitch {\n aspect-ratio: 310 / 189;\n }\n}\n\n/* --- buttons --- */\n.btn-lang {\n border: 1px solid !important;\n padding: 1px 3px;\n border-radius: 3px;\n color: var(--link-color);\n\n &:focus {\n box-shadow: none;\n }\n}\n\n/* --- Effects classes --- */\n\n.loaded {\n display: block !important;\n\n @at-root .d-flex#{&} {\n display: flex !important;\n }\n}\n\n.unloaded {\n display: none !important;\n}\n\n.visible {\n visibility: visible !important;\n}\n\n.hidden {\n visibility: hidden !important;\n}\n\n.flex-grow-1 {\n flex-grow: 1 !important;\n}\n\n.btn-box-shadow {\n box-shadow: var(--card-shadow);\n}\n\n/* overwrite bootstrap muted */\n.text-muted {\n color: var(--text-muted-color) !important;\n}\n\n/* Overwrite bootstrap tooltip */\n.tooltip-inner {\n font-size: 0.7rem;\n max-width: 220px;\n text-align: left;\n}\n\n/* Overwrite bootstrap outline button */\n.btn.btn-outline-primary {\n &:not(.disabled):hover {\n border-color: #007bff !important;\n }\n}\n\n.disabled {\n color: rgb(206, 196, 196);\n pointer-events: auto;\n cursor: not-allowed;\n}\n\n.hide-border-bottom {\n border-bottom: none !important;\n}\n\n.input-focus {\n box-shadow: none;\n border-color: var(--input-focus-border-color) !important;\n background: center !important;\n transition: background-color 0.15s ease-in-out, border-color 0.15s ease-in-out;\n}\n\n.left {\n float: left;\n margin: 0.75rem 1rem 1rem 0;\n}\n\n.right {\n float: right;\n margin: 0.75rem 0 1rem 1rem;\n}\n\n/* --- Overriding --- */\n\n/* magnific-popup */\n\nfigure .mfp-title {\n text-align: center;\n padding-right: 0;\n margin-top: 0.5rem;\n}\n\n.mfp-img {\n transition: none;\n}\n\n/* mermaid */\n.mermaid {\n text-align: center;\n}\n\n/* MathJax */\nmjx-container {\n overflow-y: hidden;\n min-width: auto !important;\n}\n\n/* --- sidebar layout --- */\n\n$sidebar-display: 'sidebar-display';\n$btn-border-width: 3px;\n$btn-mb: 0.5rem;\n\n#sidebar {\n @include pl-pr(0);\n\n position: fixed;\n top: 0;\n left: 0;\n height: 100%;\n overflow-y: auto;\n width: $sidebar-width;\n z-index: 99;\n background: var(--sidebar-bg);\n border-right: 1px solid var(--sidebar-border-color);\n\n /* Hide scrollbar for Chrome, Safari and Opera */\n &::-webkit-scrollbar {\n display: none;\n }\n\n /* Hide scrollbar for IE, Edge and Firefox */\n -ms-overflow-style: none; /* IE and Edge */\n scrollbar-width: none; /* Firefox */\n\n %sidebar-link-hover {\n &:hover {\n color: var(--sidebar-active-color);\n }\n }\n\n a {\n @extend %sidebar-links;\n }\n\n #avatar {\n display: block;\n width: 7rem;\n height: 7rem;\n overflow: hidden;\n box-shadow: var(--avatar-border-color) 0 0 0 2px;\n transform: translateZ(0); /* fixed the zoom in Safari */\n\n img {\n transition: transform 0.5s;\n\n &:hover {\n transform: scale(1.2);\n }\n }\n }\n\n .profile-wrapper {\n @include mt-mb(2.5rem);\n @extend %clickable-transition;\n\n padding-left: 2.5rem;\n padding-right: 1.25rem;\n width: 100%;\n }\n\n .site-title {\n font-family: inherit;\n font-weight: 900;\n font-size: 1.75rem;\n line-height: 1.2;\n letter-spacing: 0.25px;\n margin-top: 1.25rem;\n margin-bottom: 0.5rem;\n\n a {\n @extend %clickable-transition;\n @extend %sidebar-link-hover;\n\n color: var(--site-title-color);\n }\n }\n\n .site-subtitle {\n font-size: 95%;\n color: var(--site-subtitle-color);\n margin-top: 0.25rem;\n word-spacing: 1px;\n -webkit-user-select: none;\n -moz-user-select: none;\n -ms-user-select: none;\n user-select: none;\n }\n\n ul {\n margin-bottom: 2rem;\n\n li.nav-item {\n opacity: 0.9;\n width: 100%;\n padding-left: 1.5rem;\n padding-right: 1.5rem;\n\n a.nav-link {\n @include pt-pb(0.6rem);\n\n display: flex;\n align-items: center;\n border-radius: 0.75rem;\n font-weight: 600;\n\n &:hover {\n background-color: var(--sidebar-hover-bg);\n }\n\n i {\n font-size: 95%;\n opacity: 0.8;\n margin-right: 1.5rem;\n }\n\n span {\n font-size: 90%;\n letter-spacing: 0.2px;\n }\n }\n\n &.active {\n .nav-link {\n color: var(--sidebar-active-color);\n background-color: var(--sidebar-hover-bg);\n\n span {\n opacity: 1;\n }\n }\n }\n\n &:not(:first-child) {\n margin-top: 0.25rem;\n }\n }\n }\n\n .sidebar-bottom {\n padding-left: 2rem;\n padding-right: 1rem;\n margin-bottom: 1.5rem;\n\n $btn-size: 1.75rem;\n\n %button {\n width: $btn-size;\n height: $btn-size;\n margin-bottom: $btn-mb; // multi line gap\n border-radius: 50%;\n color: var(--sidebar-btn-color);\n background-color: var(--sidebar-btn-bg);\n text-align: center;\n display: flex;\n align-items: center;\n justify-content: center;\n box-shadow: var(--sidebar-border-color) 0 0 0 1px;\n\n &:hover {\n background-color: var(--sidebar-hover-bg);\n }\n }\n\n a {\n @extend %button;\n @extend %sidebar-link-hover;\n @extend %clickable-transition;\n\n &:not(:last-child) {\n margin-right: $sb-btn-gap;\n }\n }\n\n i {\n line-height: $btn-size;\n }\n\n .mode-toggle {\n padding: 0;\n border: 0;\n\n @extend %button;\n @extend %sidebar-links;\n @extend %sidebar-link-hover;\n }\n\n .icon-border {\n @extend %no-cursor;\n @include ml-mr(calc(($sb-btn-gap - $btn-border-width) / 2));\n\n background-color: var(--sidebar-btn-color);\n content: '';\n width: $btn-border-width;\n height: $btn-border-width;\n border-radius: 50%;\n margin-bottom: $btn-mb;\n }\n } /* .sidebar-bottom */\n} /* #sidebar */\n\n@media (hover: hover) {\n #sidebar ul > li:last-child::after {\n transition: top 0.5s ease;\n }\n\n .nav-link {\n transition: background-color 0.3s ease-in-out;\n }\n\n .post-preview {\n transition: background-color 0.35s ease-in-out;\n }\n}\n\n#search-result-wrapper {\n display: none;\n height: 100%;\n width: 100%;\n overflow: auto;\n\n .content {\n margin-top: 2rem;\n }\n}\n\n/* --- top-bar --- */\n\n#topbar-wrapper {\n height: $topbar-height;\n background-color: var(--topbar-bg);\n}\n\n#topbar {\n button i {\n color: #999999;\n }\n\n #breadcrumb {\n font-size: 1rem;\n color: var(--text-muted-color);\n padding-left: 0.5rem;\n\n a:hover {\n @extend %link-hover;\n }\n\n span {\n &:not(:last-child) {\n &::after {\n content: '›';\n padding: 0 0.3rem;\n }\n }\n }\n }\n} /* #topbar */\n\n::-webkit-input-placeholder {\n @include placeholder;\n}\n\n::-moz-placeholder {\n @include placeholder;\n}\n\n:-ms-input-placeholder {\n @include placeholder;\n}\n\n::-ms-input-placeholder {\n @include placeholder;\n}\n\n::placeholder {\n @include placeholder;\n}\n\n:focus::-webkit-input-placeholder {\n @include placeholder-focus;\n}\n\n:focus::-moz-placeholder {\n @include placeholder-focus;\n}\n\n:focus:-ms-input-placeholder {\n @include placeholder-focus;\n}\n\n:focus::-ms-input-placeholder {\n @include placeholder-focus;\n}\n\n:focus::placeholder {\n @include placeholder-focus;\n}\n\nsearch {\n display: flex;\n width: 100%;\n border-radius: 1rem;\n border: 1px solid var(--search-border-color);\n background: var(--main-bg);\n padding: 0 0.5rem;\n\n i {\n z-index: 2;\n font-size: 0.9rem;\n color: var(--search-icon-color);\n }\n}\n\n#sidebar-trigger,\n#search-trigger {\n display: none;\n}\n\n/* 'Cancel' link */\n#search-cancel {\n color: var(--link-color);\n display: none;\n white-space: nowrap;\n\n @extend %cursor-pointer;\n}\n\n#search-input {\n background: center;\n border: 0;\n border-radius: 0;\n padding: 0.18rem 0.3rem;\n color: var(--text-color);\n height: auto;\n\n &:focus {\n box-shadow: none;\n }\n}\n\n#search-hints {\n padding: 0 1rem;\n\n h4 {\n margin-bottom: 1.5rem;\n }\n\n .post-tag {\n display: inline-block;\n line-height: 1rem;\n font-size: 1rem;\n background: var(--search-tag-bg);\n border: none;\n padding: 0.5rem;\n margin: 0 1.25rem 1rem 0;\n\n &::before {\n content: '#';\n color: var(--text-muted-color);\n padding-right: 0.2rem;\n }\n\n @extend %link-color;\n }\n}\n\n#search-results {\n padding-bottom: 3rem;\n\n a {\n &:hover {\n @extend %link-hover;\n }\n\n @extend %link-color;\n @extend %no-bottom-border;\n @extend %heading;\n\n font-size: 1.4rem;\n line-height: 2.5rem;\n }\n\n > article {\n width: 100%;\n\n &:not(:last-child) {\n margin-bottom: 1rem;\n }\n\n /* icons */\n i {\n color: #818182;\n margin-right: 0.15rem;\n font-size: 80%;\n }\n\n > p {\n overflow: hidden;\n text-overflow: ellipsis;\n display: -webkit-box;\n -webkit-line-clamp: 3;\n -webkit-box-orient: vertical;\n }\n }\n} /* #search-results */\n\n#topbar-title {\n display: none;\n font-size: 1.1rem;\n font-weight: 600;\n font-family: sans-serif;\n color: var(--topbar-text-color);\n text-align: center;\n width: 70%;\n overflow: hidden;\n text-overflow: ellipsis;\n word-break: keep-all;\n white-space: nowrap;\n}\n\n#mask {\n display: none;\n position: fixed;\n inset: 0 0 0 0;\n height: 100%;\n width: 100%;\n z-index: 1;\n\n @at-root [#{$sidebar-display}] & {\n display: block !important;\n }\n}\n\n/* --- basic wrappers --- */\n\n#main-wrapper {\n position: relative;\n\n @include pl-pr(0);\n\n > .container {\n min-height: 100vh;\n }\n}\n\n#topbar-wrapper.row,\n#main-wrapper > .container > .row,\n#search-result-wrapper > .row {\n @include ml-mr(0);\n}\n\n#tail-wrapper {\n > :not(script) {\n margin-top: 3rem;\n }\n}\n\n/* --- button back-to-top --- */\n\n#back-to-top {\n display: none;\n z-index: 1;\n cursor: pointer;\n position: fixed;\n right: 1rem;\n bottom: calc($footer-height-large - $back2top-size / 2);\n background: var(--button-bg);\n color: var(--btn-backtotop-color);\n padding: 0;\n width: $back2top-size;\n height: $back2top-size;\n border-radius: 50%;\n border: 1px solid var(--btn-backtotop-border-color);\n transition: transform 0.2s ease-out;\n -webkit-transition: transform 0.2s ease-out;\n\n &:hover {\n transform: translate3d(0, -5px, 0);\n -webkit-transform: translate3d(0, -5px, 0);\n }\n\n i {\n line-height: $back2top-size;\n position: relative;\n bottom: 2px;\n }\n}\n\n#notification {\n @-webkit-keyframes popup {\n from {\n opacity: 0;\n bottom: 0;\n }\n }\n\n @keyframes popup {\n from {\n opacity: 0;\n bottom: 0;\n }\n }\n\n .toast-header {\n background: none;\n border-bottom: none;\n color: inherit;\n }\n\n .toast-body {\n font-family: Lato, sans-serif;\n line-height: 1.25rem;\n\n button {\n font-size: 90%;\n min-width: 4rem;\n }\n }\n\n &.toast {\n &.show {\n display: block;\n min-width: 20rem;\n border-radius: 0.5rem;\n -webkit-backdrop-filter: blur(10px);\n backdrop-filter: blur(10px);\n background-color: rgba(255, 255, 255, 0.5);\n color: #1b1b1eba;\n position: fixed;\n left: 50%;\n bottom: 20%;\n transform: translateX(-50%);\n -webkit-animation: popup 0.8s;\n animation: popup 0.8s;\n }\n }\n}\n\n/*\n Responsive Design:\n\n {sidebar, content, panel} >= 1200px screen width\n {sidebar, content} >= 850px screen width\n {content} <= 849px screen width\n\n*/\n\n@media all and (max-width: 576px) {\n main {\n .content {\n > blockquote[class^='prompt-'] {\n @include ml-mr(-1rem);\n\n border-radius: 0;\n max-width: none;\n }\n }\n }\n\n #avatar {\n width: 5rem;\n height: 5rem;\n }\n}\n\n@media all and (max-width: 768px) {\n %full-width {\n max-width: 100%;\n }\n\n #topbar {\n @extend %full-width;\n }\n\n #main-wrapper > .container {\n @extend %full-width;\n @include pl-pr(0);\n }\n}\n\n/* hide sidebar and panel */\n@media all and (max-width: 849px) {\n @mixin slide($append: null) {\n $basic: transform 0.4s ease;\n\n @if $append {\n transition: $basic, $append;\n } @else {\n transition: $basic;\n }\n }\n\n footer {\n @include slide;\n\n height: $footer-height-large;\n padding: 1.5rem 0;\n }\n\n [#{$sidebar-display}] {\n #sidebar {\n transform: translateX(0);\n }\n\n #main-wrapper {\n transform: translateX($sidebar-width);\n }\n\n #back-to-top {\n visibility: hidden;\n }\n }\n\n #sidebar {\n @include slide;\n\n transform: translateX(-$sidebar-width); /* hide */\n -webkit-transform: translateX(-$sidebar-width);\n }\n\n #main-wrapper {\n @include slide;\n }\n\n #topbar,\n #main-wrapper > .container {\n max-width: 100%;\n }\n\n #search-result-wrapper {\n width: 100%;\n }\n\n #breadcrumb,\n search {\n display: none;\n }\n\n #topbar-wrapper {\n @include slide(top 0.2s ease);\n\n left: 0;\n }\n\n main,\n #panel-wrapper {\n margin-top: 0;\n }\n\n #topbar-title,\n #sidebar-trigger,\n #search-trigger {\n display: block;\n }\n\n #search-result-wrapper .content {\n letter-spacing: 0;\n }\n\n #tags {\n justify-content: center !important;\n }\n\n h1.dynamic-title {\n display: none;\n\n ~ .content {\n margin-top: 2.5rem;\n }\n }\n} /* max-width: 849px */\n\n/* Sidebar is visible */\n@media all and (min-width: 850px) {\n /* Solved jumping scrollbar */\n html {\n overflow-y: scroll;\n }\n\n #main-wrapper {\n margin-left: $sidebar-width;\n }\n\n #sidebar {\n .profile-wrapper {\n margin-top: 3rem;\n }\n }\n\n #search-hints {\n display: none;\n }\n\n search {\n max-width: $search-max-width;\n }\n\n #search-result-wrapper {\n max-width: $main-content-max-width;\n justify-content: start !important;\n }\n\n main {\n h1 {\n margin-top: 3rem;\n }\n }\n\n div.content .table-wrapper > table {\n min-width: 70%;\n }\n\n /* button 'back-to-Top' position */\n #back-to-top {\n right: 5%;\n bottom: calc($footer-height - $back2top-size / 2);\n }\n\n #topbar-title {\n text-align: left;\n }\n}\n\n/* Pad horizontal */\n@media all and (min-width: 992px) and (max-width: 1199px) {\n #main-wrapper > .container .col-lg-11 {\n flex: 0 0 96%;\n max-width: 96%;\n }\n}\n\n/* Compact icons in sidebar & panel hidden */\n@media all and (min-width: 850px) and (max-width: 1199px) {\n #search-results > div {\n max-width: 700px;\n }\n\n #breadcrumb {\n width: 65%;\n overflow: hidden;\n text-overflow: ellipsis;\n word-break: keep-all;\n white-space: nowrap;\n }\n}\n\n/* panel hidden */\n@media all and (max-width: 1199px) {\n #panel-wrapper {\n display: none;\n }\n\n #main-wrapper > .container > div.row {\n justify-content: center !important;\n }\n}\n\n/* --- desktop mode, both sidebar and panel are visible --- */\n\n@media all and (min-width: 1200px) {\n search {\n margin-right: 4rem;\n }\n\n #search-input {\n transition: all 0.3s ease-in-out;\n }\n\n #search-results > article {\n width: 45%;\n\n &:nth-child(odd) {\n margin-right: 1.5rem;\n }\n\n &:nth-child(even) {\n margin-left: 1.5rem;\n }\n\n &:last-child:nth-child(odd) {\n position: relative;\n right: 24.3%;\n }\n }\n\n .content {\n font-size: 1.03rem;\n }\n}\n\n@media all and (min-width: 1400px) {\n #back-to-top {\n right: calc((100vw - $sidebar-width - 1140px) / 2 + 3rem);\n }\n}\n\n@media all and (min-width: 1650px) {\n $icon-gap: 1rem;\n\n #main-wrapper {\n margin-left: $sidebar-width-large;\n }\n\n #topbar-wrapper {\n left: $sidebar-width-large;\n }\n\n search {\n margin-right: calc(\n $main-content-max-width / 4 - $search-max-width - 0.75rem\n );\n }\n\n #main-wrapper > .container {\n max-width: $main-content-max-width;\n padding-left: 1.75rem !important;\n padding-right: 1.75rem !important;\n }\n\n main.col-12,\n #tail-wrapper {\n padding-right: 4.5rem !important;\n }\n\n #back-to-top {\n right: calc(\n (100vw - $sidebar-width-large - $main-content-max-width) / 2 + 2rem\n );\n }\n\n #sidebar {\n width: $sidebar-width-large;\n\n .profile-wrapper {\n margin-top: 3.5rem;\n margin-bottom: 2.5rem;\n padding-left: 3.5rem;\n }\n\n ul {\n li.nav-item {\n @include pl-pr(2.75rem);\n }\n }\n\n .sidebar-bottom {\n padding-left: 2.75rem;\n margin-bottom: 1.75rem;\n\n a:not(:last-child) {\n margin-right: $sb-btn-gap-lg;\n }\n\n .icon-border {\n @include ml-mr(calc(($sb-btn-gap-lg - $btn-border-width) / 2));\n }\n }\n }\n} /* min-width: 1650px */\n","/*\n * The syntax light mode typography colors\n */\n\n@mixin light-scheme {\n /* Framework color */\n --main-bg: white;\n --mask-bg: #c1c3c5;\n --main-border-color: #f3f3f3;\n\n /* Common color */\n --text-color: #34343c;\n --text-muted-color: #757575;\n --text-muted-hightlight-color: inherit;\n --heading-color: #2a2a2a;\n --label-color: #585858;\n --blockquote-border-color: #eeeeee;\n --blockquote-text-color: #757575;\n --link-color: #0056b2;\n --link-underline-color: #dee2e6;\n --button-bg: #ffffff;\n --btn-border-color: #e9ecef;\n --btn-backtotop-color: #686868;\n --btn-backtotop-border-color: #f1f1f1;\n --btn-box-shadow: #eaeaea;\n --checkbox-color: #c5c5c5;\n --checkbox-checked-color: #07a8f7;\n --img-bg: radial-gradient(\n circle,\n rgb(255, 255, 255) 0%,\n rgb(239, 239, 239) 100%\n );\n --shimmer-bg: linear-gradient(\n 90deg,\n rgba(250, 250, 250, 0) 0%,\n rgba(232, 230, 230, 1) 50%,\n rgba(250, 250, 250, 0) 100%\n );\n\n /* Sidebar */\n --site-title-color: rgb(113, 113, 113);\n --site-subtitle-color: #717171;\n --sidebar-bg: #f6f8fa;\n --sidebar-border-color: #efefef;\n --sidebar-muted-color: #545454;\n --sidebar-active-color: #1d1d1d;\n --sidebar-hover-bg: rgb(223, 233, 241, 0.64);\n --sidebar-btn-bg: white;\n --sidebar-btn-color: #8e8e8e;\n --avatar-border-color: white;\n\n /* Topbar */\n --topbar-bg: rgb(255, 255, 255, 0.7);\n --topbar-text-color: rgb(78, 78, 78);\n --search-border-color: rgb(240, 240, 240);\n --search-icon-color: #c2c6cc;\n --input-focus-border-color: #b8b8b8;\n\n /* Home page */\n --post-list-text-color: dimgray;\n --btn-patinator-text-color: #555555;\n --btn-paginator-hover-color: var(--sidebar-bg);\n\n /* Posts */\n --toc-highlight: #0550ae;\n --btn-share-color: gray;\n --btn-share-hover-color: #0d6efd;\n --card-bg: white;\n --card-hovor-bg: #e2e2e2;\n --card-shadow: rgb(104, 104, 104, 0.05) 0 2px 6px 0,\n rgba(211, 209, 209, 0.15) 0 0 0 1px;\n --footnote-target-bg: lightcyan;\n --tb-odd-bg: #fbfcfd;\n --tb-border-color: #eaeaea;\n --dash-color: silver;\n --kbd-wrap-color: #bdbdbd;\n --kbd-text-color: var(--text-color);\n --kbd-bg-color: white;\n --prompt-text-color: rgb(46, 46, 46, 0.77);\n --prompt-tip-bg: rgb(123, 247, 144, 0.2);\n --prompt-tip-icon-color: #03b303;\n --prompt-info-bg: #e1f5fe;\n --prompt-info-icon-color: #0070cb;\n --prompt-warning-bg: rgb(255, 243, 205);\n --prompt-warning-icon-color: #ef9c03;\n --prompt-danger-bg: rgb(248, 215, 218, 0.56);\n --prompt-danger-icon-color: #df3c30;\n\n /* Tags */\n --tag-border: #dee2e6;\n --tag-shadow: var(--btn-border-color);\n --tag-hover: rgb(222, 226, 230);\n --search-tag-bg: #f8f9fa;\n\n [class^='prompt-'] {\n --link-underline-color: rgb(219, 216, 216);\n }\n\n .dark {\n display: none;\n }\n\n /* Categories */\n --categories-border: rgba(0, 0, 0, 0.125);\n --categories-hover-bg: var(--btn-border-color);\n --categories-icon-hover-color: darkslategray;\n\n /* Archive */\n --timeline-color: rgba(0, 0, 0, 0.075);\n --timeline-node-bg: #c2c6cc;\n --timeline-year-dot-color: #ffffff;\n} /* light-scheme */\n","/*\n * The main dark mode styles\n */\n\n@mixin dark-scheme {\n /* Framework color */\n --main-bg: rgb(27, 27, 30);\n --mask-bg: rgb(68, 69, 70);\n --main-border-color: rgb(44, 45, 45);\n\n /* Common color */\n --text-color: rgb(175, 176, 177);\n --text-muted-color: #868686;\n --text-muted-hightlight-color: #aeaeae;\n --heading-color: #cccccc;\n --label-color: #a7a7a7;\n --blockquote-border-color: rgb(66, 66, 66);\n --blockquote-text-color: #868686;\n --link-color: rgb(138, 180, 248);\n --link-underline-color: rgb(82, 108, 150);\n --button-bg: #1e1e1e;\n --btn-border-color: #2e2f31;\n --btn-backtotop-color: var(--text-color);\n --btn-backtotop-border-color: #212122;\n --btn-box-shadow: var(--main-bg);\n --card-header-bg: #292929;\n --checkbox-color: rgb(118, 120, 121);\n --checkbox-checked-color: var(--link-color);\n --img-bg: radial-gradient(circle, rgb(22, 22, 24) 0%, rgb(32, 32, 32) 100%);\n --shimmer-bg: linear-gradient(\n 90deg,\n rgba(255, 255, 255, 0) 0%,\n rgba(58, 55, 55, 0.4) 50%,\n rgba(255, 255, 255, 0) 100%\n );\n\n /* Sidebar */\n --site-title-color: #717070;\n --site-subtitle-color: #868686;\n --sidebar-bg: #1e1e1e;\n --sidebar-border-color: #292929;\n --sidebar-muted-color: #868686;\n --sidebar-active-color: rgb(255, 255, 255, 0.95);\n --sidebar-hover-bg: #262626;\n --sidebar-btn-bg: #232328;\n --sidebar-btn-color: #787878;\n --avatar-border-color: rgb(206, 206, 206, 0.9);\n\n /* Topbar */\n --topbar-bg: rgb(27, 27, 30, 0.64);\n --topbar-text-color: var(--text-color);\n --search-border-color: rgb(55, 55, 55);\n --search-icon-color: rgb(100, 102, 105);\n --input-focus-border-color: rgb(112, 114, 115);\n\n /* Home page */\n --post-list-text-color: rgb(175, 176, 177);\n --btn-patinator-text-color: var(--text-color);\n --btn-paginator-hover-color: #2e2e2e;\n\n /* Posts */\n --toc-highlight: rgb(116, 178, 243);\n --tag-hover: rgb(43, 56, 62);\n --tb-odd-bg: #252526; /* odd rows of the posts' table */\n --tb-even-bg: rgb(31, 31, 34); /* even rows of the posts' table */\n --tb-border-color: var(--tb-odd-bg);\n --footnote-target-bg: rgb(63, 81, 181);\n --btn-share-color: #6c757d;\n --btn-share-hover-color: #bfc1ca;\n --card-bg: #1e1e1e;\n --card-hovor-bg: #464d51;\n --card-shadow: rgb(21, 21, 21, 0.72) 0 6px 18px 0,\n rgb(137, 135, 135, 0.24) 0 0 0 1px;\n --kbd-wrap-color: #6a6a6a;\n --kbd-text-color: #d3d3d3;\n --kbd-bg-color: #242424;\n --prompt-text-color: rgb(216, 212, 212, 0.75);\n --prompt-tip-bg: rgb(22, 60, 36, 0.64);\n --prompt-tip-icon-color: rgb(15, 164, 15, 0.81);\n --prompt-info-bg: rgb(7, 59, 104, 0.8);\n --prompt-info-icon-color: #0075d1;\n --prompt-warning-bg: rgb(90, 69, 3, 0.88);\n --prompt-warning-icon-color: rgb(255, 165, 0, 0.8);\n --prompt-danger-bg: rgb(86, 28, 8, 0.8);\n --prompt-danger-icon-color: #cd0202;\n\n /* tags */\n --tag-border: rgb(59, 79, 88);\n --tag-shadow: rgb(32, 33, 33);\n --dash-color: rgb(63, 65, 68);\n --search-tag-bg: #292828;\n\n /* categories */\n --categories-border: rgb(64, 66, 69, 0.5);\n --categories-hover-bg: rgb(73, 75, 76);\n --categories-icon-hover-color: white;\n\n /* archives */\n --timeline-node-bg: rgb(150, 152, 156);\n --timeline-color: rgb(63, 65, 68);\n --timeline-year-dot-color: var(--timeline-color);\n\n .light {\n display: none;\n }\n\n hr {\n border-color: var(--main-border-color);\n }\n\n /* categories */\n .categories.card,\n .list-group-item {\n background-color: var(--card-bg);\n }\n\n .categories {\n .card-header {\n background-color: var(--card-header-bg);\n }\n\n .list-group-item {\n border-left: none;\n border-right: none;\n padding-left: 2rem;\n border-color: var(--categories-border);\n\n &:last-child {\n border-bottom-color: var(--card-bg);\n }\n }\n }\n\n #archives li:nth-child(odd) {\n background-image: linear-gradient(\n to left,\n rgb(26, 26, 30),\n rgb(39, 39, 45),\n rgb(39, 39, 45),\n rgb(39, 39, 45),\n rgb(26, 26, 30)\n );\n }\n\n color-scheme: dark;\n\n /* stylelint-disable-next-line selector-id-pattern */\n #disqus_thread {\n color-scheme: none;\n }\n} /* dark-scheme */\n","/*\n Style for Homepage\n*/\n\n#post-list {\n margin-top: 2rem;\n\n .card-wrapper {\n &:hover {\n text-decoration: none;\n }\n\n &:not(:last-child) {\n margin-bottom: 1.25rem;\n }\n }\n\n .card {\n border: 0;\n background: none;\n\n %img-radius {\n border-radius: $base-radius $base-radius 0 0;\n }\n\n .preview-img {\n @extend %img-radius;\n\n img {\n @extend %img-radius;\n }\n }\n\n .card-body {\n height: 100%;\n padding: 1rem;\n\n .card-title {\n @extend %text-clip;\n\n color: var(--heading-color) !important;\n font-size: 1.25rem;\n }\n\n %muted {\n color: var(--text-muted-color) !important;\n }\n\n .card-text.content {\n @extend %muted;\n\n p {\n @extend %text-clip;\n\n line-height: 1.5;\n margin: 0;\n }\n }\n\n .post-meta {\n @extend %muted;\n\n i {\n &:not(:first-child) {\n margin-left: 1.5rem;\n }\n }\n\n em {\n @extend %normal-font-style;\n\n color: inherit;\n }\n\n > div:first-child {\n display: block;\n white-space: nowrap;\n overflow: hidden;\n text-overflow: ellipsis;\n }\n }\n }\n }\n} /* #post-list */\n\n.pagination {\n color: var(--text-color);\n font-family: Lato, sans-serif;\n justify-content: space-evenly;\n\n a:hover {\n text-decoration: none;\n }\n\n .page-item {\n .page-link {\n color: var(--btn-patinator-text-color);\n padding: 0 0.6rem;\n display: -webkit-box;\n -webkit-box-pack: center;\n -webkit-box-align: center;\n border-radius: 0.5rem;\n border: 0;\n background-color: inherit;\n }\n\n &.active {\n .page-link {\n background-color: var(--btn-paginator-hover-color);\n }\n }\n\n &:not(.active) {\n .page-link {\n &:hover {\n box-shadow: inset var(--btn-border-color) 0 0 0 1px;\n }\n }\n }\n\n &.disabled {\n cursor: not-allowed;\n\n .page-link {\n color: rgba(108, 117, 125, 0.57);\n }\n }\n } /* .page-item */\n} /* .pagination */\n\n/* Tablet */\n@media all and (min-width: 768px) {\n %img-radius {\n border-radius: 0 $base-radius $base-radius 0;\n }\n\n #post-list {\n .card {\n .card-body {\n padding: 1.75rem 1.75rem 1.25rem 1.75rem;\n\n .card-text {\n display: inherit !important;\n }\n\n .post-meta {\n i {\n &:not(:first-child) {\n margin-left: 1.75rem;\n }\n }\n }\n }\n }\n }\n}\n\n/* Hide SideBar and TOC */\n@media all and (max-width: 830px) {\n .pagination {\n .page-item {\n &:not(:first-child):not(:last-child) {\n display: none;\n }\n }\n }\n}\n\n/* Sidebar is visible */\n@media all and (min-width: 831px) {\n #post-list {\n margin-top: 2.5rem;\n }\n\n .pagination {\n font-size: 0.85rem;\n justify-content: center;\n\n .page-item {\n &:not(:last-child) {\n margin-right: 0.7rem;\n }\n }\n\n .page-index {\n display: none;\n }\n } /* .pagination */\n}\n","/*\n Post-specific style\n*/\n\n%btn-post-nav {\n width: 50%;\n position: relative;\n border-color: var(--btn-border-color);\n}\n\n@mixin dot($pl: 0.25rem, $pr: 0.25rem) {\n content: '\\2022';\n padding-left: $pl;\n padding-right: $pr;\n}\n\nh1 + .post-meta {\n > span + span::before {\n @include dot;\n }\n\n em,\n time {\n @extend %text-highlight;\n }\n\n em {\n a {\n color: inherit;\n }\n }\n}\n\n.post-tail-wrapper {\n @extend %text-sm;\n\n margin-top: 6rem;\n border-bottom: 1px double var(--main-border-color);\n\n .license-wrapper {\n line-height: 1.2rem;\n\n > a {\n @extend %text-highlight;\n\n &:hover {\n @extend %link-hover;\n }\n }\n\n span:last-child {\n @extend %text-sm;\n }\n } /* .license-wrapper */\n\n .post-meta a:not(:hover) {\n @extend %link-underline;\n }\n\n .share-wrapper {\n vertical-align: middle;\n -webkit-user-select: none;\n -moz-user-select: none;\n -ms-user-select: none;\n user-select: none;\n\n %icon-size {\n font-size: 1.125rem;\n }\n\n .share-icons {\n display: flex;\n\n i {\n color: var(--btn-share-color);\n\n @extend %icon-size;\n }\n\n > * {\n @extend %icon-size;\n\n margin-left: 0.5rem;\n\n &:hover {\n i {\n @extend %btn-share-hovor;\n }\n }\n }\n\n button {\n padding: 0;\n border: none;\n line-height: inherit;\n\n @extend %cursor-pointer;\n }\n } /* .share-icons */\n } /* .share-wrapper */\n}\n\n.share-mastodon {\n /* See: https://github.com/justinribeiro/share-to-mastodon#properties */\n --wc-stm-font-family: $font-family-base;\n --wc-stm-dialog-background-color: var(--card-bg);\n --wc-stm-form-button-border: 1px solid var(--btn-border-color);\n --wc-stm-form-submit-background-color: var(--sidebar-btn-bg);\n --wc-stm-form-cancel-background-color: var(--sidebar-btn-bg);\n --wc-stm-form-button-background-color-hover: #007bff;\n --wc-stm-form-button-color-hover: white;\n\n font-size: 1rem;\n}\n\n.post-tags {\n line-height: 2rem;\n\n .post-tag {\n &:hover {\n @extend %link-hover;\n @extend %tag-hover;\n @extend %no-bottom-border;\n }\n }\n}\n\n.post-navigation {\n .btn {\n @extend %btn-post-nav;\n\n &:not(:hover) {\n color: var(--link-color);\n }\n\n &:hover {\n &:not(.disabled)::before {\n color: whitesmoke;\n }\n }\n\n &.disabled {\n @extend %btn-post-nav;\n\n pointer-events: auto;\n cursor: not-allowed;\n background: none;\n color: gray;\n }\n\n &.btn-outline-primary.disabled:focus {\n box-shadow: none;\n }\n\n &::before {\n color: var(--text-muted-color);\n font-size: 0.65rem;\n text-transform: uppercase;\n content: attr(aria-label);\n }\n\n &:first-child {\n border-radius: $base-radius 0 0 $base-radius;\n left: 0.5px;\n }\n\n &:last-child {\n border-radius: 0 $base-radius $base-radius 0;\n right: 0.5px;\n }\n }\n\n p {\n font-size: 1.1rem;\n line-height: 1.5rem;\n margin-top: 0.3rem;\n white-space: normal;\n }\n} /* .post-navigation */\n\n@media (hover: hover) {\n .post-navigation {\n .btn,\n .btn::before {\n transition: all 0.35s ease-in-out;\n }\n }\n}\n\n@-webkit-keyframes fade-up {\n from {\n opacity: 0;\n position: relative;\n top: 2rem;\n }\n\n to {\n opacity: 1;\n position: relative;\n top: 0;\n }\n}\n\n@keyframes fade-up {\n from {\n opacity: 0;\n position: relative;\n top: 2rem;\n }\n\n to {\n opacity: 1;\n position: relative;\n top: 0;\n }\n}\n\n#toc-wrapper {\n border-left: 1px solid rgba(158, 158, 158, 0.17);\n position: -webkit-sticky;\n position: sticky;\n top: 4rem;\n transition: top 0.2s ease-in-out;\n -webkit-animation: fade-up 0.8s;\n animation: fade-up 0.8s;\n\n ul {\n list-style: none;\n font-size: 0.85rem;\n line-height: 1.25;\n padding-left: 0;\n\n li {\n &:not(:last-child) {\n margin: 0.4rem 0;\n }\n\n a {\n padding: 0.2rem 0 0.2rem 1.25rem;\n }\n }\n\n /* Overwrite TOC plugin style */\n\n .toc-link {\n display: block;\n white-space: nowrap;\n overflow: hidden;\n text-overflow: ellipsis;\n\n &:hover {\n color: var(--toc-highlight);\n text-decoration: none;\n }\n\n &::before {\n display: none;\n }\n }\n\n .is-active-link {\n color: var(--toc-highlight) !important;\n font-weight: 600;\n\n &::before {\n display: inline-block;\n width: 1px;\n left: -1px;\n height: 1.25rem;\n background-color: var(--toc-highlight) !important;\n }\n }\n\n ul {\n padding-left: 0.75rem;\n }\n }\n}\n\n/* --- Related Posts --- */\n\n#related-posts {\n > h3 {\n @include label(1.1rem, 600);\n }\n\n time {\n @extend %normal-font-style;\n @extend %text-xs;\n\n color: var(--text-muted-color);\n }\n\n p {\n font-size: 0.9rem;\n margin-bottom: 0.5rem;\n overflow: hidden;\n text-overflow: ellipsis;\n display: -webkit-box;\n -webkit-line-clamp: 2;\n -webkit-box-orient: vertical;\n }\n\n .card {\n h4 {\n @extend %text-clip;\n }\n }\n}\n\n/* stylelint-disable-next-line selector-id-pattern */\n#disqus_thread {\n min-height: 8.5rem;\n}\n\n.utterances {\n max-width: 100%;\n}\n\n%btn-share-hovor {\n color: var(--btn-share-hover-color) !important;\n}\n\n.share-label {\n @include label(inherit, 400, inherit);\n\n &::after {\n content: ':';\n }\n}\n\n@media all and (max-width: 576px) {\n .post-tail-bottom {\n flex-wrap: wrap-reverse !important;\n\n > div:first-child {\n width: 100%;\n margin-top: 1rem;\n }\n }\n}\n\n@media all and (max-width: 768px) {\n .content > p > img {\n max-width: calc(100% + 1rem);\n }\n}\n\n/* Hide SideBar and TOC */\n@media all and (max-width: 849px) {\n .post-navigation {\n padding-left: 0;\n padding-right: 0;\n margin-left: -0.5rem;\n margin-right: -0.5rem;\n }\n}\n","/*\n Styles for Tab Tags\n*/\n\n.tag {\n border-radius: 0.7em;\n padding: 6px 8px 7px;\n margin-right: 0.8rem;\n line-height: 3rem;\n letter-spacing: 0;\n border: 1px solid var(--tag-border) !important;\n box-shadow: 0 0 3px 0 var(--tag-shadow);\n\n span {\n margin-left: 0.6em;\n font-size: 0.7em;\n font-family: Oswald, sans-serif;\n }\n}\n","/*\n Style for Archives\n*/\n\n#archives {\n letter-spacing: 0.03rem;\n\n $timeline-width: 4px;\n\n %timeline {\n content: '';\n width: $timeline-width;\n position: relative;\n float: left;\n background-color: var(--timeline-color);\n }\n\n .year {\n height: 3.5rem;\n font-size: 1.5rem;\n position: relative;\n left: 2px;\n margin-left: -$timeline-width;\n\n &::before {\n @extend %timeline;\n\n height: 72px;\n left: 79px;\n bottom: 16px;\n }\n\n &:first-child::before {\n @extend %timeline;\n\n height: 32px;\n top: 24px;\n }\n\n /* Year dot */\n &::after {\n content: '';\n display: inline-block;\n position: relative;\n border-radius: 50%;\n width: 12px;\n height: 12px;\n left: 21.5px;\n border: 3px solid;\n background-color: var(--timeline-year-dot-color);\n border-color: var(--timeline-node-bg);\n box-shadow: 0 0 2px 0 #c2c6cc;\n z-index: 1;\n }\n }\n\n ul {\n li {\n font-size: 1.1rem;\n line-height: 3rem;\n white-space: nowrap;\n overflow: hidden;\n text-overflow: ellipsis;\n\n &:nth-child(odd) {\n background-color: var(--main-bg, #ffffff);\n background-image: linear-gradient(\n to left,\n #ffffff,\n #fbfbfb,\n #fbfbfb,\n #fbfbfb,\n #ffffff\n );\n }\n\n &::before {\n @extend %timeline;\n\n top: 0;\n left: 77px;\n height: 3.1rem;\n }\n }\n\n &:last-child li:last-child::before {\n height: 1.5rem;\n }\n } /* #archives ul */\n\n .date {\n white-space: nowrap;\n display: inline-block;\n position: relative;\n right: 0.5rem;\n\n &.month {\n width: 1.4rem;\n text-align: center;\n }\n\n &.day {\n font-size: 85%;\n font-family: Lato, sans-serif;\n }\n }\n\n a {\n /* post title in Archvies */\n margin-left: 2.5rem;\n position: relative;\n top: 0.1rem;\n\n &:hover {\n border-bottom: none;\n }\n\n &::before {\n /* the dot before post title */\n content: '';\n display: inline-block;\n position: relative;\n border-radius: 50%;\n width: 8px;\n height: 8px;\n float: left;\n top: 1.35rem;\n left: 71px;\n background-color: var(--timeline-node-bg);\n box-shadow: 0 0 3px 0 #c2c6cc;\n z-index: 1;\n }\n }\n} /* #archives */\n\n@media all and (max-width: 576px) {\n #archives {\n margin-top: -1rem;\n\n ul {\n letter-spacing: 0;\n }\n }\n}\n","/*\n Style for Tab Categories\n*/\n\n%category-icon-color {\n color: gray;\n}\n\n.categories {\n margin-bottom: 2rem;\n border-color: var(--categories-border);\n\n &.card,\n .list-group {\n @extend %rounded;\n }\n\n .card-header {\n $radius: calc($base-radius - 1px);\n\n padding: 0.75rem;\n border-radius: $radius;\n border-bottom: 0;\n\n &.hide-border-bottom {\n border-bottom-left-radius: 0;\n border-bottom-right-radius: 0;\n }\n }\n\n i {\n @extend %category-icon-color;\n\n font-size: 86%; /* fontawesome icons */\n }\n\n .list-group-item {\n border-left: none;\n border-right: none;\n padding-left: 2rem;\n\n &:first-child {\n border-top-left-radius: 0;\n border-top-right-radius: 0;\n }\n\n &:last-child {\n border-bottom: 0;\n }\n }\n} /* .categories */\n\n.category-trigger {\n width: 1.7rem;\n height: 1.7rem;\n border-radius: 50%;\n text-align: center;\n color: #6c757d !important;\n\n i {\n position: relative;\n height: 0.7rem;\n width: 1rem;\n transition: transform 300ms ease;\n }\n\n &:hover {\n i {\n color: var(--categories-icon-hover-color);\n }\n }\n}\n\n/* only works on desktop */\n@media (hover: hover) {\n .category-trigger:hover {\n background-color: var(--categories-hover-bg);\n }\n}\n\n.rotate {\n transform: rotate(-90deg);\n}\n","/*\n Style for page Category and Tag\n*/\n\n.dash {\n margin: 0 0.5rem 0.6rem 0.5rem;\n border-bottom: 2px dotted var(--dash-color);\n}\n\n#page-category,\n#page-tag {\n ul > li {\n line-height: 1.5rem;\n padding: 0.6rem 0;\n\n /* dot */\n &::before {\n background: #999999;\n width: 5px;\n height: 5px;\n border-radius: 50%;\n display: block;\n content: '';\n position: relative;\n top: 0.6rem;\n margin-right: 0.5rem;\n }\n\n /* post's title */\n > a {\n @extend %no-bottom-border;\n\n font-size: 1.1rem;\n }\n }\n}\n\n/* tag icon */\n#page-tag h1 > i {\n font-size: 1.2rem;\n}\n\n#page-category h1 > i {\n font-size: 1.25rem;\n}\n\n#page-category,\n#page-tag,\n#access-lastmod {\n a:hover {\n @extend %link-hover;\n\n margin-bottom: -1px; /* Avoid jumping */\n }\n}\n\n@media all and (max-width: 576px) {\n #page-category,\n #page-tag {\n ul > li {\n &::before {\n margin: 0 0.5rem;\n }\n\n > a {\n white-space: nowrap;\n overflow: hidden;\n text-overflow: ellipsis;\n }\n }\n }\n}\n"],"file":"jekyll-theme-chirpy.css"} \ No newline at end of file diff --git a/assets/img/favicons/android-chrome-192x192.png b/assets/img/favicons/android-chrome-192x192.png new file mode 100644 index 0000000000..bdcb964fb7 Binary files /dev/null and b/assets/img/favicons/android-chrome-192x192.png differ diff --git a/assets/img/favicons/android-chrome-512x512.png b/assets/img/favicons/android-chrome-512x512.png new file mode 100644 index 0000000000..f94b459ca3 Binary files /dev/null and b/assets/img/favicons/android-chrome-512x512.png differ diff --git a/assets/img/favicons/android-icon-144x144.png b/assets/img/favicons/android-icon-144x144.png new file mode 100644 index 0000000000..c34d8d0239 Binary files /dev/null and b/assets/img/favicons/android-icon-144x144.png differ diff --git a/assets/img/favicons/android-icon-192x192.png b/assets/img/favicons/android-icon-192x192.png new file mode 100644 index 0000000000..ade309f1df Binary files /dev/null and b/assets/img/favicons/android-icon-192x192.png differ diff --git a/assets/img/favicons/android-icon-36x36.png b/assets/img/favicons/android-icon-36x36.png new file mode 100644 index 0000000000..c70db463a5 Binary files /dev/null and b/assets/img/favicons/android-icon-36x36.png differ diff --git a/assets/img/favicons/android-icon-48x48.png b/assets/img/favicons/android-icon-48x48.png new file mode 100644 index 0000000000..08943d63e2 Binary files /dev/null and b/assets/img/favicons/android-icon-48x48.png differ diff --git a/assets/img/favicons/android-icon-72x72.png b/assets/img/favicons/android-icon-72x72.png new file mode 100644 index 0000000000..1988239197 Binary files /dev/null and b/assets/img/favicons/android-icon-72x72.png differ diff --git a/assets/img/favicons/android-icon-96x96.png b/assets/img/favicons/android-icon-96x96.png new file mode 100644 index 0000000000..fb24ce77ad Binary files /dev/null and b/assets/img/favicons/android-icon-96x96.png differ diff --git a/assets/img/favicons/apple-icon-114x114.png b/assets/img/favicons/apple-icon-114x114.png new file mode 100644 index 0000000000..bd0a4e81e2 Binary files /dev/null and b/assets/img/favicons/apple-icon-114x114.png differ diff --git a/assets/img/favicons/apple-icon-120x120.png b/assets/img/favicons/apple-icon-120x120.png new file mode 100644 index 0000000000..8199567709 Binary files /dev/null and b/assets/img/favicons/apple-icon-120x120.png differ diff --git a/assets/img/favicons/apple-icon-144x144.png b/assets/img/favicons/apple-icon-144x144.png new file mode 100644 index 0000000000..c34d8d0239 Binary files /dev/null and b/assets/img/favicons/apple-icon-144x144.png differ diff --git a/assets/img/favicons/apple-icon-152x152.png b/assets/img/favicons/apple-icon-152x152.png new file mode 100644 index 0000000000..1d26e452f6 Binary files /dev/null and b/assets/img/favicons/apple-icon-152x152.png differ diff --git a/assets/img/favicons/apple-icon-180x180.png b/assets/img/favicons/apple-icon-180x180.png new file mode 100644 index 0000000000..71467ff32f Binary files /dev/null and b/assets/img/favicons/apple-icon-180x180.png differ diff --git a/assets/img/favicons/apple-icon-57x57.png b/assets/img/favicons/apple-icon-57x57.png new file mode 100644 index 0000000000..1d72aa166e Binary files /dev/null and b/assets/img/favicons/apple-icon-57x57.png differ diff --git a/assets/img/favicons/apple-icon-60x60.png b/assets/img/favicons/apple-icon-60x60.png new file mode 100644 index 0000000000..1e51469402 Binary files /dev/null and b/assets/img/favicons/apple-icon-60x60.png differ diff --git a/assets/img/favicons/apple-icon-72x72.png b/assets/img/favicons/apple-icon-72x72.png new file mode 100644 index 0000000000..1988239197 Binary files /dev/null and b/assets/img/favicons/apple-icon-72x72.png differ diff --git a/assets/img/favicons/apple-icon-76x76.png b/assets/img/favicons/apple-icon-76x76.png new file mode 100644 index 0000000000..077a913ce0 Binary files /dev/null and b/assets/img/favicons/apple-icon-76x76.png differ diff --git a/assets/img/favicons/apple-icon-precomposed.png b/assets/img/favicons/apple-icon-precomposed.png new file mode 100644 index 0000000000..05816c765a Binary files /dev/null and b/assets/img/favicons/apple-icon-precomposed.png differ diff --git a/assets/img/favicons/apple-icon.png b/assets/img/favicons/apple-icon.png new file mode 100644 index 0000000000..05816c765a Binary files /dev/null and b/assets/img/favicons/apple-icon.png differ diff --git a/assets/img/favicons/apple-touch-icon.png b/assets/img/favicons/apple-touch-icon.png new file mode 100644 index 0000000000..9980778da5 Binary files /dev/null and b/assets/img/favicons/apple-touch-icon.png differ diff --git a/assets/img/favicons/browserconfig.xml b/assets/img/favicons/browserconfig.xml new file mode 100644 index 0000000000..54217f7c0f --- /dev/null +++ b/assets/img/favicons/browserconfig.xml @@ -0,0 +1 @@ + #da532c diff --git a/assets/img/favicons/favicon-16x16.png b/assets/img/favicons/favicon-16x16.png new file mode 100644 index 0000000000..1d3b22f275 Binary files /dev/null and b/assets/img/favicons/favicon-16x16.png differ diff --git a/assets/img/favicons/favicon-32x32.png b/assets/img/favicons/favicon-32x32.png new file mode 100644 index 0000000000..3d364b99fd Binary files /dev/null and b/assets/img/favicons/favicon-32x32.png differ diff --git a/assets/img/favicons/favicon-96x96.png b/assets/img/favicons/favicon-96x96.png new file mode 100644 index 0000000000..fb24ce77ad Binary files /dev/null and b/assets/img/favicons/favicon-96x96.png differ diff --git a/assets/img/favicons/favicon.ico b/assets/img/favicons/favicon.ico new file mode 100644 index 0000000000..1b04157e00 Binary files /dev/null and b/assets/img/favicons/favicon.ico differ diff --git a/assets/img/favicons/ms-icon-144x144.png b/assets/img/favicons/ms-icon-144x144.png new file mode 100644 index 0000000000..c34d8d0239 Binary files /dev/null and b/assets/img/favicons/ms-icon-144x144.png differ diff --git a/assets/img/favicons/ms-icon-150x150.png b/assets/img/favicons/ms-icon-150x150.png new file mode 100644 index 0000000000..edcb4566b5 Binary files /dev/null and b/assets/img/favicons/ms-icon-150x150.png differ diff --git a/assets/img/favicons/ms-icon-310x310.png b/assets/img/favicons/ms-icon-310x310.png new file mode 100644 index 0000000000..7848c68317 Binary files /dev/null and b/assets/img/favicons/ms-icon-310x310.png differ diff --git a/assets/img/favicons/ms-icon-70x70.png b/assets/img/favicons/ms-icon-70x70.png new file mode 100644 index 0000000000..71e028b9f5 Binary files /dev/null and b/assets/img/favicons/ms-icon-70x70.png differ diff --git a/assets/img/favicons/mstile-150x150.png b/assets/img/favicons/mstile-150x150.png new file mode 100644 index 0000000000..4636ce0b69 Binary files /dev/null and b/assets/img/favicons/mstile-150x150.png differ diff --git a/assets/img/favicons/site.webmanifest b/assets/img/favicons/site.webmanifest new file mode 100644 index 0000000000..1d49ad4444 --- /dev/null +++ b/assets/img/favicons/site.webmanifest @@ -0,0 +1 @@ +{ "name": "Techno Tim", "short_name": "Techno Tim", "description": "Techno Tim Home - Documentation and More", "icons": [ { "src": "/assets/img/favicons/android-chrome-192x192.png", "sizes": "192x192", "type": "image/png" }, { "src": "/assets/img/favicons/android-chrome-512x512.png", "sizes": "512x512", "type": "image/png" }], "start_url": "/index.html", "theme_color": "#2a1e6b", "background_color": "#ffffff", "display": "fullscreen" } diff --git a/assets/img/headers/100-door.webp b/assets/img/headers/100-door.webp new file mode 100644 index 0000000000..fda0c31d96 Binary files /dev/null and b/assets/img/headers/100-door.webp differ diff --git a/assets/img/headers/45-homelab-creator-summit.webp b/assets/img/headers/45-homelab-creator-summit.webp new file mode 100644 index 0000000000..f2389e0d8e Binary files /dev/null and b/assets/img/headers/45-homelab-creator-summit.webp differ diff --git a/assets/img/headers/45drives-storage-summit.webp b/assets/img/headers/45drives-storage-summit.webp new file mode 100644 index 0000000000..4a2963d5b4 Binary files /dev/null and b/assets/img/headers/45drives-storage-summit.webp differ diff --git a/assets/img/headers/advanced-kubernetes-networking-hero.webp b/assets/img/headers/advanced-kubernetes-networking-hero.webp new file mode 100644 index 0000000000..b01d4823c4 Binary files /dev/null and b/assets/img/headers/advanced-kubernetes-networking-hero.webp differ diff --git a/assets/img/headers/age-install.webp b/assets/img/headers/age-install.webp new file mode 100644 index 0000000000..4d07c6198b Binary files /dev/null and b/assets/img/headers/age-install.webp differ diff --git a/assets/img/headers/ai-stack-tutorial.webp b/assets/img/headers/ai-stack-tutorial.webp new file mode 100644 index 0000000000..1edd217aba Binary files /dev/null and b/assets/img/headers/ai-stack-tutorial.webp differ diff --git a/assets/img/headers/avocado.webp b/assets/img/headers/avocado.webp new file mode 100644 index 0000000000..5da27ff34a Binary files /dev/null and b/assets/img/headers/avocado.webp differ diff --git a/assets/img/headers/beach-regret.webp b/assets/img/headers/beach-regret.webp new file mode 100644 index 0000000000..5d07951c73 Binary files /dev/null and b/assets/img/headers/beach-regret.webp differ diff --git a/assets/img/headers/blackhole-gold.webp b/assets/img/headers/blackhole-gold.webp new file mode 100644 index 0000000000..c5caef9887 Binary files /dev/null and b/assets/img/headers/blackhole-gold.webp differ diff --git a/assets/img/headers/block-dark.webp b/assets/img/headers/block-dark.webp new file mode 100644 index 0000000000..daed4bee6d Binary files /dev/null and b/assets/img/headers/block-dark.webp differ diff --git a/assets/img/headers/books-shelf.webp b/assets/img/headers/books-shelf.webp new file mode 100644 index 0000000000..81824ce092 Binary files /dev/null and b/assets/img/headers/books-shelf.webp differ diff --git a/assets/img/headers/box-purple.webp b/assets/img/headers/box-purple.webp new file mode 100644 index 0000000000..5c74fa3999 Binary files /dev/null and b/assets/img/headers/box-purple.webp differ diff --git a/assets/img/headers/brick-door.webp b/assets/img/headers/brick-door.webp new file mode 100644 index 0000000000..626a875b0c Binary files /dev/null and b/assets/img/headers/brick-door.webp differ diff --git a/assets/img/headers/bridge-water.webp b/assets/img/headers/bridge-water.webp new file mode 100644 index 0000000000..7bba2aa2d9 Binary files /dev/null and b/assets/img/headers/bridge-water.webp differ diff --git a/assets/img/headers/camera-neon.webp b/assets/img/headers/camera-neon.webp new file mode 100644 index 0000000000..1f1603c9c7 Binary files /dev/null and b/assets/img/headers/camera-neon.webp differ diff --git a/assets/img/headers/car-assembly.webp b/assets/img/headers/car-assembly.webp new file mode 100644 index 0000000000..108b52159c Binary files /dev/null and b/assets/img/headers/car-assembly.webp differ diff --git a/assets/img/headers/card-joker.webp b/assets/img/headers/card-joker.webp new file mode 100644 index 0000000000..712eed6e03 Binary files /dev/null and b/assets/img/headers/card-joker.webp differ diff --git a/assets/img/headers/certificate-desk.webp b/assets/img/headers/certificate-desk.webp new file mode 100644 index 0000000000..73b1354854 Binary files /dev/null and b/assets/img/headers/certificate-desk.webp differ diff --git a/assets/img/headers/change-detection-docker-hero.webp b/assets/img/headers/change-detection-docker-hero.webp new file mode 100644 index 0000000000..be19d3362e Binary files /dev/null and b/assets/img/headers/change-detection-docker-hero.webp differ diff --git a/assets/img/headers/charts-paper.webp b/assets/img/headers/charts-paper.webp new file mode 100644 index 0000000000..1c9b70780d Binary files /dev/null and b/assets/img/headers/charts-paper.webp differ diff --git a/assets/img/headers/cloud-geese-smoke.webp b/assets/img/headers/cloud-geese-smoke.webp new file mode 100644 index 0000000000..e2d025c3a6 Binary files /dev/null and b/assets/img/headers/cloud-geese-smoke.webp differ diff --git a/assets/img/headers/cloud-moon.webp b/assets/img/headers/cloud-moon.webp new file mode 100644 index 0000000000..5f70467398 Binary files /dev/null and b/assets/img/headers/cloud-moon.webp differ diff --git a/assets/img/headers/code-esc.webp b/assets/img/headers/code-esc.webp new file mode 100644 index 0000000000..06f2253e67 Binary files /dev/null and b/assets/img/headers/code-esc.webp differ diff --git a/assets/img/headers/color-stacks.webp b/assets/img/headers/color-stacks.webp new file mode 100644 index 0000000000..400312630f Binary files /dev/null and b/assets/img/headers/color-stacks.webp differ diff --git a/assets/img/headers/combine-harvest.webp b/assets/img/headers/combine-harvest.webp new file mode 100644 index 0000000000..bc991c371d Binary files /dev/null and b/assets/img/headers/combine-harvest.webp differ diff --git a/assets/img/headers/create-your-own-zigbee-hub-hero.webp b/assets/img/headers/create-your-own-zigbee-hub-hero.webp new file mode 100644 index 0000000000..338774940f Binary files /dev/null and b/assets/img/headers/create-your-own-zigbee-hub-hero.webp differ diff --git a/assets/img/headers/creator-summit-2024-demicrosoftification-hero.webp b/assets/img/headers/creator-summit-2024-demicrosoftification-hero.webp new file mode 100644 index 0000000000..f8cf220c52 Binary files /dev/null and b/assets/img/headers/creator-summit-2024-demicrosoftification-hero.webp differ diff --git a/assets/img/headers/crowd-concert.webp b/assets/img/headers/crowd-concert.webp new file mode 100644 index 0000000000..0c5cee4227 Binary files /dev/null and b/assets/img/headers/crowd-concert.webp differ diff --git a/assets/img/headers/custom-pc.webp b/assets/img/headers/custom-pc.webp new file mode 100644 index 0000000000..693f4d5963 Binary files /dev/null and b/assets/img/headers/custom-pc.webp differ diff --git a/assets/img/headers/desk-tour-2023-hero.webp b/assets/img/headers/desk-tour-2023-hero.webp new file mode 100644 index 0000000000..ba42d0d14a Binary files /dev/null and b/assets/img/headers/desk-tour-2023-hero.webp differ diff --git a/assets/img/headers/discord-square.webp b/assets/img/headers/discord-square.webp new file mode 100644 index 0000000000..2a07e624db Binary files /dev/null and b/assets/img/headers/discord-square.webp differ diff --git a/assets/img/headers/docker-gold.webp b/assets/img/headers/docker-gold.webp new file mode 100644 index 0000000000..3c7b35e477 Binary files /dev/null and b/assets/img/headers/docker-gold.webp differ diff --git a/assets/img/headers/duck-head.webp b/assets/img/headers/duck-head.webp new file mode 100644 index 0000000000..3cc080d9a0 Binary files /dev/null and b/assets/img/headers/duck-head.webp differ diff --git a/assets/img/headers/electric-city.webp b/assets/img/headers/electric-city.webp new file mode 100644 index 0000000000..d58ba321ee Binary files /dev/null and b/assets/img/headers/electric-city.webp differ diff --git a/assets/img/headers/encryption-magnifying-glass.webp b/assets/img/headers/encryption-magnifying-glass.webp new file mode 100644 index 0000000000..cd5f797a1e Binary files /dev/null and b/assets/img/headers/encryption-magnifying-glass.webp differ diff --git a/assets/img/headers/energy-ball.webp b/assets/img/headers/energy-ball.webp new file mode 100644 index 0000000000..fd34579a08 Binary files /dev/null and b/assets/img/headers/energy-ball.webp differ diff --git a/assets/img/headers/energy-blue.webp b/assets/img/headers/energy-blue.webp new file mode 100644 index 0000000000..ad41aabd3b Binary files /dev/null and b/assets/img/headers/energy-blue.webp differ diff --git a/assets/img/headers/engine-start.webp b/assets/img/headers/engine-start.webp new file mode 100644 index 0000000000..f67858ec61 Binary files /dev/null and b/assets/img/headers/engine-start.webp differ diff --git a/assets/img/headers/fast-lights.webp b/assets/img/headers/fast-lights.webp new file mode 100644 index 0000000000..8d83cbfcce Binary files /dev/null and b/assets/img/headers/fast-lights.webp differ diff --git a/assets/img/headers/fire-ring.webp b/assets/img/headers/fire-ring.webp new file mode 100644 index 0000000000..a6618f4390 Binary files /dev/null and b/assets/img/headers/fire-ring.webp differ diff --git a/assets/img/headers/floppy-black.webp b/assets/img/headers/floppy-black.webp new file mode 100644 index 0000000000..bf50134a47 Binary files /dev/null and b/assets/img/headers/floppy-black.webp differ diff --git a/assets/img/headers/floppy-red.webp b/assets/img/headers/floppy-red.webp new file mode 100644 index 0000000000..8d2e4d70e7 Binary files /dev/null and b/assets/img/headers/floppy-red.webp differ diff --git a/assets/img/headers/flux-blue.webp b/assets/img/headers/flux-blue.webp new file mode 100644 index 0000000000..8401e233bc Binary files /dev/null and b/assets/img/headers/flux-blue.webp differ diff --git a/assets/img/headers/flux-multi.webp b/assets/img/headers/flux-multi.webp new file mode 100644 index 0000000000..39034939b1 Binary files /dev/null and b/assets/img/headers/flux-multi.webp differ diff --git a/assets/img/headers/flux-streak.webp b/assets/img/headers/flux-streak.webp new file mode 100644 index 0000000000..9f22138729 Binary files /dev/null and b/assets/img/headers/flux-streak.webp differ diff --git a/assets/img/headers/folder-black.webp b/assets/img/headers/folder-black.webp new file mode 100644 index 0000000000..afdf56ed42 Binary files /dev/null and b/assets/img/headers/folder-black.webp differ diff --git a/assets/img/headers/folder-pink.webp b/assets/img/headers/folder-pink.webp new file mode 100644 index 0000000000..3f51db3dd0 Binary files /dev/null and b/assets/img/headers/folder-pink.webp differ diff --git a/assets/img/headers/folders-colorful.webp b/assets/img/headers/folders-colorful.webp new file mode 100644 index 0000000000..ed503c6136 Binary files /dev/null and b/assets/img/headers/folders-colorful.webp differ diff --git a/assets/img/headers/galaxy-cluster.webp b/assets/img/headers/galaxy-cluster.webp new file mode 100644 index 0000000000..6a42fe73d7 Binary files /dev/null and b/assets/img/headers/galaxy-cluster.webp differ diff --git a/assets/img/headers/gatus-uptime-hero.webp b/assets/img/headers/gatus-uptime-hero.webp new file mode 100644 index 0000000000..e47f8653b2 Binary files /dev/null and b/assets/img/headers/gatus-uptime-hero.webp differ diff --git a/assets/img/headers/gears-green.webp b/assets/img/headers/gears-green.webp new file mode 100644 index 0000000000..da9187d5eb Binary files /dev/null and b/assets/img/headers/gears-green.webp differ diff --git a/assets/img/headers/glass-layers.webp b/assets/img/headers/glass-layers.webp new file mode 100644 index 0000000000..8dda0b4b0c Binary files /dev/null and b/assets/img/headers/glass-layers.webp differ diff --git a/assets/img/headers/glasses-terminal.webp b/assets/img/headers/glasses-terminal.webp new file mode 100644 index 0000000000..872d00d7f0 Binary files /dev/null and b/assets/img/headers/glasses-terminal.webp differ diff --git a/assets/img/headers/gpu-pc.webp b/assets/img/headers/gpu-pc.webp new file mode 100644 index 0000000000..8fabbce2cf Binary files /dev/null and b/assets/img/headers/gpu-pc.webp differ diff --git a/assets/img/headers/green-kuma.webp b/assets/img/headers/green-kuma.webp new file mode 100644 index 0000000000..338bf0cdee Binary files /dev/null and b/assets/img/headers/green-kuma.webp differ diff --git a/assets/img/headers/hard-drive-close-up.webp b/assets/img/headers/hard-drive-close-up.webp new file mode 100644 index 0000000000..43472911df Binary files /dev/null and b/assets/img/headers/hard-drive-close-up.webp differ diff --git a/assets/img/headers/hard-drive-wood.webp b/assets/img/headers/hard-drive-wood.webp new file mode 100644 index 0000000000..b397093b44 Binary files /dev/null and b/assets/img/headers/hard-drive-wood.webp differ diff --git a/assets/img/headers/hardware-circuit.webp b/assets/img/headers/hardware-circuit.webp new file mode 100644 index 0000000000..2b5e92da84 Binary files /dev/null and b/assets/img/headers/hardware-circuit.webp differ diff --git a/assets/img/headers/hardware-tour-2022.webp b/assets/img/headers/hardware-tour-2022.webp new file mode 100644 index 0000000000..c1f1bd97ce Binary files /dev/null and b/assets/img/headers/hardware-tour-2022.webp differ diff --git a/assets/img/headers/headset-black.webp b/assets/img/headers/headset-black.webp new file mode 100644 index 0000000000..43ad662d1f Binary files /dev/null and b/assets/img/headers/headset-black.webp differ diff --git a/assets/img/headers/highway-10gbe.webp b/assets/img/headers/highway-10gbe.webp new file mode 100644 index 0000000000..05eb53f7f0 Binary files /dev/null and b/assets/img/headers/highway-10gbe.webp differ diff --git a/assets/img/headers/hl15-review-hero.webp b/assets/img/headers/hl15-review-hero.webp new file mode 100644 index 0000000000..fb920d3ad8 Binary files /dev/null and b/assets/img/headers/hl15-review-hero.webp differ diff --git a/assets/img/headers/home-hill.webp b/assets/img/headers/home-hill.webp new file mode 100644 index 0000000000..ad82c48655 Binary files /dev/null and b/assets/img/headers/home-hill.webp differ diff --git a/assets/img/headers/home-modern.webp b/assets/img/headers/home-modern.webp new file mode 100644 index 0000000000..a2ba2d7bce Binary files /dev/null and b/assets/img/headers/home-modern.webp differ diff --git a/assets/img/headers/homelab-assistant-hero.webp b/assets/img/headers/homelab-assistant-hero.webp new file mode 100644 index 0000000000..a1de1de109 Binary files /dev/null and b/assets/img/headers/homelab-assistant-hero.webp differ diff --git a/assets/img/headers/homelab-colo-architecture-review-hero.webp b/assets/img/headers/homelab-colo-architecture-review-hero.webp new file mode 100644 index 0000000000..32c76a09a3 Binary files /dev/null and b/assets/img/headers/homelab-colo-architecture-review-hero.webp differ diff --git a/assets/img/headers/homelab-datacenter-1-hero.webp b/assets/img/headers/homelab-datacenter-1-hero.webp new file mode 100644 index 0000000000..6ff17a66b4 Binary files /dev/null and b/assets/img/headers/homelab-datacenter-1-hero.webp differ diff --git a/assets/img/headers/homelab-hardware-tour-2003-hero.webp b/assets/img/headers/homelab-hardware-tour-2003-hero.webp new file mode 100644 index 0000000000..a4dcce2432 Binary files /dev/null and b/assets/img/headers/homelab-hardware-tour-2003-hero.webp differ diff --git a/assets/img/headers/homelab-rocket-servers.webp b/assets/img/headers/homelab-rocket-servers.webp new file mode 100644 index 0000000000..489591f420 Binary files /dev/null and b/assets/img/headers/homelab-rocket-servers.webp differ diff --git a/assets/img/headers/homelab-services-2024-hero.webp b/assets/img/headers/homelab-services-2024-hero.webp new file mode 100644 index 0000000000..b51c2d68ff Binary files /dev/null and b/assets/img/headers/homelab-services-2024-hero.webp differ diff --git a/assets/img/headers/homepage-dashboard-hero.webp b/assets/img/headers/homepage-dashboard-hero.webp new file mode 100644 index 0000000000..c47240e314 Binary files /dev/null and b/assets/img/headers/homepage-dashboard-hero.webp differ diff --git a/assets/img/headers/infinity-glass.webp b/assets/img/headers/infinity-glass.webp new file mode 100644 index 0000000000..d0bcb7b273 Binary files /dev/null and b/assets/img/headers/infinity-glass.webp differ diff --git a/assets/img/headers/iot-circuit.webp b/assets/img/headers/iot-circuit.webp new file mode 100644 index 0000000000..045ccee353 Binary files /dev/null and b/assets/img/headers/iot-circuit.webp differ diff --git a/assets/img/headers/javascript-terminal.webp b/assets/img/headers/javascript-terminal.webp new file mode 100644 index 0000000000..9d5fdd7fb4 Binary files /dev/null and b/assets/img/headers/javascript-terminal.webp differ diff --git a/assets/img/headers/journal-blue.webp b/assets/img/headers/journal-blue.webp new file mode 100644 index 0000000000..262fd2e5cd Binary files /dev/null and b/assets/img/headers/journal-blue.webp differ diff --git a/assets/img/headers/k8s-blocks.webp b/assets/img/headers/k8s-blocks.webp new file mode 100644 index 0000000000..f1e93e58f5 Binary files /dev/null and b/assets/img/headers/k8s-blocks.webp differ diff --git a/assets/img/headers/kvm-dark-desktop.webp b/assets/img/headers/kvm-dark-desktop.webp new file mode 100644 index 0000000000..7c64e8b3df Binary files /dev/null and b/assets/img/headers/kvm-dark-desktop.webp differ diff --git a/assets/img/headers/laptop-start.webp b/assets/img/headers/laptop-start.webp new file mode 100644 index 0000000000..1819f6e65d Binary files /dev/null and b/assets/img/headers/laptop-start.webp differ diff --git a/assets/img/headers/lawn-garden-header.webp b/assets/img/headers/lawn-garden-header.webp new file mode 100644 index 0000000000..bff994bcc4 Binary files /dev/null and b/assets/img/headers/lawn-garden-header.webp differ diff --git a/assets/img/headers/lego-red.webp b/assets/img/headers/lego-red.webp new file mode 100644 index 0000000000..dd2f5d969d Binary files /dev/null and b/assets/img/headers/lego-red.webp differ diff --git a/assets/img/headers/legos-walk.webp b/assets/img/headers/legos-walk.webp new file mode 100644 index 0000000000..6b250f007e Binary files /dev/null and b/assets/img/headers/legos-walk.webp differ diff --git a/assets/img/headers/library-floors.webp b/assets/img/headers/library-floors.webp new file mode 100644 index 0000000000..fd5f023cda Binary files /dev/null and b/assets/img/headers/library-floors.webp differ diff --git a/assets/img/headers/life-love.webp b/assets/img/headers/life-love.webp new file mode 100644 index 0000000000..da47f6e689 Binary files /dev/null and b/assets/img/headers/life-love.webp differ diff --git a/assets/img/headers/lightning-island.webp b/assets/img/headers/lightning-island.webp new file mode 100644 index 0000000000..a8e8fbe509 Binary files /dev/null and b/assets/img/headers/lightning-island.webp differ diff --git a/assets/img/headers/living-room-nas-hero.webp b/assets/img/headers/living-room-nas-hero.webp new file mode 100644 index 0000000000..72ebe55b9b Binary files /dev/null and b/assets/img/headers/living-room-nas-hero.webp differ diff --git a/assets/img/headers/localsend-hero.webp b/assets/img/headers/localsend-hero.webp new file mode 100644 index 0000000000..441249e36a Binary files /dev/null and b/assets/img/headers/localsend-hero.webp differ diff --git a/assets/img/headers/lock-night.webp b/assets/img/headers/lock-night.webp new file mode 100644 index 0000000000..82d331fb6d Binary files /dev/null and b/assets/img/headers/lock-night.webp differ diff --git a/assets/img/headers/log-stack.webp b/assets/img/headers/log-stack.webp new file mode 100644 index 0000000000..f59b889be6 Binary files /dev/null and b/assets/img/headers/log-stack.webp differ diff --git a/assets/img/headers/logs-woods.webp b/assets/img/headers/logs-woods.webp new file mode 100644 index 0000000000..90bc53d231 Binary files /dev/null and b/assets/img/headers/logs-woods.webp differ diff --git a/assets/img/headers/longhorn-cattle.webp b/assets/img/headers/longhorn-cattle.webp new file mode 100644 index 0000000000..527bfc29c4 Binary files /dev/null and b/assets/img/headers/longhorn-cattle.webp differ diff --git a/assets/img/headers/mac-old.webp b/assets/img/headers/mac-old.webp new file mode 100644 index 0000000000..e8372aed6d Binary files /dev/null and b/assets/img/headers/mac-old.webp differ diff --git a/assets/img/headers/mac-studio-rack-hero.webp b/assets/img/headers/mac-studio-rack-hero.webp new file mode 100644 index 0000000000..3e161f7d28 Binary files /dev/null and b/assets/img/headers/mac-studio-rack-hero.webp differ diff --git a/assets/img/headers/magnet-screws.webp b/assets/img/headers/magnet-screws.webp new file mode 100644 index 0000000000..b57aaf1da1 Binary files /dev/null and b/assets/img/headers/magnet-screws.webp differ diff --git a/assets/img/headers/metal-ball.webp b/assets/img/headers/metal-ball.webp new file mode 100644 index 0000000000..8e08e90cf1 Binary files /dev/null and b/assets/img/headers/metal-ball.webp differ diff --git a/assets/img/headers/metal-packer.webp b/assets/img/headers/metal-packer.webp new file mode 100644 index 0000000000..244f8bf70e Binary files /dev/null and b/assets/img/headers/metal-packer.webp differ diff --git a/assets/img/headers/mini-rack-homelab-stack-hero.webp b/assets/img/headers/mini-rack-homelab-stack-hero.webp new file mode 100644 index 0000000000..620ca6e81a Binary files /dev/null and b/assets/img/headers/mini-rack-homelab-stack-hero.webp differ diff --git a/assets/img/headers/mirror-image-chess.webp b/assets/img/headers/mirror-image-chess.webp new file mode 100644 index 0000000000..4d668e8ee9 Binary files /dev/null and b/assets/img/headers/mirror-image-chess.webp differ diff --git a/assets/img/headers/mobile-vanlife.webp b/assets/img/headers/mobile-vanlife.webp new file mode 100644 index 0000000000..4742fd29b4 Binary files /dev/null and b/assets/img/headers/mobile-vanlife.webp differ diff --git a/assets/img/headers/monitoring-dashboard.webp b/assets/img/headers/monitoring-dashboard.webp new file mode 100644 index 0000000000..32c3289212 Binary files /dev/null and b/assets/img/headers/monitoring-dashboard.webp differ diff --git a/assets/img/headers/movie-theater.webp b/assets/img/headers/movie-theater.webp new file mode 100644 index 0000000000..dc614f3e27 Binary files /dev/null and b/assets/img/headers/movie-theater.webp differ diff --git a/assets/img/headers/museum-hieroglyphics.webp b/assets/img/headers/museum-hieroglyphics.webp new file mode 100644 index 0000000000..3d189b58ca Binary files /dev/null and b/assets/img/headers/museum-hieroglyphics.webp differ diff --git a/assets/img/headers/neon-city.webp b/assets/img/headers/neon-city.webp new file mode 100644 index 0000000000..be09e8c60c Binary files /dev/null and b/assets/img/headers/neon-city.webp differ diff --git a/assets/img/headers/neon-handshake.webp b/assets/img/headers/neon-handshake.webp new file mode 100644 index 0000000000..290a6b049e Binary files /dev/null and b/assets/img/headers/neon-handshake.webp differ diff --git a/assets/img/headers/neon-light.webp b/assets/img/headers/neon-light.webp new file mode 100644 index 0000000000..f6c250d753 Binary files /dev/null and b/assets/img/headers/neon-light.webp differ diff --git a/assets/img/headers/nested-eggs.webp b/assets/img/headers/nested-eggs.webp new file mode 100644 index 0000000000..ad6d0823fc Binary files /dev/null and b/assets/img/headers/nested-eggs.webp differ diff --git a/assets/img/headers/netboot-xyz-hero.webp b/assets/img/headers/netboot-xyz-hero.webp new file mode 100644 index 0000000000..2193a501ed Binary files /dev/null and b/assets/img/headers/netboot-xyz-hero.webp differ diff --git a/assets/img/headers/network-fiber.webp b/assets/img/headers/network-fiber.webp new file mode 100644 index 0000000000..9d68a10ba2 Binary files /dev/null and b/assets/img/headers/network-fiber.webp differ diff --git a/assets/img/headers/no-more-microsd-hero.webp b/assets/img/headers/no-more-microsd-hero.webp new file mode 100644 index 0000000000..1c72616d09 Binary files /dev/null and b/assets/img/headers/no-more-microsd-hero.webp differ diff --git a/assets/img/headers/nut-script.webp b/assets/img/headers/nut-script.webp new file mode 100644 index 0000000000..3771f1f8f1 Binary files /dev/null and b/assets/img/headers/nut-script.webp differ diff --git a/assets/img/headers/office-dark.webp b/assets/img/headers/office-dark.webp new file mode 100644 index 0000000000..d81208f996 Binary files /dev/null and b/assets/img/headers/office-dark.webp differ diff --git a/assets/img/headers/penguin-looking.webp b/assets/img/headers/penguin-looking.webp new file mode 100644 index 0000000000..f3a9b6bba5 Binary files /dev/null and b/assets/img/headers/penguin-looking.webp differ diff --git a/assets/img/headers/pikvm-v4-tesmart-hero.webp b/assets/img/headers/pikvm-v4-tesmart-hero.webp new file mode 100644 index 0000000000..882be5d741 Binary files /dev/null and b/assets/img/headers/pikvm-v4-tesmart-hero.webp differ diff --git a/assets/img/headers/pink-purple.webp b/assets/img/headers/pink-purple.webp new file mode 100644 index 0000000000..7e12c565d9 Binary files /dev/null and b/assets/img/headers/pink-purple.webp differ diff --git a/assets/img/headers/plex-build-low-power-server-hero.webp b/assets/img/headers/plex-build-low-power-server-hero.webp new file mode 100644 index 0000000000..590538292c Binary files /dev/null and b/assets/img/headers/plex-build-low-power-server-hero.webp differ diff --git a/assets/img/headers/plex-ota-tv-hero.webp b/assets/img/headers/plex-ota-tv-hero.webp new file mode 100644 index 0000000000..5b66b26821 Binary files /dev/null and b/assets/img/headers/plex-ota-tv-hero.webp differ diff --git a/assets/img/headers/port-boat.webp b/assets/img/headers/port-boat.webp new file mode 100644 index 0000000000..38d6e1d580 Binary files /dev/null and b/assets/img/headers/port-boat.webp differ diff --git a/assets/img/headers/port-container.webp b/assets/img/headers/port-container.webp new file mode 100644 index 0000000000..b0f2dcd851 Binary files /dev/null and b/assets/img/headers/port-container.webp differ diff --git a/assets/img/headers/postit-light.webp b/assets/img/headers/postit-light.webp new file mode 100644 index 0000000000..99090589eb Binary files /dev/null and b/assets/img/headers/postit-light.webp differ diff --git a/assets/img/headers/power-over-ethernet-is-awesome-header.webp b/assets/img/headers/power-over-ethernet-is-awesome-header.webp new file mode 100644 index 0000000000..1a64b3ade5 Binary files /dev/null and b/assets/img/headers/power-over-ethernet-is-awesome-header.webp differ diff --git a/assets/img/headers/powertoys.webp b/assets/img/headers/powertoys.webp new file mode 100644 index 0000000000..cc6e570b20 Binary files /dev/null and b/assets/img/headers/powertoys.webp differ diff --git a/assets/img/headers/prism-neon.webp b/assets/img/headers/prism-neon.webp new file mode 100644 index 0000000000..d9729fc701 Binary files /dev/null and b/assets/img/headers/prism-neon.webp differ diff --git a/assets/img/headers/private-practical-local-ai-hero.webp b/assets/img/headers/private-practical-local-ai-hero.webp new file mode 100644 index 0000000000..143219080a Binary files /dev/null and b/assets/img/headers/private-practical-local-ai-hero.webp differ diff --git a/assets/img/headers/proxmox-8-upgrade.webp b/assets/img/headers/proxmox-8-upgrade.webp new file mode 100644 index 0000000000..b6cba8235f Binary files /dev/null and b/assets/img/headers/proxmox-8-upgrade.webp differ diff --git a/assets/img/headers/proxmox-alerts.webp b/assets/img/headers/proxmox-alerts.webp new file mode 100644 index 0000000000..dff3ea2568 Binary files /dev/null and b/assets/img/headers/proxmox-alerts.webp differ diff --git a/assets/img/headers/proxmox-backup-server-hero.webp b/assets/img/headers/proxmox-backup-server-hero.webp new file mode 100644 index 0000000000..9ebdcc6ffd Binary files /dev/null and b/assets/img/headers/proxmox-backup-server-hero.webp differ diff --git a/assets/img/headers/proxmox-helper-scripts-hero.webp b/assets/img/headers/proxmox-helper-scripts-hero.webp new file mode 100644 index 0000000000..b918a4e42e Binary files /dev/null and b/assets/img/headers/proxmox-helper-scripts-hero.webp differ diff --git a/assets/img/headers/radar-milkyway.webp b/assets/img/headers/radar-milkyway.webp new file mode 100644 index 0000000000..dc4ffb91c7 Binary files /dev/null and b/assets/img/headers/radar-milkyway.webp differ diff --git a/assets/img/headers/rancher-cattle.webp b/assets/img/headers/rancher-cattle.webp new file mode 100644 index 0000000000..27cb16cf4c Binary files /dev/null and b/assets/img/headers/rancher-cattle.webp differ diff --git a/assets/img/headers/records-pink.webp b/assets/img/headers/records-pink.webp new file mode 100644 index 0000000000..6198869c15 Binary files /dev/null and b/assets/img/headers/records-pink.webp differ diff --git a/assets/img/headers/renovate-paint-fence.webp b/assets/img/headers/renovate-paint-fence.webp new file mode 100644 index 0000000000..6b27ee7125 Binary files /dev/null and b/assets/img/headers/renovate-paint-fence.webp differ diff --git a/assets/img/headers/retro-gaming.webp b/assets/img/headers/retro-gaming.webp new file mode 100644 index 0000000000..2177b46cb0 Binary files /dev/null and b/assets/img/headers/retro-gaming.webp differ diff --git a/assets/img/headers/robot-learning.webp b/assets/img/headers/robot-learning.webp new file mode 100644 index 0000000000..1d803a3388 Binary files /dev/null and b/assets/img/headers/robot-learning.webp differ diff --git a/assets/img/headers/robot-toy.webp b/assets/img/headers/robot-toy.webp new file mode 100644 index 0000000000..8982b4927a Binary files /dev/null and b/assets/img/headers/robot-toy.webp differ diff --git a/assets/img/headers/rocket-illustration.webp b/assets/img/headers/rocket-illustration.webp new file mode 100644 index 0000000000..82d3ca765b Binary files /dev/null and b/assets/img/headers/rocket-illustration.webp differ diff --git a/assets/img/headers/server-lights.webp b/assets/img/headers/server-lights.webp new file mode 100644 index 0000000000..bea1ccb28f Binary files /dev/null and b/assets/img/headers/server-lights.webp differ diff --git a/assets/img/headers/server-rack-build.webp b/assets/img/headers/server-rack-build.webp new file mode 100644 index 0000000000..2f16fe129d Binary files /dev/null and b/assets/img/headers/server-rack-build.webp differ diff --git a/assets/img/headers/services-tour-map.webp b/assets/img/headers/services-tour-map.webp new file mode 100644 index 0000000000..912d61421b Binary files /dev/null and b/assets/img/headers/services-tour-map.webp differ diff --git a/assets/img/headers/seven-track.webp b/assets/img/headers/seven-track.webp new file mode 100644 index 0000000000..b147b0c0b4 Binary files /dev/null and b/assets/img/headers/seven-track.webp differ diff --git a/assets/img/headers/slack-screen.webp b/assets/img/headers/slack-screen.webp new file mode 100644 index 0000000000..2180e9ffaf Binary files /dev/null and b/assets/img/headers/slack-screen.webp differ diff --git a/assets/img/headers/small-sun.webp b/assets/img/headers/small-sun.webp new file mode 100644 index 0000000000..d57390f737 Binary files /dev/null and b/assets/img/headers/small-sun.webp differ diff --git a/assets/img/headers/smart-home-hub.webp b/assets/img/headers/smart-home-hub.webp new file mode 100644 index 0000000000..76eb30d058 Binary files /dev/null and b/assets/img/headers/smart-home-hub.webp differ diff --git a/assets/img/headers/sops-install.webp b/assets/img/headers/sops-install.webp new file mode 100644 index 0000000000..9bce6ec26e Binary files /dev/null and b/assets/img/headers/sops-install.webp differ diff --git a/assets/img/headers/sound-board.webp b/assets/img/headers/sound-board.webp new file mode 100644 index 0000000000..fa0b13f802 Binary files /dev/null and b/assets/img/headers/sound-board.webp differ diff --git a/assets/img/headers/sparks-circle.webp b/assets/img/headers/sparks-circle.webp new file mode 100644 index 0000000000..93bff01b6c Binary files /dev/null and b/assets/img/headers/sparks-circle.webp differ diff --git a/assets/img/headers/stream-deck.webp b/assets/img/headers/stream-deck.webp new file mode 100644 index 0000000000..c379c3672b Binary files /dev/null and b/assets/img/headers/stream-deck.webp differ diff --git a/assets/img/headers/stream-room.webp b/assets/img/headers/stream-room.webp new file mode 100644 index 0000000000..8b3764ef8b Binary files /dev/null and b/assets/img/headers/stream-room.webp differ diff --git a/assets/img/headers/stretch-cat.webp b/assets/img/headers/stretch-cat.webp new file mode 100644 index 0000000000..5b5fc8e05f Binary files /dev/null and b/assets/img/headers/stretch-cat.webp differ diff --git a/assets/img/headers/sysracks-12u-header.webp b/assets/img/headers/sysracks-12u-header.webp new file mode 100644 index 0000000000..f686da3cdb Binary files /dev/null and b/assets/img/headers/sysracks-12u-header.webp differ diff --git a/assets/img/headers/teamwork-table.webp b/assets/img/headers/teamwork-table.webp new file mode 100644 index 0000000000..ade6a2dc79 Binary files /dev/null and b/assets/img/headers/teamwork-table.webp differ diff --git a/assets/img/headers/techno-tim-shop-hero.webp b/assets/img/headers/techno-tim-shop-hero.webp new file mode 100644 index 0000000000..971ed11e71 Binary files /dev/null and b/assets/img/headers/techno-tim-shop-hero.webp differ diff --git a/assets/img/headers/terraform-mars.webp b/assets/img/headers/terraform-mars.webp new file mode 100644 index 0000000000..e27ac0514c Binary files /dev/null and b/assets/img/headers/terraform-mars.webp differ diff --git a/assets/img/headers/terrarium-multiple.webp b/assets/img/headers/terrarium-multiple.webp new file mode 100644 index 0000000000..7a001b0340 Binary files /dev/null and b/assets/img/headers/terrarium-multiple.webp differ diff --git a/assets/img/headers/tire-brake.webp b/assets/img/headers/tire-brake.webp new file mode 100644 index 0000000000..1b2b61c867 Binary files /dev/null and b/assets/img/headers/tire-brake.webp differ diff --git a/assets/img/headers/tools-desk.webp b/assets/img/headers/tools-desk.webp new file mode 100644 index 0000000000..0868718184 Binary files /dev/null and b/assets/img/headers/tools-desk.webp differ diff --git a/assets/img/headers/traefik-3-docker-certificates-hero.webp b/assets/img/headers/traefik-3-docker-certificates-hero.webp new file mode 100644 index 0000000000..2775c2076b Binary files /dev/null and b/assets/img/headers/traefik-3-docker-certificates-hero.webp differ diff --git a/assets/img/headers/traffic-light.webp b/assets/img/headers/traffic-light.webp new file mode 100644 index 0000000000..5dbc36906c Binary files /dev/null and b/assets/img/headers/traffic-light.webp differ diff --git a/assets/img/headers/traffic-streaks.webp b/assets/img/headers/traffic-streaks.webp new file mode 100644 index 0000000000..d6bb8d1a0b Binary files /dev/null and b/assets/img/headers/traffic-streaks.webp differ diff --git a/assets/img/headers/tree-colorful.webp b/assets/img/headers/tree-colorful.webp new file mode 100644 index 0000000000..306c10fd24 Binary files /dev/null and b/assets/img/headers/tree-colorful.webp differ diff --git a/assets/img/headers/truenas-optimizations-hero.webp b/assets/img/headers/truenas-optimizations-hero.webp new file mode 100644 index 0000000000..7014af04d5 Binary files /dev/null and b/assets/img/headers/truenas-optimizations-hero.webp differ diff --git a/assets/img/headers/truenas-vs-unraid.webp b/assets/img/headers/truenas-vs-unraid.webp new file mode 100644 index 0000000000..e0f0b68409 Binary files /dev/null and b/assets/img/headers/truenas-vs-unraid.webp differ diff --git a/assets/img/headers/twitch-mobile.webp b/assets/img/headers/twitch-mobile.webp new file mode 100644 index 0000000000..e75bd04331 Binary files /dev/null and b/assets/img/headers/twitch-mobile.webp differ diff --git a/assets/img/headers/typewriter-update.webp b/assets/img/headers/typewriter-update.webp new file mode 100644 index 0000000000..0b72ffd961 Binary files /dev/null and b/assets/img/headers/typewriter-update.webp differ diff --git a/assets/img/headers/ubuntu-terminal.webp b/assets/img/headers/ubuntu-terminal.webp new file mode 100644 index 0000000000..8711477aa8 Binary files /dev/null and b/assets/img/headers/ubuntu-terminal.webp differ diff --git a/assets/img/headers/udm-pro-max-hero.webp b/assets/img/headers/udm-pro-max-hero.webp new file mode 100644 index 0000000000..a2d1a042d3 Binary files /dev/null and b/assets/img/headers/udm-pro-max-hero.webp differ diff --git a/assets/img/headers/ui-drawing.webp b/assets/img/headers/ui-drawing.webp new file mode 100644 index 0000000000..fc9197d3df Binary files /dev/null and b/assets/img/headers/ui-drawing.webp differ diff --git a/assets/img/headers/ultimate-homelab-server-hero.webp b/assets/img/headers/ultimate-homelab-server-hero.webp new file mode 100644 index 0000000000..2a142d7f99 Binary files /dev/null and b/assets/img/headers/ultimate-homelab-server-hero.webp differ diff --git a/assets/img/headers/unifi-express-hero.webp b/assets/img/headers/unifi-express-hero.webp new file mode 100644 index 0000000000..39f37ef12e Binary files /dev/null and b/assets/img/headers/unifi-express-hero.webp differ diff --git a/assets/img/headers/unifi-pro-max-hero.webp b/assets/img/headers/unifi-pro-max-hero.webp new file mode 100644 index 0000000000..cde28e4aa1 Binary files /dev/null and b/assets/img/headers/unifi-pro-max-hero.webp differ diff --git a/assets/img/headers/unraid-first-time-hero.webp b/assets/img/headers/unraid-first-time-hero.webp new file mode 100644 index 0000000000..d16f3b54f9 Binary files /dev/null and b/assets/img/headers/unraid-first-time-hero.webp differ diff --git a/assets/img/headers/ups-install.webp b/assets/img/headers/ups-install.webp new file mode 100644 index 0000000000..e0b700d3a0 Binary files /dev/null and b/assets/img/headers/ups-install.webp differ diff --git a/assets/img/headers/viking-figure.webp b/assets/img/headers/viking-figure.webp new file mode 100644 index 0000000000..69eb8da509 Binary files /dev/null and b/assets/img/headers/viking-figure.webp differ diff --git a/assets/img/headers/virtual-pixels.webp b/assets/img/headers/virtual-pixels.webp new file mode 100644 index 0000000000..5d4f22f9bb Binary files /dev/null and b/assets/img/headers/virtual-pixels.webp differ diff --git a/assets/img/headers/we-are-homelab-hero.webp b/assets/img/headers/we-are-homelab-hero.webp new file mode 100644 index 0000000000..ccfe9ad603 Binary files /dev/null and b/assets/img/headers/we-are-homelab-hero.webp differ diff --git a/assets/img/headers/whale-water.webp b/assets/img/headers/whale-water.webp new file mode 100644 index 0000000000..8e66c020c7 Binary files /dev/null and b/assets/img/headers/whale-water.webp differ diff --git a/assets/img/headers/windows-surface.webp b/assets/img/headers/windows-surface.webp new file mode 100644 index 0000000000..070711f3bd Binary files /dev/null and b/assets/img/headers/windows-surface.webp differ diff --git a/assets/img/headers/wire-cutters.webp b/assets/img/headers/wire-cutters.webp new file mode 100644 index 0000000000..15f594eba9 Binary files /dev/null and b/assets/img/headers/wire-cutters.webp differ diff --git a/assets/img/headers/zimablade-review-hero.webp b/assets/img/headers/zimablade-review-hero.webp new file mode 100644 index 0000000000..89cad28a65 Binary files /dev/null and b/assets/img/headers/zimablade-review-hero.webp differ diff --git a/assets/img/headers/zimaboard-projects-header.webp b/assets/img/headers/zimaboard-projects-header.webp new file mode 100644 index 0000000000..6627d17443 Binary files /dev/null and b/assets/img/headers/zimaboard-projects-header.webp differ diff --git a/assets/img/posts/45drives-alan-nagl.webp b/assets/img/posts/45drives-alan-nagl.webp new file mode 100644 index 0000000000..d848c90e5e Binary files /dev/null and b/assets/img/posts/45drives-alan-nagl.webp differ diff --git a/assets/img/posts/45drives-homelab-hl15.webp b/assets/img/posts/45drives-homelab-hl15.webp new file mode 100644 index 0000000000..45b32f74b0 Binary files /dev/null and b/assets/img/posts/45drives-homelab-hl15.webp differ diff --git a/assets/img/posts/45drives-jeff-geerling.webp b/assets/img/posts/45drives-jeff-geerling.webp new file mode 100644 index 0000000000..28f8f53d03 Binary files /dev/null and b/assets/img/posts/45drives-jeff-geerling.webp differ diff --git a/assets/img/posts/45drives-labs-tour.webp b/assets/img/posts/45drives-labs-tour.webp new file mode 100644 index 0000000000..541047b006 Binary files /dev/null and b/assets/img/posts/45drives-labs-tour.webp differ diff --git a/assets/img/posts/45drives-mitch-hall.webp b/assets/img/posts/45drives-mitch-hall.webp new file mode 100644 index 0000000000..5a8a774b93 Binary files /dev/null and b/assets/img/posts/45drives-mitch-hall.webp differ diff --git a/assets/img/posts/45drives-signage.webp b/assets/img/posts/45drives-signage.webp new file mode 100644 index 0000000000..02c2e4ce2b Binary files /dev/null and b/assets/img/posts/45drives-signage.webp differ diff --git a/assets/img/posts/45drives-storinator-hybrid-f8-x1.webp b/assets/img/posts/45drives-storinator-hybrid-f8-x1.webp new file mode 100644 index 0000000000..3247d3f650 Binary files /dev/null and b/assets/img/posts/45drives-storinator-hybrid-f8-x1.webp differ diff --git a/assets/img/posts/45drives-storinator-jr.webp b/assets/img/posts/45drives-storinator-jr.webp new file mode 100644 index 0000000000..a78bd25824 Binary files /dev/null and b/assets/img/posts/45drives-storinator-jr.webp differ diff --git a/assets/img/posts/45drives-stornado-gen-2-2u-sata.webp b/assets/img/posts/45drives-stornado-gen-2-2u-sata.webp new file mode 100644 index 0000000000..deb1b9d52a Binary files /dev/null and b/assets/img/posts/45drives-stornado-gen-2-2u-sata.webp differ diff --git a/assets/img/posts/45drives-timothy-stewart.webp b/assets/img/posts/45drives-timothy-stewart.webp new file mode 100644 index 0000000000..c8f889da13 Binary files /dev/null and b/assets/img/posts/45drives-timothy-stewart.webp differ diff --git a/assets/img/posts/45drives-tom-lawrence.webp b/assets/img/posts/45drives-tom-lawrence.webp new file mode 100644 index 0000000000..1b93ebfbbf Binary files /dev/null and b/assets/img/posts/45drives-tom-lawrence.webp differ diff --git a/assets/img/posts/ansible-k3s-install.webp b/assets/img/posts/ansible-k3s-install.webp new file mode 100644 index 0000000000..219b6f655b Binary files /dev/null and b/assets/img/posts/ansible-k3s-install.webp differ diff --git a/assets/img/posts/camera-in-my-server-rack.webp b/assets/img/posts/camera-in-my-server-rack.webp new file mode 100644 index 0000000000..02dc04c4f4 Binary files /dev/null and b/assets/img/posts/camera-in-my-server-rack.webp differ diff --git a/assets/img/posts/desk-tour-2023-1.webp b/assets/img/posts/desk-tour-2023-1.webp new file mode 100644 index 0000000000..15b8079c73 Binary files /dev/null and b/assets/img/posts/desk-tour-2023-1.webp differ diff --git a/assets/img/posts/desk-tour-2023-2.webp b/assets/img/posts/desk-tour-2023-2.webp new file mode 100644 index 0000000000..b3e34d2f3b Binary files /dev/null and b/assets/img/posts/desk-tour-2023-2.webp differ diff --git a/assets/img/posts/desk-tour-2023-3.webp b/assets/img/posts/desk-tour-2023-3.webp new file mode 100644 index 0000000000..76aee3a249 Binary files /dev/null and b/assets/img/posts/desk-tour-2023-3.webp differ diff --git a/assets/img/posts/desk-tour-2023-4.webp b/assets/img/posts/desk-tour-2023-4.webp new file mode 100644 index 0000000000..1953fcb628 Binary files /dev/null and b/assets/img/posts/desk-tour-2023-4.webp differ diff --git a/assets/img/posts/device-manager-wol.webp b/assets/img/posts/device-manager-wol.webp new file mode 100644 index 0000000000..c27bde6c99 Binary files /dev/null and b/assets/img/posts/device-manager-wol.webp differ diff --git a/assets/img/posts/ecosystem-meme.webp b/assets/img/posts/ecosystem-meme.webp new file mode 100644 index 0000000000..6ab9a14c85 Binary files /dev/null and b/assets/img/posts/ecosystem-meme.webp differ diff --git a/assets/img/posts/ezcoo-switch-back.webp b/assets/img/posts/ezcoo-switch-back.webp new file mode 100644 index 0000000000..24637c7e84 Binary files /dev/null and b/assets/img/posts/ezcoo-switch-back.webp differ diff --git a/assets/img/posts/ezcoo-switch-connected-usb.webp b/assets/img/posts/ezcoo-switch-connected-usb.webp new file mode 100644 index 0000000000..87baa05487 Binary files /dev/null and b/assets/img/posts/ezcoo-switch-connected-usb.webp differ diff --git a/assets/img/posts/github-create-repo.webp b/assets/img/posts/github-create-repo.webp new file mode 100644 index 0000000000..0282994fc8 Binary files /dev/null and b/assets/img/posts/github-create-repo.webp differ diff --git a/assets/img/posts/github-marketplace-renovate.webp b/assets/img/posts/github-marketplace-renovate.webp new file mode 100644 index 0000000000..11f1f4fcb3 Binary files /dev/null and b/assets/img/posts/github-marketplace-renovate.webp differ diff --git a/assets/img/posts/ha-nginx-test.webp b/assets/img/posts/ha-nginx-test.webp new file mode 100644 index 0000000000..1853d483c5 Binary files /dev/null and b/assets/img/posts/ha-nginx-test.webp differ diff --git a/assets/img/posts/hl15-review-1.webp b/assets/img/posts/hl15-review-1.webp new file mode 100644 index 0000000000..ce8659310f Binary files /dev/null and b/assets/img/posts/hl15-review-1.webp differ diff --git a/assets/img/posts/hl15-review-2.webp b/assets/img/posts/hl15-review-2.webp new file mode 100644 index 0000000000..dccdb6cd39 Binary files /dev/null and b/assets/img/posts/hl15-review-2.webp differ diff --git a/assets/img/posts/hl15-review-3.webp b/assets/img/posts/hl15-review-3.webp new file mode 100644 index 0000000000..85b644a1b3 Binary files /dev/null and b/assets/img/posts/hl15-review-3.webp differ diff --git a/assets/img/posts/hl15-review-4.webp b/assets/img/posts/hl15-review-4.webp new file mode 100644 index 0000000000..0fd292aed7 Binary files /dev/null and b/assets/img/posts/hl15-review-4.webp differ diff --git a/assets/img/posts/hl15-review-5.webp b/assets/img/posts/hl15-review-5.webp new file mode 100644 index 0000000000..ec505f6851 Binary files /dev/null and b/assets/img/posts/hl15-review-5.webp differ diff --git a/assets/img/posts/hl15-review-6.webp b/assets/img/posts/hl15-review-6.webp new file mode 100644 index 0000000000..56695afd0c Binary files /dev/null and b/assets/img/posts/hl15-review-6.webp differ diff --git a/assets/img/posts/hl15-review-7.webp b/assets/img/posts/hl15-review-7.webp new file mode 100644 index 0000000000..6174d1d665 Binary files /dev/null and b/assets/img/posts/hl15-review-7.webp differ diff --git a/assets/img/posts/hl15-review-8.webp b/assets/img/posts/hl15-review-8.webp new file mode 100644 index 0000000000..2c24ff516f Binary files /dev/null and b/assets/img/posts/hl15-review-8.webp differ diff --git a/assets/img/posts/homepage-dashboard-mine.webp b/assets/img/posts/homepage-dashboard-mine.webp new file mode 100644 index 0000000000..c982d05b9b Binary files /dev/null and b/assets/img/posts/homepage-dashboard-mine.webp differ diff --git a/assets/img/posts/i-use-arch-btw.gif b/assets/img/posts/i-use-arch-btw.gif new file mode 100644 index 0000000000..c6f545c12a Binary files /dev/null and b/assets/img/posts/i-use-arch-btw.gif differ diff --git a/assets/img/posts/intel-nuc-internals.webp b/assets/img/posts/intel-nuc-internals.webp new file mode 100644 index 0000000000..dbfb010e97 Binary files /dev/null and b/assets/img/posts/intel-nuc-internals.webp differ diff --git a/assets/img/posts/intel-nuc-power-settings.webp b/assets/img/posts/intel-nuc-power-settings.webp new file mode 100644 index 0000000000..ecdf0eb14c Binary files /dev/null and b/assets/img/posts/intel-nuc-power-settings.webp differ diff --git a/assets/img/posts/intel-nuc-rackmount-system.webp b/assets/img/posts/intel-nuc-rackmount-system.webp new file mode 100644 index 0000000000..d9be4d7fb5 Binary files /dev/null and b/assets/img/posts/intel-nuc-rackmount-system.webp differ diff --git a/assets/img/posts/intel-nuc-stack.webp b/assets/img/posts/intel-nuc-stack.webp new file mode 100644 index 0000000000..37eb49f6fd Binary files /dev/null and b/assets/img/posts/intel-nuc-stack.webp differ diff --git a/assets/img/posts/k8s-stateless-apps.webp b/assets/img/posts/k8s-stateless-apps.webp new file mode 100644 index 0000000000..7668c419e3 Binary files /dev/null and b/assets/img/posts/k8s-stateless-apps.webp differ diff --git a/assets/img/posts/lawn-garden-4-zones.webp b/assets/img/posts/lawn-garden-4-zones.webp new file mode 100644 index 0000000000..ea79db6415 Binary files /dev/null and b/assets/img/posts/lawn-garden-4-zones.webp differ diff --git a/assets/img/posts/lawn-garden-manifold.webp b/assets/img/posts/lawn-garden-manifold.webp new file mode 100644 index 0000000000..a8e7f2f8dc Binary files /dev/null and b/assets/img/posts/lawn-garden-manifold.webp differ diff --git a/assets/img/posts/lawn-garden-sprinkler.webp b/assets/img/posts/lawn-garden-sprinkler.webp new file mode 100644 index 0000000000..2eb2de974e Binary files /dev/null and b/assets/img/posts/lawn-garden-sprinkler.webp differ diff --git a/assets/img/posts/mac-studio-rack-10.webp b/assets/img/posts/mac-studio-rack-10.webp new file mode 100644 index 0000000000..100771b6fd Binary files /dev/null and b/assets/img/posts/mac-studio-rack-10.webp differ diff --git a/assets/img/posts/mac-studio-rack-12.webp b/assets/img/posts/mac-studio-rack-12.webp new file mode 100644 index 0000000000..67788a11f5 Binary files /dev/null and b/assets/img/posts/mac-studio-rack-12.webp differ diff --git a/assets/img/posts/mac-studio-rack-13.webp b/assets/img/posts/mac-studio-rack-13.webp new file mode 100644 index 0000000000..bc7d807354 Binary files /dev/null and b/assets/img/posts/mac-studio-rack-13.webp differ diff --git a/assets/img/posts/mac-studio-rack-2.webp b/assets/img/posts/mac-studio-rack-2.webp new file mode 100644 index 0000000000..138cc0867c Binary files /dev/null and b/assets/img/posts/mac-studio-rack-2.webp differ diff --git a/assets/img/posts/mac-studio-rack-4.webp b/assets/img/posts/mac-studio-rack-4.webp new file mode 100644 index 0000000000..be5d4395fa Binary files /dev/null and b/assets/img/posts/mac-studio-rack-4.webp differ diff --git a/assets/img/posts/mac-studio-rack-5.webp b/assets/img/posts/mac-studio-rack-5.webp new file mode 100644 index 0000000000..8d34e1ceda Binary files /dev/null and b/assets/img/posts/mac-studio-rack-5.webp differ diff --git a/assets/img/posts/mac-studio-rack-6.webp b/assets/img/posts/mac-studio-rack-6.webp new file mode 100644 index 0000000000..336f2acdca Binary files /dev/null and b/assets/img/posts/mac-studio-rack-6.webp differ diff --git a/assets/img/posts/mac-studio-rack-7.webp b/assets/img/posts/mac-studio-rack-7.webp new file mode 100644 index 0000000000..776981e60b Binary files /dev/null and b/assets/img/posts/mac-studio-rack-7.webp differ diff --git a/assets/img/posts/mac-studio-rack-8.webp b/assets/img/posts/mac-studio-rack-8.webp new file mode 100644 index 0000000000..6d6cf1ed7e Binary files /dev/null and b/assets/img/posts/mac-studio-rack-8.webp differ diff --git a/assets/img/posts/macos-wake-on-lan.webp b/assets/img/posts/macos-wake-on-lan.webp new file mode 100644 index 0000000000..06592ea615 Binary files /dev/null and b/assets/img/posts/macos-wake-on-lan.webp differ diff --git a/assets/img/posts/mobile-homelab-diagram-lan.webp b/assets/img/posts/mobile-homelab-diagram-lan.webp new file mode 100644 index 0000000000..02fc8f61cf Binary files /dev/null and b/assets/img/posts/mobile-homelab-diagram-lan.webp differ diff --git a/assets/img/posts/mobile-homelab-diagram-vpn-diagram.webp b/assets/img/posts/mobile-homelab-diagram-vpn-diagram.webp new file mode 100644 index 0000000000..3b3a72bdb9 Binary files /dev/null and b/assets/img/posts/mobile-homelab-diagram-vpn-diagram.webp differ diff --git a/assets/img/posts/mobile-homelab-diagram-wlan-usb-diagram.webp b/assets/img/posts/mobile-homelab-diagram-wlan-usb-diagram.webp new file mode 100644 index 0000000000..825378699a Binary files /dev/null and b/assets/img/posts/mobile-homelab-diagram-wlan-usb-diagram.webp differ diff --git a/assets/img/posts/mobile-homelab-diagram-wlan-usb.webp b/assets/img/posts/mobile-homelab-diagram-wlan-usb.webp new file mode 100644 index 0000000000..537e69009b Binary files /dev/null and b/assets/img/posts/mobile-homelab-diagram-wlan-usb.webp differ diff --git a/assets/img/posts/mobile-homelab-diagram-wlan.webp b/assets/img/posts/mobile-homelab-diagram-wlan.webp new file mode 100644 index 0000000000..2e82618015 Binary files /dev/null and b/assets/img/posts/mobile-homelab-diagram-wlan.webp differ diff --git a/assets/img/posts/mobile-homelab-lte-modem-diagram.webp b/assets/img/posts/mobile-homelab-lte-modem-diagram.webp new file mode 100644 index 0000000000..2fc1d8d6bc Binary files /dev/null and b/assets/img/posts/mobile-homelab-lte-modem-diagram.webp differ diff --git a/assets/img/posts/mobile-homelab-lte-modem.webp b/assets/img/posts/mobile-homelab-lte-modem.webp new file mode 100644 index 0000000000..353ca5dcfc Binary files /dev/null and b/assets/img/posts/mobile-homelab-lte-modem.webp differ diff --git a/assets/img/posts/mobile-homelab-pi-hole.webp b/assets/img/posts/mobile-homelab-pi-hole.webp new file mode 100644 index 0000000000..e6568812f9 Binary files /dev/null and b/assets/img/posts/mobile-homelab-pi-hole.webp differ diff --git a/assets/img/posts/mobile-homelab-plex.webp b/assets/img/posts/mobile-homelab-plex.webp new file mode 100644 index 0000000000..4c7ffd8bd6 Binary files /dev/null and b/assets/img/posts/mobile-homelab-plex.webp differ diff --git a/assets/img/posts/mobile-homelab-portainer.webp b/assets/img/posts/mobile-homelab-portainer.webp new file mode 100644 index 0000000000..f84b15acb1 Binary files /dev/null and b/assets/img/posts/mobile-homelab-portainer.webp differ diff --git a/assets/img/posts/mobile-homelab-power-usage.webp b/assets/img/posts/mobile-homelab-power-usage.webp new file mode 100644 index 0000000000..fb7e412308 Binary files /dev/null and b/assets/img/posts/mobile-homelab-power-usage.webp differ diff --git a/assets/img/posts/mobile-homelab-proxmox-vms.webp b/assets/img/posts/mobile-homelab-proxmox-vms.webp new file mode 100644 index 0000000000..7bd51beacd Binary files /dev/null and b/assets/img/posts/mobile-homelab-proxmox-vms.webp differ diff --git a/assets/img/posts/mobile-homelab-proxmox.webp b/assets/img/posts/mobile-homelab-proxmox.webp new file mode 100644 index 0000000000..e23ee97bc4 Binary files /dev/null and b/assets/img/posts/mobile-homelab-proxmox.webp differ diff --git a/assets/img/posts/mobile-homelab-wyze-cam.webp b/assets/img/posts/mobile-homelab-wyze-cam.webp new file mode 100644 index 0000000000..cbca938173 Binary files /dev/null and b/assets/img/posts/mobile-homelab-wyze-cam.webp differ diff --git a/assets/img/posts/my-mobile-homelab.webp b/assets/img/posts/my-mobile-homelab.webp new file mode 100644 index 0000000000..f18723f802 Binary files /dev/null and b/assets/img/posts/my-mobile-homelab.webp differ diff --git a/assets/img/posts/network-diagram-logical-2024.webp b/assets/img/posts/network-diagram-logical-2024.webp new file mode 100644 index 0000000000..515fdf9c2d Binary files /dev/null and b/assets/img/posts/network-diagram-logical-2024.webp differ diff --git a/assets/img/posts/nginx-demo-site.webp b/assets/img/posts/nginx-demo-site.webp new file mode 100644 index 0000000000..8cfb243f37 Binary files /dev/null and b/assets/img/posts/nginx-demo-site.webp differ diff --git a/assets/img/posts/nuc-cluster-power-usage.webp b/assets/img/posts/nuc-cluster-power-usage.webp new file mode 100644 index 0000000000..5ae851aa62 Binary files /dev/null and b/assets/img/posts/nuc-cluster-power-usage.webp differ diff --git a/assets/img/posts/old-mobile-homelab.webp b/assets/img/posts/old-mobile-homelab.webp new file mode 100644 index 0000000000..1983e5de15 Binary files /dev/null and b/assets/img/posts/old-mobile-homelab.webp differ diff --git a/assets/img/posts/pikvm-interface.webp b/assets/img/posts/pikvm-interface.webp new file mode 100644 index 0000000000..f7f316971c Binary files /dev/null and b/assets/img/posts/pikvm-interface.webp differ diff --git a/assets/img/posts/pikvm-remote-control-menu.webp b/assets/img/posts/pikvm-remote-control-menu.webp new file mode 100644 index 0000000000..6d8bf71837 Binary files /dev/null and b/assets/img/posts/pikvm-remote-control-menu.webp differ diff --git a/assets/img/posts/pikvm-tesmart-8-port-switch.webp b/assets/img/posts/pikvm-tesmart-8-port-switch.webp new file mode 100644 index 0000000000..2ff40db8bb Binary files /dev/null and b/assets/img/posts/pikvm-tesmart-8-port-switch.webp differ diff --git a/assets/img/posts/pikvm-v3-lcd-hello.webp b/assets/img/posts/pikvm-v3-lcd-hello.webp new file mode 100644 index 0000000000..3a7774c94a Binary files /dev/null and b/assets/img/posts/pikvm-v3-lcd-hello.webp differ diff --git a/assets/img/posts/pikvm-v4-tesmart-1.webp b/assets/img/posts/pikvm-v4-tesmart-1.webp new file mode 100644 index 0000000000..961cb7f9b4 Binary files /dev/null and b/assets/img/posts/pikvm-v4-tesmart-1.webp differ diff --git a/assets/img/posts/pikvm-v4-tesmart-2.webp b/assets/img/posts/pikvm-v4-tesmart-2.webp new file mode 100644 index 0000000000..f67fa1be60 Binary files /dev/null and b/assets/img/posts/pikvm-v4-tesmart-2.webp differ diff --git a/assets/img/posts/pikvm-v4-tesmart-3.webp b/assets/img/posts/pikvm-v4-tesmart-3.webp new file mode 100644 index 0000000000..c62a19daa6 Binary files /dev/null and b/assets/img/posts/pikvm-v4-tesmart-3.webp differ diff --git a/assets/img/posts/pikvm-v4-tesmart-4.gif b/assets/img/posts/pikvm-v4-tesmart-4.gif new file mode 100644 index 0000000000..91e8df069e Binary files /dev/null and b/assets/img/posts/pikvm-v4-tesmart-4.gif differ diff --git a/assets/img/posts/plex-ota-tv-epg.webp b/assets/img/posts/plex-ota-tv-epg.webp new file mode 100644 index 0000000000..bca12a1c22 Binary files /dev/null and b/assets/img/posts/plex-ota-tv-epg.webp differ diff --git a/assets/img/posts/plex-ota-tv-flat-antenna.webp b/assets/img/posts/plex-ota-tv-flat-antenna.webp new file mode 100644 index 0000000000..747d2680a8 Binary files /dev/null and b/assets/img/posts/plex-ota-tv-flat-antenna.webp differ diff --git a/assets/img/posts/plex-ota-tv-hd-homerun-4k-flex.webp b/assets/img/posts/plex-ota-tv-hd-homerun-4k-flex.webp new file mode 100644 index 0000000000..56c7f07648 Binary files /dev/null and b/assets/img/posts/plex-ota-tv-hd-homerun-4k-flex.webp differ diff --git a/assets/img/posts/plex-ota-tv-library.webp b/assets/img/posts/plex-ota-tv-library.webp new file mode 100644 index 0000000000..08db9ae1af Binary files /dev/null and b/assets/img/posts/plex-ota-tv-library.webp differ diff --git a/assets/img/posts/plex-ota-tv-lte-filter.webp b/assets/img/posts/plex-ota-tv-lte-filter.webp new file mode 100644 index 0000000000..bcbad81bbb Binary files /dev/null and b/assets/img/posts/plex-ota-tv-lte-filter.webp differ diff --git a/assets/img/posts/plex-ota-tv-mobile.webp b/assets/img/posts/plex-ota-tv-mobile.webp new file mode 100644 index 0000000000..4ee75f9b1e Binary files /dev/null and b/assets/img/posts/plex-ota-tv-mobile.webp differ diff --git a/assets/img/posts/plex-ota-tv-ota.webp b/assets/img/posts/plex-ota-tv-ota.webp new file mode 100644 index 0000000000..c17384ab01 Binary files /dev/null and b/assets/img/posts/plex-ota-tv-ota.webp differ diff --git a/assets/img/posts/plex-ota-tv-priority.webp b/assets/img/posts/plex-ota-tv-priority.webp new file mode 100644 index 0000000000..b7515ac6d9 Binary files /dev/null and b/assets/img/posts/plex-ota-tv-priority.webp differ diff --git a/assets/img/posts/plex-ota-tv-show.webp b/assets/img/posts/plex-ota-tv-show.webp new file mode 100644 index 0000000000..79f2954f44 Binary files /dev/null and b/assets/img/posts/plex-ota-tv-show.webp differ diff --git a/assets/img/posts/plex-ota-tv-skip.webp b/assets/img/posts/plex-ota-tv-skip.webp new file mode 100644 index 0000000000..2fc8757779 Binary files /dev/null and b/assets/img/posts/plex-ota-tv-skip.webp differ diff --git a/assets/img/posts/power-over-ethernet-is-awesome-1.webp b/assets/img/posts/power-over-ethernet-is-awesome-1.webp new file mode 100644 index 0000000000..1000a04c13 Binary files /dev/null and b/assets/img/posts/power-over-ethernet-is-awesome-1.webp differ diff --git a/assets/img/posts/power-over-ethernet-is-awesome-2.webp b/assets/img/posts/power-over-ethernet-is-awesome-2.webp new file mode 100644 index 0000000000..c038a8d28e Binary files /dev/null and b/assets/img/posts/power-over-ethernet-is-awesome-2.webp differ diff --git a/assets/img/posts/powertoys-always-on-top.webp b/assets/img/posts/powertoys-always-on-top.webp new file mode 100644 index 0000000000..8c6ccfd72a Binary files /dev/null and b/assets/img/posts/powertoys-always-on-top.webp differ diff --git a/assets/img/posts/powertoys-awake.webp b/assets/img/posts/powertoys-awake.webp new file mode 100644 index 0000000000..d9331a13c2 Binary files /dev/null and b/assets/img/posts/powertoys-awake.webp differ diff --git a/assets/img/posts/powertoys-color-picker.webp b/assets/img/posts/powertoys-color-picker.webp new file mode 100644 index 0000000000..b17715d436 Binary files /dev/null and b/assets/img/posts/powertoys-color-picker.webp differ diff --git a/assets/img/posts/powertoys-fancy-zones.webp b/assets/img/posts/powertoys-fancy-zones.webp new file mode 100644 index 0000000000..1d2dca73e3 Binary files /dev/null and b/assets/img/posts/powertoys-fancy-zones.webp differ diff --git a/assets/img/posts/powertoys-file-explorer-add-ons.webp b/assets/img/posts/powertoys-file-explorer-add-ons.webp new file mode 100644 index 0000000000..d7bba3c95f Binary files /dev/null and b/assets/img/posts/powertoys-file-explorer-add-ons.webp differ diff --git a/assets/img/posts/powertoys-file-locksmith.webp b/assets/img/posts/powertoys-file-locksmith.webp new file mode 100644 index 0000000000..e66b582625 Binary files /dev/null and b/assets/img/posts/powertoys-file-locksmith.webp differ diff --git a/assets/img/posts/powertoys-host-file-editor.webp b/assets/img/posts/powertoys-host-file-editor.webp new file mode 100644 index 0000000000..1ab494822b Binary files /dev/null and b/assets/img/posts/powertoys-host-file-editor.webp differ diff --git a/assets/img/posts/powertoys-image-resizer.webp b/assets/img/posts/powertoys-image-resizer.webp new file mode 100644 index 0000000000..888aab1bc3 Binary files /dev/null and b/assets/img/posts/powertoys-image-resizer.webp differ diff --git a/assets/img/posts/powertoys-keyboard-manager.webp b/assets/img/posts/powertoys-keyboard-manager.webp new file mode 100644 index 0000000000..f2de1b24e0 Binary files /dev/null and b/assets/img/posts/powertoys-keyboard-manager.webp differ diff --git a/assets/img/posts/powertoys-mouse-utilities.webp b/assets/img/posts/powertoys-mouse-utilities.webp new file mode 100644 index 0000000000..1d152c5325 Binary files /dev/null and b/assets/img/posts/powertoys-mouse-utilities.webp differ diff --git a/assets/img/posts/powertoys-mouse-without-borders.webp b/assets/img/posts/powertoys-mouse-without-borders.webp new file mode 100644 index 0000000000..eedf7185ff Binary files /dev/null and b/assets/img/posts/powertoys-mouse-without-borders.webp differ diff --git a/assets/img/posts/powertoys-paste-as-plain-text.webp b/assets/img/posts/powertoys-paste-as-plain-text.webp new file mode 100644 index 0000000000..63a11920d7 Binary files /dev/null and b/assets/img/posts/powertoys-paste-as-plain-text.webp differ diff --git a/assets/img/posts/powertoys-peek.webp b/assets/img/posts/powertoys-peek.webp new file mode 100644 index 0000000000..dd9d72a9bd Binary files /dev/null and b/assets/img/posts/powertoys-peek.webp differ diff --git a/assets/img/posts/powertoys-power-rename.webp b/assets/img/posts/powertoys-power-rename.webp new file mode 100644 index 0000000000..3329ead554 Binary files /dev/null and b/assets/img/posts/powertoys-power-rename.webp differ diff --git a/assets/img/posts/powertoys-quick-accent.webp b/assets/img/posts/powertoys-quick-accent.webp new file mode 100644 index 0000000000..e6d7bf7628 Binary files /dev/null and b/assets/img/posts/powertoys-quick-accent.webp differ diff --git a/assets/img/posts/powertoys-registry-preview.webp b/assets/img/posts/powertoys-registry-preview.webp new file mode 100644 index 0000000000..feafe8d856 Binary files /dev/null and b/assets/img/posts/powertoys-registry-preview.webp differ diff --git a/assets/img/posts/powertoys-run.webp b/assets/img/posts/powertoys-run.webp new file mode 100644 index 0000000000..9b4205f8ad Binary files /dev/null and b/assets/img/posts/powertoys-run.webp differ diff --git a/assets/img/posts/powertoys-screen-ruler.webp b/assets/img/posts/powertoys-screen-ruler.webp new file mode 100644 index 0000000000..6461bfa72e Binary files /dev/null and b/assets/img/posts/powertoys-screen-ruler.webp differ diff --git a/assets/img/posts/powertoys-shortcut-guide.webp b/assets/img/posts/powertoys-shortcut-guide.webp new file mode 100644 index 0000000000..805e666e82 Binary files /dev/null and b/assets/img/posts/powertoys-shortcut-guide.webp differ diff --git a/assets/img/posts/powertoys-text-extractor.webp b/assets/img/posts/powertoys-text-extractor.webp new file mode 100644 index 0000000000..53253db7e7 Binary files /dev/null and b/assets/img/posts/powertoys-text-extractor.webp differ diff --git a/assets/img/posts/powertoys-video-conference-mute.webp b/assets/img/posts/powertoys-video-conference-mute.webp new file mode 100644 index 0000000000..8f3749d0b6 Binary files /dev/null and b/assets/img/posts/powertoys-video-conference-mute.webp differ diff --git a/assets/img/posts/protectli-bios-vp4650.webp b/assets/img/posts/protectli-bios-vp4650.webp new file mode 100644 index 0000000000..ff9ed40040 Binary files /dev/null and b/assets/img/posts/protectli-bios-vp4650.webp differ diff --git a/assets/img/posts/protectli-connectivity-vp4650.webp b/assets/img/posts/protectli-connectivity-vp4650.webp new file mode 100644 index 0000000000..6b98c77189 Binary files /dev/null and b/assets/img/posts/protectli-connectivity-vp4650.webp differ diff --git a/assets/img/posts/protectli-intel-rdp-vp4650.webp b/assets/img/posts/protectli-intel-rdp-vp4650.webp new file mode 100644 index 0000000000..553182c5cc Binary files /dev/null and b/assets/img/posts/protectli-intel-rdp-vp4650.webp differ diff --git a/assets/img/posts/protectli-internals-vp4650.webp b/assets/img/posts/protectli-internals-vp4650.webp new file mode 100644 index 0000000000..a95fbb2cf3 Binary files /dev/null and b/assets/img/posts/protectli-internals-vp4650.webp differ diff --git a/assets/img/posts/protectli-network-ports-vp4650.webp b/assets/img/posts/protectli-network-ports-vp4650.webp new file mode 100644 index 0000000000..391ae5fb75 Binary files /dev/null and b/assets/img/posts/protectli-network-ports-vp4650.webp differ diff --git a/assets/img/posts/protectli-plex-transcoding-vp4650.webp b/assets/img/posts/protectli-plex-transcoding-vp4650.webp new file mode 100644 index 0000000000..eb9e14a1fb Binary files /dev/null and b/assets/img/posts/protectli-plex-transcoding-vp4650.webp differ diff --git a/assets/img/posts/protectli-power-draw-vp4650.webp b/assets/img/posts/protectli-power-draw-vp4650.webp new file mode 100644 index 0000000000..f19836ec76 Binary files /dev/null and b/assets/img/posts/protectli-power-draw-vp4650.webp differ diff --git a/assets/img/posts/protectli-proxmox-as-desktop-vp4650.webp b/assets/img/posts/protectli-proxmox-as-desktop-vp4650.webp new file mode 100644 index 0000000000..931ccbc8a5 Binary files /dev/null and b/assets/img/posts/protectli-proxmox-as-desktop-vp4650.webp differ diff --git a/assets/img/posts/protectli-stickers-vp4650.webp b/assets/img/posts/protectli-stickers-vp4650.webp new file mode 100644 index 0000000000..a0afdff666 Binary files /dev/null and b/assets/img/posts/protectli-stickers-vp4650.webp differ diff --git a/assets/img/posts/protectli-temps-vp4650.webp b/assets/img/posts/protectli-temps-vp4650.webp new file mode 100644 index 0000000000..a28b6e1c10 Binary files /dev/null and b/assets/img/posts/protectli-temps-vp4650.webp differ diff --git a/assets/img/posts/protectli-ultimate-router.webp b/assets/img/posts/protectli-ultimate-router.webp new file mode 100644 index 0000000000..ee36b0a008 Binary files /dev/null and b/assets/img/posts/protectli-ultimate-router.webp differ diff --git a/assets/img/posts/protectli-vault-vp2420.webp b/assets/img/posts/protectli-vault-vp2420.webp new file mode 100644 index 0000000000..55bd3ca644 Binary files /dev/null and b/assets/img/posts/protectli-vault-vp2420.webp differ diff --git a/assets/img/posts/proxmox-8-upgrade-screen-shot.webp b/assets/img/posts/proxmox-8-upgrade-screen-shot.webp new file mode 100644 index 0000000000..4faa9e56c5 Binary files /dev/null and b/assets/img/posts/proxmox-8-upgrade-screen-shot.webp differ diff --git a/assets/img/posts/renovate-github-helm-mysql.webp b/assets/img/posts/renovate-github-helm-mysql.webp new file mode 100644 index 0000000000..e12534b7e2 Binary files /dev/null and b/assets/img/posts/renovate-github-helm-mysql.webp differ diff --git a/assets/img/posts/renovate-pr-logs.webp b/assets/img/posts/renovate-pr-logs.webp new file mode 100644 index 0000000000..9d1475d5f8 Binary files /dev/null and b/assets/img/posts/renovate-pr-logs.webp differ diff --git a/assets/img/posts/scrypted-homekit-apple-tv.webp b/assets/img/posts/scrypted-homekit-apple-tv.webp new file mode 100644 index 0000000000..a1d3dccc54 Binary files /dev/null and b/assets/img/posts/scrypted-homekit-apple-tv.webp differ diff --git a/assets/img/posts/scrypted-integrations-and-hubs.webp b/assets/img/posts/scrypted-integrations-and-hubs.webp new file mode 100644 index 0000000000..eb54750ed4 Binary files /dev/null and b/assets/img/posts/scrypted-integrations-and-hubs.webp differ diff --git a/assets/img/posts/scrypted-pip-tv-game.webp b/assets/img/posts/scrypted-pip-tv-game.webp new file mode 100644 index 0000000000..4e8d646d56 Binary files /dev/null and b/assets/img/posts/scrypted-pip-tv-game.webp differ diff --git a/assets/img/posts/scrypted-plugin-install.webp b/assets/img/posts/scrypted-plugin-install.webp new file mode 100644 index 0000000000..753aebe793 Binary files /dev/null and b/assets/img/posts/scrypted-plugin-install.webp differ diff --git a/assets/img/posts/scrypted-portainer-install.webp b/assets/img/posts/scrypted-portainer-install.webp new file mode 100644 index 0000000000..6562734579 Binary files /dev/null and b/assets/img/posts/scrypted-portainer-install.webp differ diff --git a/assets/img/posts/scrypted-unifi-protect-user.webp b/assets/img/posts/scrypted-unifi-protect-user.webp new file mode 100644 index 0000000000..ab63b14f8d Binary files /dev/null and b/assets/img/posts/scrypted-unifi-protect-user.webp differ diff --git a/assets/img/posts/sysracks-12u-rack-19-inch.webp b/assets/img/posts/sysracks-12u-rack-19-inch.webp new file mode 100644 index 0000000000..ef8603981d Binary files /dev/null and b/assets/img/posts/sysracks-12u-rack-19-inch.webp differ diff --git a/assets/img/posts/sysracks-12u-rack-assembly.webp b/assets/img/posts/sysracks-12u-rack-assembly.webp new file mode 100644 index 0000000000..21a3de7ee7 Binary files /dev/null and b/assets/img/posts/sysracks-12u-rack-assembly.webp differ diff --git a/assets/img/posts/sysracks-12u-rack-close-up.webp b/assets/img/posts/sysracks-12u-rack-close-up.webp new file mode 100644 index 0000000000..449e541049 Binary files /dev/null and b/assets/img/posts/sysracks-12u-rack-close-up.webp differ diff --git a/assets/img/posts/sysracks-12u-rack-full.webp b/assets/img/posts/sysracks-12u-rack-full.webp new file mode 100644 index 0000000000..930adc495f Binary files /dev/null and b/assets/img/posts/sysracks-12u-rack-full.webp differ diff --git a/assets/img/posts/sysracks-12u-rack-rackstuds.webp b/assets/img/posts/sysracks-12u-rack-rackstuds.webp new file mode 100644 index 0000000000..9021c32c59 Binary files /dev/null and b/assets/img/posts/sysracks-12u-rack-rackstuds.webp differ diff --git a/assets/img/posts/techno-timgithub-profile.webp b/assets/img/posts/techno-timgithub-profile.webp new file mode 100644 index 0000000000..bb4da54ceb Binary files /dev/null and b/assets/img/posts/techno-timgithub-profile.webp differ diff --git a/assets/img/posts/unifi-express-1.webp b/assets/img/posts/unifi-express-1.webp new file mode 100644 index 0000000000..93ea3c31c7 Binary files /dev/null and b/assets/img/posts/unifi-express-1.webp differ diff --git a/assets/img/posts/unifi-express-10.webp b/assets/img/posts/unifi-express-10.webp new file mode 100644 index 0000000000..816a2749c0 Binary files /dev/null and b/assets/img/posts/unifi-express-10.webp differ diff --git a/assets/img/posts/unifi-express-11.webp b/assets/img/posts/unifi-express-11.webp new file mode 100644 index 0000000000..fdea71c49f Binary files /dev/null and b/assets/img/posts/unifi-express-11.webp differ diff --git a/assets/img/posts/unifi-express-12.webp b/assets/img/posts/unifi-express-12.webp new file mode 100644 index 0000000000..08198ff5f1 Binary files /dev/null and b/assets/img/posts/unifi-express-12.webp differ diff --git a/assets/img/posts/unifi-express-13.webp b/assets/img/posts/unifi-express-13.webp new file mode 100644 index 0000000000..34d8995a3c Binary files /dev/null and b/assets/img/posts/unifi-express-13.webp differ diff --git a/assets/img/posts/unifi-express-14.webp b/assets/img/posts/unifi-express-14.webp new file mode 100644 index 0000000000..05d24805ee Binary files /dev/null and b/assets/img/posts/unifi-express-14.webp differ diff --git a/assets/img/posts/unifi-express-2.webp b/assets/img/posts/unifi-express-2.webp new file mode 100644 index 0000000000..de92c6f447 Binary files /dev/null and b/assets/img/posts/unifi-express-2.webp differ diff --git a/assets/img/posts/unifi-express-3.webp b/assets/img/posts/unifi-express-3.webp new file mode 100644 index 0000000000..30fbac22e1 Binary files /dev/null and b/assets/img/posts/unifi-express-3.webp differ diff --git a/assets/img/posts/unifi-express-4.webp b/assets/img/posts/unifi-express-4.webp new file mode 100644 index 0000000000..ecffefb56f Binary files /dev/null and b/assets/img/posts/unifi-express-4.webp differ diff --git a/assets/img/posts/unifi-express-5.webp b/assets/img/posts/unifi-express-5.webp new file mode 100644 index 0000000000..42304466f1 Binary files /dev/null and b/assets/img/posts/unifi-express-5.webp differ diff --git a/assets/img/posts/unifi-express-6.webp b/assets/img/posts/unifi-express-6.webp new file mode 100644 index 0000000000..7f04fe39eb Binary files /dev/null and b/assets/img/posts/unifi-express-6.webp differ diff --git a/assets/img/posts/unifi-express-7.webp b/assets/img/posts/unifi-express-7.webp new file mode 100644 index 0000000000..11aef0a484 Binary files /dev/null and b/assets/img/posts/unifi-express-7.webp differ diff --git a/assets/img/posts/unifi-express-8.webp b/assets/img/posts/unifi-express-8.webp new file mode 100644 index 0000000000..b67c87cbef Binary files /dev/null and b/assets/img/posts/unifi-express-8.webp differ diff --git a/assets/img/posts/unifi-express-9.webp b/assets/img/posts/unifi-express-9.webp new file mode 100644 index 0000000000..4bb78ef85e Binary files /dev/null and b/assets/img/posts/unifi-express-9.webp differ diff --git a/assets/img/posts/unifi-na-networks.webp b/assets/img/posts/unifi-na-networks.webp new file mode 100644 index 0000000000..9b7f1e5e41 Binary files /dev/null and b/assets/img/posts/unifi-na-networks.webp differ diff --git a/assets/img/posts/unifi-na-ports.webp b/assets/img/posts/unifi-na-ports.webp new file mode 100644 index 0000000000..66e601b769 Binary files /dev/null and b/assets/img/posts/unifi-na-ports.webp differ diff --git a/assets/img/posts/unifi-na-profiles.webp b/assets/img/posts/unifi-na-profiles.webp new file mode 100644 index 0000000000..57cafb35f2 Binary files /dev/null and b/assets/img/posts/unifi-na-profiles.webp differ diff --git a/assets/img/posts/unifi-na-wifi-networks.webp b/assets/img/posts/unifi-na-wifi-networks.webp new file mode 100644 index 0000000000..dc82b459d6 Binary files /dev/null and b/assets/img/posts/unifi-na-wifi-networks.webp differ diff --git a/assets/img/posts/vlan-testing-rules.webp b/assets/img/posts/vlan-testing-rules.webp new file mode 100644 index 0000000000..10fabe7b9b Binary files /dev/null and b/assets/img/posts/vlan-testing-rules.webp differ diff --git a/assets/img/posts/wake-on-lan-app-windows.webp b/assets/img/posts/wake-on-lan-app-windows.webp new file mode 100644 index 0000000000..9619c152dc Binary files /dev/null and b/assets/img/posts/wake-on-lan-app-windows.webp differ diff --git a/assets/img/posts/windows-nic-power-management-wol.webp b/assets/img/posts/windows-nic-power-management-wol.webp new file mode 100644 index 0000000000..a55affdb8f Binary files /dev/null and b/assets/img/posts/windows-nic-power-management-wol.webp differ diff --git a/assets/img/posts/zimablade-review-1.webp b/assets/img/posts/zimablade-review-1.webp new file mode 100644 index 0000000000..efde88af4c Binary files /dev/null and b/assets/img/posts/zimablade-review-1.webp differ diff --git a/assets/img/posts/zimablade-review-11.webp b/assets/img/posts/zimablade-review-11.webp new file mode 100644 index 0000000000..f3ec0ff496 Binary files /dev/null and b/assets/img/posts/zimablade-review-11.webp differ diff --git a/assets/img/posts/zimablade-review-12.webp b/assets/img/posts/zimablade-review-12.webp new file mode 100644 index 0000000000..9ae481d3b1 Binary files /dev/null and b/assets/img/posts/zimablade-review-12.webp differ diff --git a/assets/img/posts/zimablade-review-2.webp b/assets/img/posts/zimablade-review-2.webp new file mode 100644 index 0000000000..8e75f68cda Binary files /dev/null and b/assets/img/posts/zimablade-review-2.webp differ diff --git a/assets/img/posts/zimablade-review-4.webp b/assets/img/posts/zimablade-review-4.webp new file mode 100644 index 0000000000..7fbd07a02d Binary files /dev/null and b/assets/img/posts/zimablade-review-4.webp differ diff --git a/assets/img/posts/zimablade-review-6.webp b/assets/img/posts/zimablade-review-6.webp new file mode 100644 index 0000000000..17b6e27777 Binary files /dev/null and b/assets/img/posts/zimablade-review-6.webp differ diff --git a/assets/img/posts/zimablade-review-7.webp b/assets/img/posts/zimablade-review-7.webp new file mode 100644 index 0000000000..8d14822291 Binary files /dev/null and b/assets/img/posts/zimablade-review-7.webp differ diff --git a/assets/img/posts/zimablade-review-8.webp b/assets/img/posts/zimablade-review-8.webp new file mode 100644 index 0000000000..585f345696 Binary files /dev/null and b/assets/img/posts/zimablade-review-8.webp differ diff --git a/assets/img/posts/zimablade-review-9.webp b/assets/img/posts/zimablade-review-9.webp new file mode 100644 index 0000000000..7eb1f68077 Binary files /dev/null and b/assets/img/posts/zimablade-review-9.webp differ diff --git a/assets/img/posts/zimaboard-832-front.webp b/assets/img/posts/zimaboard-832-front.webp new file mode 100644 index 0000000000..94a9f034b2 Binary files /dev/null and b/assets/img/posts/zimaboard-832-front.webp differ diff --git a/assets/img/posts/zimaboard-832-full-shot.webp b/assets/img/posts/zimaboard-832-full-shot.webp new file mode 100644 index 0000000000..bfbaa6f858 Binary files /dev/null and b/assets/img/posts/zimaboard-832-full-shot.webp differ diff --git a/assets/img/posts/zimaboard-casaos-files-app.webp b/assets/img/posts/zimaboard-casaos-files-app.webp new file mode 100644 index 0000000000..ee569f5270 Binary files /dev/null and b/assets/img/posts/zimaboard-casaos-files-app.webp differ diff --git a/assets/img/posts/zimaboard-casaos-filesdrop-app.webp b/assets/img/posts/zimaboard-casaos-filesdrop-app.webp new file mode 100644 index 0000000000..953e3ad69e Binary files /dev/null and b/assets/img/posts/zimaboard-casaos-filesdrop-app.webp differ diff --git a/assets/img/posts/zimaboard-casaos-storage.webp b/assets/img/posts/zimaboard-casaos-storage.webp new file mode 100644 index 0000000000..9375c7b750 Binary files /dev/null and b/assets/img/posts/zimaboard-casaos-storage.webp differ diff --git a/assets/img/posts/zimaboard-casaos.webp b/assets/img/posts/zimaboard-casaos.webp new file mode 100644 index 0000000000..8a1a903044 Binary files /dev/null and b/assets/img/posts/zimaboard-casaos.webp differ diff --git a/assets/img/posts/zimaboard-coral-tpu.webp b/assets/img/posts/zimaboard-coral-tpu.webp new file mode 100644 index 0000000000..0672b7880e Binary files /dev/null and b/assets/img/posts/zimaboard-coral-tpu.webp differ diff --git a/assets/img/posts/zimaboard-emulation-station.webp b/assets/img/posts/zimaboard-emulation-station.webp new file mode 100644 index 0000000000..4dd4cb728a Binary files /dev/null and b/assets/img/posts/zimaboard-emulation-station.webp differ diff --git a/assets/img/posts/zimaboard-gpu-nvidia.webp b/assets/img/posts/zimaboard-gpu-nvidia.webp new file mode 100644 index 0000000000..be5210661a Binary files /dev/null and b/assets/img/posts/zimaboard-gpu-nvidia.webp differ diff --git a/assets/img/posts/zimaboard-hdd-wipe.webp b/assets/img/posts/zimaboard-hdd-wipe.webp new file mode 100644 index 0000000000..c1620fff24 Binary files /dev/null and b/assets/img/posts/zimaboard-hdd-wipe.webp differ diff --git a/assets/img/posts/zimaboard-nvme-connect.webp b/assets/img/posts/zimaboard-nvme-connect.webp new file mode 100644 index 0000000000..56de1addea Binary files /dev/null and b/assets/img/posts/zimaboard-nvme-connect.webp differ diff --git a/assets/img/posts/zimaboard-pcie-4-port-nic.webp b/assets/img/posts/zimaboard-pcie-4-port-nic.webp new file mode 100644 index 0000000000..1ab4268d03 Binary files /dev/null and b/assets/img/posts/zimaboard-pcie-4-port-nic.webp differ diff --git a/assets/img/posts/zimaboard-pcie-slot.webp b/assets/img/posts/zimaboard-pcie-slot.webp new file mode 100644 index 0000000000..bfd584e5f2 Binary files /dev/null and b/assets/img/posts/zimaboard-pcie-slot.webp differ diff --git a/assets/img/posts/zimaboard-size-compare.webp b/assets/img/posts/zimaboard-size-compare.webp new file mode 100644 index 0000000000..769d7407e3 Binary files /dev/null and b/assets/img/posts/zimaboard-size-compare.webp differ diff --git a/assets/img/posts/zimaboard-ubuntu-desktop.webp b/assets/img/posts/zimaboard-ubuntu-desktop.webp new file mode 100644 index 0000000000..65f3b0bfb8 Binary files /dev/null and b/assets/img/posts/zimaboard-ubuntu-desktop.webp differ diff --git a/assets/index.html b/assets/index.html new file mode 100644 index 0000000000..d47b1df30e --- /dev/null +++ b/assets/index.html @@ -0,0 +1 @@ + | Techno Tim
Redirect
"/assets/", "to"=>"https://technotim.live/404.html"}" />"/assets/", "to"=>"https://technotim.live/404.html"}" /> Page Redirection If you are not redirected automatically, follow this link.
diff --git a/assets/js/data/search.json b/assets/js/data/search.json new file mode 100644 index 0000000000..effddb1347 --- /dev/null +++ b/assets/js/data/search.json @@ -0,0 +1 @@ +[ { "title": "I turned a gaming case into a living room NAS", "url": "/posts/living-room-nas/", "categories": "homelab", "tags": "proxmox, homelab", "date": "2024-09-28 08:00:00 -0500", "snippet": "This case was meant for gaming but I decided to do a little tinkering to see if I could truly turn this build into a NAS for a good-looking home server in your living room.📺 Watch VideoInfoI origin...", "content": "This case was meant for gaming but I decided to do a little tinkering to see if I could truly turn this build into a NAS for a good-looking home server in your living room.📺 Watch VideoInfoI originally built a standalone media server on Windows that focused on low energy use, but decided to take it one step further.📦 Products in video (affiliate links): Fractal Design Terra Case: https://amzn.to/3MLBXCD Intel Corei3 14100 CPU: https://amzn.to/3Zmaq2k ASUS ROG Strix B760-I Motherboard: https://amzn.to/3XvqkVH Corsair DDR5 RAM 64GB: https://amzn.to/3zbZD06 Noctua Low- Profile CPU Cooler: https://amzn.to/3XpAirv Corsair SF750 SFF Power Supply: https://amzn.to/3ZsZ1xS Seagate Exos X18 18TB Hard Drive: https://amzn.to/4gsQReF Noctua NF-A8 PWM Fan - https://amzn.to/4d3t42h Hard Drive Rubber Stands - https://amzn.to/4gueXWs Kill A Watt Electricity Monitor - https://amzn.to/3zpAVt5 Mini monitor everyone keeps asking about - https://amzn.to/4deDP1ECheck out the whole kit here: https://kit.co/TechnoTim/low-power-media-serverJoin the conversationThis week I tinkered some more and I converted a gaming case into a server quiet and good looking enough for your living room.https://t.co/jbbjpzPH4W— Techno Tim (@TechnoTimLive) October 3, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "You should be using Proxmox Backup Server", "url": "/posts/proxmox-backup-server/", "categories": "homelab", "tags": "proxmox, homelab", "date": "2024-09-28 08:00:00 -0500", "snippet": "After years of ignoring it, I finally switched back to Proxmox Backup Server and reclaimed 6TB of disk space. Totally worth it.📺 Watch VideoInfoThe disk, network, and computational savings are inc...", "content": "After years of ignoring it, I finally switched back to Proxmox Backup Server and reclaimed 6TB of disk space. Totally worth it.📺 Watch VideoInfoThe disk, network, and computational savings are incredible with Proxmox Backup Server and you should be using it if you are running Proxmox VE. I used NFS for years and only now do I realize how inefficient that is. This is why I started using Proxmox Backup Server once again.Helpful links: Proxmox Backup Server Documentation Proxmox Backup Server Prune Simulator Guide on using NFS for your Proxmox Backup Server Dataset I followed this guide but stored the dataset on my TrueNAS server on an NFS share. The process is almost the same except use TrueNAS instead of Synology. Join the conversationAfter years of ignoring it, I finally switched back to Proxmox Backup Server and reclaimed 6TB of disk space. Totally worth it.https://t.co/SSFrkSkutT pic.twitter.com/AeMSjPqLOI— Techno Tim (@TechnoTimLive) September 28, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "Building a Low-Power, Fully Loaded Plex Server", "url": "/posts/plex-build-low-power-server/", "categories": "homelab", "tags": "plex, hardware, windows, linux, pc, server", "date": "2024-09-16 08:00:00 -0500", "snippet": "I built an efficient, good looking, Mini ITX Plex server that doesn’t skimp on the processing power, storage, or features like transcoding all while using only 16 watts of power. Each part is hand...", "content": "I built an efficient, good looking, Mini ITX Plex server that doesn’t skimp on the processing power, storage, or features like transcoding all while using only 16 watts of power. Each part is hand-picked and every setting is tweaked with efficiency in mind. Oh, and it would even look nice in your living space too! If you already have a Plex server, you can still follow this guide to be sure you are getting the most efficiency out of your hardware!A huge THANK YOU to Plex for sponsoring this video during Pro Week!Explore and learn more from Plex Pros here: https://www.plex.tv/pro-week.📺 Watch VideoDisclosures Plex sponsored this video however all content was written and edited by me personally.Info📦 Products in video (affiliate links): Fractal Design Terra Case: https://amzn.to/3MLBXCD Intel Corei3 14100 CPU: https://amzn.to/3Zmaq2k ASUS ROG Strix B760-I Motherboard: https://amzn.to/3XvqkVH Corsair DDR5 RAM 64GB: https://amzn.to/3zbZD06 Noctua Low- Profile CPU Cooler: https://amzn.to/3XpAirv Corsair SF750 SFF Power Supply: https://amzn.to/3ZsZ1xS Seagate Exos X18 18TB Hard Drive: https://amzn.to/4gsQReF Noctua NF-A8 PWM Fan - https://amzn.to/4d3t42h Hard Drive Rubber Stands - https://amzn.to/4gueXWs Kill A Watt Electricity Monitor - https://amzn.to/3zpAVt5 Mini monitor everyone keeps asking about - https://amzn.to/4deDP1ECheck out the whole kit here: https://kit.co/TechnoTim/low-power-media-serverJoin the conversationI built an efficient, good looking, Mini ITX Plex server that doesn’t skimp on the processing power, storage, or features like transcoding all while using 16 watts. Each part is hand-picked and every setting is tweaked with efficiency in mind.--->https://t.co/Ka4Sdb2xFe pic.twitter.com/IvguaiNB4m— Techno Tim (@TechnoTimLive) September 16, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "How one company is \"De-Microsoft-ifying\" and pushing Linux on the desktop", "url": "/posts/creator-summit-2024-demicrosoftification/", "categories": "homelab", "tags": "45drives, linux", "date": "2024-09-05 08:00:00 -0500", "snippet": "45Drives is De-Microsoft-ifying and leading the charge by replacing Windows with Linux desktops and replacing proprietary solutions with open source. This topic of “demicrosoftification” was discus...", "content": "45Drives is De-Microsoft-ifying and leading the charge by replacing Windows with Linux desktops and replacing proprietary solutions with open source. This topic of “demicrosoftification” was discussed at the Creator Summit 2024 at 45Drives headquarters. I attended along with many other tech YouTubers in this space. They also gave us a sneak peek at some new hardware too and an early look at some unique prototypes.Thanks to 45Drives for inviting me to this event! If you’d like to learn more about them you can here: https://www.45drives.com/techno-tim📺 Watch VideoDisclosures 45Drives did provide travel and accommodations to attend this event, however I was not paid.InfoHere are some helpful links: Link to my presentation at the Creator Summit: https://l.technotim.live/demicrosoftification-presentation 45Drives live stream of the event: https://www.youtube.com/watch?v=fCvXw86pqPw Craft Computing’s live stream we all crashed: https://www.youtube.com/watch?v=AcA1DYzVSK8Join the conversationHow one company is "De-Microsoft-ifying" and pushing Linux on the desktopCheck it out!--->https://t.co/UgAF5J62DY pic.twitter.com/3W8j2O1RtF— Techno Tim (@TechnoTimLive) September 5, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "The Best HomeLab Service Dashboard Yet!", "url": "/posts/homelab-assistant/", "categories": "homelab", "tags": "home-automation, home-assistant, homelab", "date": "2024-08-26 08:00:00 -0500", "snippet": "Say goodbye to all of the other Home Lab Dashboards that you end up not using, it’s time to use something smarter, Home Assistant.📺 Watch VideoDisclosures Nothing in this video was sponsoredInfo ...", "content": "Say goodbye to all of the other Home Lab Dashboards that you end up not using, it’s time to use something smarter, Home Assistant.📺 Watch VideoDisclosures Nothing in this video was sponsoredInfo Home Assistant: https://github.com/home-assistant/core HACS : https://github.com/hacs/integration System Monitor: https://www.home-assistant.io/integrations/systemmonitor/ TrueNAS: (Found in HACS) Plex Media Server: https://www.home-assistant.io/integrations/plex/ Proxmox: (Found in HACS) Pi-hole: https://www.home-assistant.io/integrations/pi_hole/ UniFi Network: https://www.home-assistant.io/integrations/unifi/ pfSense: (Found in HACS) System Bridge: https://www.home-assistant.io/integrations/system_bridge/ System Bridge Client: https://github.com/timmo001/system-bridgeCodeYou can check out my current Home Assistant Docker Compose StackJoin the conversationSay goodbye to all of the other Home Lab Dashboards that you end up not using, it's time to use something smarter, Home Assistant.-->https://t.co/VeliDgNYdq pic.twitter.com/6cAVe7ozQn</p>— Techno Tim (@TechnoTimLive) August 26, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "Create Your Own Zigbee Hub & Network", "url": "/posts/create-your-own-zigbee-hub/", "categories": "home-automation, hardware", "tags": "hardware, home-automation, zigbee, home-assistant", "date": "2024-08-04 08:00:00 -0500", "snippet": "This simple but powerful little adapter lets you build your own Zigbee network and easily add and manage it in Home Assistant, no hub required!📺 Watch VideoDisclosures Nothing in this video was sp...", "content": "This simple but powerful little adapter lets you build your own Zigbee network and easily add and manage it in Home Assistant, no hub required!📺 Watch VideoDisclosures Nothing in this video was sponsoredInfo SMLIGHT homepage: https://smlight.tech/ Zigbee2MQTT: https://github.com/Koenkk/zigbee2mqtt Mosquitto: https://github.com/eclipse/mosquitto Home Assistant: https://github.com/home-assistant/coreHardware SMLIGHT SLZB-06: https://amzn.to/4doSJ6B (affiliate link) THIRDREALITY ZigBee Smart Plug: https://amzn.to/3A8AlA7 (affiliate link)CodeA simplified Home Assistant Stack with Zigbee2MQTT Support. Don’t forget to update your Zigbee2MQTT configuration!---services: homeassistant: container_name: homeassistant image: ghcr.io/home-assistant/home-assistant:stable depends_on: - mqtt - zigbee2mqtt volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./home-assistant/config:/config environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} restart: unless-stopped ports: - 8123:8123 mqtt: container_name: mqtt environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} image: eclipse-mosquitto:latest restart: unless-stopped volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./mqtt/data:/mosquitto ports: - 1883:1883 - 9001:9001 command: mosquitto -c /mosquitto-no-auth.conf zigbee2mqtt: container_name: zigbee2mqtt environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} restart: unless-stopped image: koenkk/zigbee2mqtt:latest volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./zigbee2mqtt/data:/app/data ports: - 8080:8080My Home Assistant Stack:---services: homeassistant: container_name: homeassistant networks: iot_macvlan: ipv4_address: 192.168.20.202 traefik: image: ghcr.io/home-assistant/home-assistant:stable depends_on: - faster-whisper-gpu - wyoming-piper - mqtt - zigbee2mqtt volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./home-assistant/config:/config environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} restart: unless-stopped labels: - \"traefik.enable=true\" - \"traefik.http.routers.homeassistant.rule=Host(`homeassistant.local.techtronic.us`)\" - \"traefik.http.routers.homeassistant.entrypoints=https\" - \"traefik.http.routers.homeassistant.tls=true\" - \"traefik.http.routers.homeassistant.tls.certresolver=cloudflare\" - \"traefik.http.routers.homeassistant.middlewares=default-headers@file\" - \"traefik.http.services.homeassistant.loadbalancer.server.port=8123\" - \"com.centurylinklabs.watchtower.enable=true\" faster-whisper-gpu: image: lscr.io/linuxserver/faster-whisper:gpu container_name: faster-whisper-gpu networks: - traefik environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} - WHISPER_MODEL=tiny-int8 - WHISPER_BEAM=1 #optional - WHISPER_LANG=en #optional volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./faster-whisper/data:/config restart: unless-stopped labels: - \"com.centurylinklabs.watchtower.enable=true\" deploy: resources: reservations: devices: - driver: nvidia count: 1 capabilities: [gpu] wyoming-piper: container_name: wyoming-piper networks: - traefik image: rhasspy/wyoming-piper # no gpu volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./wyoming-piper/data:/data environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} restart: unless-stopped labels: - \"com.centurylinklabs.watchtower.enable=true\" command: --voice en_US-lessac-medium deploy: resources: reservations: devices: - driver: nvidia count: 1 capabilities: [gpu] mqtt: container_name: mqtt networks: - traefik environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} image: eclipse-mosquitto:latest restart: unless-stopped labels: - \"com.centurylinklabs.watchtower.enable=true\" volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./mqtt/data:/mosquitto command: mosquitto -c /mosquitto-no-auth.conf zigbee2mqtt: container_name: zigbee2mqtt networks: iot_macvlan: ipv4_address: 192.168.20.204 traefik: environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} restart: unless-stopped labels: - \"traefik.enable=true\" - \"traefik.http.routers.zigbee2mqtt.rule=Host(`zigbee2mqtt.local.techtronic.us`)\" - \"traefik.http.routers.zigbee2mqtt.entrypoints=https\" - \"traefik.http.routers.zigbee2mqtt.tls=true\" - \"traefik.http.routers.zigbee2mqtt.tls.certresolver=cloudflare\" - \"traefik.http.routers.zigbee2mqtt.middlewares=default-headers@file\" - \"traefik.http.services.zigbee2mqtt.loadbalancer.server.port=8080\" - \"com.centurylinklabs.watchtower.enable=true\" image: koenkk/zigbee2mqtt:latest volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./zigbee2mqtt/data:/app/datanetworks: traefik: external: true iot_macvlan: external: trueJoin the conversationIn today's side quest, I created my own Zigbee hub and network and added it to Home Assistant with this awesome little adapter!!check it out--->https://t.co/s0VRC6oLOD pic.twitter.com/8V9pavNH1T— Techno Tim (@TechnoTimLive) August 4, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "Mini Rack, HomeLab Stack", "url": "/posts/mini-rack-homelab-stack/", "categories": "homelab, hardware", "tags": "hardware, mini-rack, homelab", "date": "2024-07-26 08:00:00 -0500", "snippet": "There’s building a MINI SERVER RACK and then there’s beating Raid Owl in the mini server rack build challenge. Let’s see if I can do both.📺 Watch VideoDisclosures This video no longer has sponsors...", "content": "There’s building a MINI SERVER RACK and then there’s beating Raid Owl in the mini server rack build challenge. Let’s see if I can do both.📺 Watch VideoDisclosures This video no longer has sponsors RackMate T1, Protectli VP1210, (1) Beelink EQ13 (other was purchased), Axe Effect, and PiKVM v4 plus/mini were sent for review.InfoCheck out Raid Owl’s build here: https://www.youtube.com/watch?v=wJUDhQ7s9HMHardware📦 Mini Server Rack Parts List 📦 DeskPi RackMate T1: https://amzn.to/3zVZk9w DeskPi Rackmate Shelves: https://amzn.to/4di9gIZ Protectli VP1210: https://amzn.to/4bWEyUF Beelink EQ13: https://amzn.to/3Wfu9gR RealHD 2.5G Switch: https://amzn.to/46gA3TG Tenda 2.5G Switch (won’t fit in rack but dual SFP+): https://amzn.to/3SlShx4 PiKVM: https://pikvm.org/ Axe Effect by Craft Computing: https://www.craftcomputing.com/product/axe-effect-temperature-sensor-beta-/1?cs=true&cst=custom EZCOO KVM: https://amzn.to/3WgjO4u 120mm USB Ran: https://amzn.to/3YhsIRL Noctua 5V 120mm fan: https://amzn.to/46kFS2c Rii X8 Mini Keyboard: https://amzn.to/3WkQmtY USB to SATA adapter: https://amzn.to/46gWWGu 12” HDMI Cables: https://amzn.to/3LBT3T3 SmallRig Monitor Clamp (Magic Arm): https://amzn.to/3Skj9hh Cable Organizer Box: https://amzn.to/3ylG4BP Cable clips: https://amzn.to/3WkFYSW 280W USB GaN III Charger: https://amzn.to/3LzF6Fl Anker Surge Protector: https://amzn.to/3LzFvaP(Affiliate links may be included in this description. I may receive a small commission at no cost to you.)Join the conversationI finished my mini server rack build! I basically shrunk an entire HomeLab into this small rack.Check it out! ---->https://t.co/NPI2YcSZcb pic.twitter.com/xJRmwyXYzP— Techno Tim (@TechnoTimLive) July 26, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "How to Self-Host Your Own Private AI Stack", "url": "/posts/ai-stack-tutorial/", "categories": "homelab, self-hosted", "tags": "ai, docker, software, llm, ollama, whisper", "date": "2024-07-08 08:00:00 -0500", "snippet": "In this tutorial we’ll walk through my local, private, self-hosted AI stack so that you can run it too.📺 Watch VideoDisclosures Nothing in this video was sponsoredInfoIf you’re looking for the ove...", "content": "In this tutorial we’ll walk through my local, private, self-hosted AI stack so that you can run it too.📺 Watch VideoDisclosures Nothing in this video was sponsoredInfoIf you’re looking for the overview of this stack, you can out the video here Self-Hosted AI That’s Actually UsefulHardware Machine Used for AI: Building My ULTIMATE, All-inOne, HomeLab ServerGPUsHere are some cards that are good for local AI. Keep in mind that it’s always better to get a newer one for better CUDA support and more RAM. 8GB of RAM should be good for small models like the ones in this stack, however 12-24 is probably best.NVIDIA RTX 3000 Series MSI Gaming GeForce RTX 3060 12GB GIGABYTE GeForce RTX 3060 Gaming OC 12G NVIDIA GeForce RTX 3090 Founders Edition Graphics Card (Renewed) 24GB Zotac Gaming GeForce RTX 3090 Trinity OC, 24GBNVIDIA RTX 4000 Series ASUS TUF Gaming GeForce RTX™ 4090 OG OC Edition Gaming Graphics Card 24GB MSI Gaming GeForce RTX 4060 8GB ASUS Dual GeForce RTX™ 4070 White OC Edition 12GBCPUYou’ll want a modern CPU, if you are going desktop class here are a few I would choose Intel Core i7-12700K Gaming Desktop Processor Intel Core i7-13700K Gaming Desktop Processor Intel Core i7-14700K Gaming Desktop ProcessorStorageFor flash storage, I always go with these SSDs Samsung 870 EVO SATA SAMSUNG 990 PRO SSD NVMeOperating SystemI am running Ubuntu Server 24.04 LTSDriversInstalling NVIDIA DriversIf you need help, you can check out this article but here are the commands I ran.Install the best desktop graphics card for your machine.sudo ubuntu-drivers installInstall NVIDIA toolsBe sure you install the version that matches your driver from abovesudo apt install nvidia-utils-535Then reboot your machinesudo rebootOnce the machine is back up, check to be sure your drivers are functioning properlynvidia-smi Software OverviewHere are the packages and repo’s we’re be using Ollama Open WebUI ComfyUI Stable Diffusion web UI pluja/whishper HuggingFace Home Assistant Wyoming Protocol Continue Code Assistant searXNG MacWhisperTraefikUsingI am using Traefik as the only entry point into this stack. No ports are exposed on the host. If you don’t want to use traefik, just comment out the labels (and optionally rename the network named traefik). You will then need to expose ports for open-webui, stable-diffusion-webui, and whisper in your Docker compose file.If you need help installing Traefik, see this post on installing traefik 3 on DockerDNS Note: If using traefik (or any reverse proxy, remember that all of your internal DNS records will point to this machine! e.g. If the machine running this stack’s ip is 192.168.0.100 you’ll need a DNS record like chat.local.example.com that points to 192.168.0.100Auth MiddlewareThis stack contains middleware for basic auth so that the Ollama so that it is secure with a username and password. This is optional. If you don’t want to use basic auth, just remove the auth middleware labels from the ollama service in your compose.Otherwise, here’s how you create the credential:Hashing your password for traefik middlewareecho $(htpasswd -nB ollamauser) | sed -e s/\\\\$/\\\\$\\\\$/gYou’ll then want to place this in your .env here using the OLLAMA_API_CREDENTIALS variable. This is then used in the ollama service in your compose file.Basic Auth HashIf you want to create a hash value for Basic Auth (Used for Continue extension). You’ll need to use the credential from above.echo 'ollamauser:ollamapassword!' | base64NVIDIA Container ToolkitIf you run into issues, you can always visit the NVIDIA Container ToolkitConfigure the production repositorycurl -fsSL https://nvidia.github.io/libnvidia-container/gpgkey | sudo gpg --dearmor -o /usr/share/keyrings/nvidia-container-toolkit-keyring.gpg \\ && curl -s -L https://nvidia.github.io/libnvidia-container/stable/deb/nvidia-container-toolkit.list | \\ sed 's#deb https://#deb [signed-by=/usr/share/keyrings/nvidia-container-toolkit-keyring.gpg] https://#g' | \\ sudo tee /etc/apt/sources.list.d/nvidia-container-toolkit.listUpdate the packages list from the repository:sudo apt-get updateInstall the NVIDIA Container Toolkit packagessudo apt-get install -y nvidia-container-toolkitConfigure the container runtime by using the nvidia-ctk command and restart dockersudo nvidia-ctk runtime configure --runtime=dockersudo systemctl restart dockerThis will fail if you don’t have Docker installed yet.DockerIf you need to install Docker see this post on how to install docker and docker composeAfter installing Docker you will need to reconfigure the runtimesudo nvidia-ctk runtime configure --runtime=dockersudo systemctl restart dockerTestingThis will test to make sure that the NVIDIA container toolkit can access the NVidia driver.sudo docker run --rm --runtime=nvidia --gpus all ubuntu nvidia-smiYou should see the same output as running nvidia-smi without Docker.Folder StructureStacks live in /opt/stacksHere is the folder structure. Most subfolders are created when binding volumes.├── ai-stack│ ├── .env│   ├── compose.yaml│   ├── ollama│   ├── open-webui│   ├── searxng│   ├── stable-diffusion-webui-docker│   └── whisper├── home-assistant-stack│   ├── compose.yaml│   ├── faster-whisper│   ├── home-assistant│   └── wyoming-piperFolder PermissionsIf you run into any folder permission errors while running any of this, you can simple change the owner to yourself using the command. Please replace the user and group with your own user and group.sudo chown serveradmin:serveradmin -R /opt/stacksVariables with .envMy ai-stack .envis pretty minimalOLLAMA_API_CREDENTIALS=DB_USER=DB_PASS=WHISHPER_HOST=https://whisper.local.example.comWHISPER_MODELS=tiny,smallPUID=PGID=AI Stack (Docker Compose)Here is my compose.yamlYou’ll want to create this in the root of your stack folder (see folder structure above)The command I use to start, build, and remove orphans is:docker compose up -d --build --force-recreate --remove-orphansotherwise you can usedocker compose up -d --buildThere are additional steps you’ll need to do before starting this stack. Please continue on to the end.Here are 2 Docker compose files that you can use on your system.My Docker Compose StackThe stack is the one I use in the video as well as at home. If you want to use the general stack without traefik and macvlan, see the general Docker compose stackBefore running this, you will need to create the network for Docker to use.This might already exist if you are using traefik. If so skip this step.docker network create traefikThis will create the macvlan network. Adjust accordingly.docker network create -d macvlan \\--subnet=192.168.20.0/24 \\--gateway=192.168.20.1 \\-o parent=eth1 \\iot_macvlancompose.yamlservices:# Ollama ollama: image: ollama/ollama:latest container_name: ollama restart: unless-stopped environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} - OLLAMA_KEEP_ALIVE=24h - ENABLE_IMAGE_GENERATION=True - COMFYUI_BASE_URL=http://stable-diffusion-webui:7860 networks: - traefik volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./ollama:/root/.ollama labels: - \"traefik.enable=true\" - \"traefik.http.routers.ollama.rule=Host(`ollama.local.example.com`)\" - \"traefik.http.routers.ollama.entrypoints=https\" - \"traefik.http.routers.ollama.tls=true\" - \"traefik.http.routers.ollama.tls.certresolver=cloudflare\" - \"traefik.http.routers.ollama.middlewares=default-headers@file\" - \"traefik.http.routers.ollama.middlewares=ollama-auth\" - \"traefik.http.services.ollama.loadbalancer.server.port=11434\" - \"traefik.http.routers.ollama.middlewares=auth\" - \"traefik.http.middlewares.auth.basicauth.users=${OLLAMA_API_CREDENTIALS}\" deploy: resources: reservations: devices: - driver: nvidia count: 1 capabilities: [gpu]# open web ui open-webui: image: ghcr.io/open-webui/open-webui:latest container_name: open-webui restart: unless-stopped networks: - traefik environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} - 'OLLAMA_BASE_URL=http://ollama:11434' - ENABLE_RAG_WEB_SEARCH=True - RAG_WEB_SEARCH_ENGINE=searxng - RAG_WEB_SEARCH_RESULT_COUNT=3 - RAG_WEB_SEARCH_CONCURRENT_REQUESTS=10 - SEARXNG_QUERY_URL=http://searxng:8080/search?q=<query> volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./open-webui:/app/backend/data labels: - \"traefik.enable=true\" - \"traefik.http.routers.open-webui.rule=Host(`chat.local.example.com`)\" - \"traefik.http.routers.open-webui.entrypoints=https\" - \"traefik.http.routers.open-webui.tls=true\" - \"traefik.http.routers.open-webui.tls.certresolver=cloudflare\" - \"traefik.http.routers.open-webui.middlewares=default-headers@file\" - \"traefik.http.services.open-webui.loadbalancer.server.port=8080\" depends_on: - ollama extra_hosts: - host.docker.internal:host-gateway searxng: image: searxng/searxng:latest container_name: searxng networks: - traefik environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./searxng:/etc/searxng depends_on: - ollama - open-webui restart: unless-stopped# stable diffusion stable-diffusion-download: build: ./stable-diffusion-webui-docker/services/download/ image: comfy-download environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./stable-diffusion-webui-docker/data:/data stable-diffusion-webui: build: ./stable-diffusion-webui-docker/services/comfy/ image: comfy-ui environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} - CLI_ARGS= volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./stable-diffusion-webui-docker/data:/data - ./stable-diffusion-webui-docker/output:/output stop_signal: SIGKILL tty: true deploy: resources: reservations: devices: - driver: nvidia device_ids: ['0'] capabilities: [compute, utility] restart: unless-stopped networks: - traefik labels: - \"traefik.enable=true\" - \"traefik.http.routers.stable-diffusion.rule=Host(`stable-diffusion.local.example.com`)\" - \"traefik.http.routers.stable-diffusion.entrypoints=https\" - \"traefik.http.routers.stable-diffusion.tls=true\" - \"traefik.http.routers.stable-diffusion.tls.certresolver=cloudflare\" - \"traefik.http.services.stable-diffusion.loadbalancer.server.port=7860\" - \"traefik.http.routers.stable-diffusion.middlewares=default-headers@file\"# whisper mongo: image: mongo env_file: - .env networks: - traefik restart: unless-stopped volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./whisper/db_data:/data/db - ./whisper/db_data/logs/:/var/log/mongodb/ environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} - MONGO_INITDB_ROOT_USERNAME=${DB_USER:-whishper} - MONGO_INITDB_ROOT_PASSWORD=${DB_PASS:-whishper} command: ['--logpath', '/var/log/mongodb/mongod.log'] translate: container_name: whisper-libretranslate image: libretranslate/libretranslate:latest-cuda env_file: - .env networks: - traefik restart: unless-stopped volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./whisper/libretranslate/data:/home/libretranslate/.local/share - ./whisper/libretranslate/cache:/home/libretranslate/.local/cache user: root tty: true environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} - LT_DISABLE_WEB_UI=True - LT_LOAD_ONLY=${LT_LOAD_ONLY:-en,fr,es} - LT_UPDATE_MODELS=True deploy: resources: reservations: devices: - driver: nvidia count: all capabilities: [gpu] whisper: container_name: whisper pull_policy: always image: pluja/whishper:latest-gpu env_file: - .env networks: - traefik volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./whisper/uploads:/app/uploads - ./whisper/logs:/var/log/whishper - ./whisper/models:/app/models restart: unless-stopped labels: - \"traefik.enable=true\" - \"traefik.http.routers.whisper.rule=Host(`whisper.local.example.com`)\" - \"traefik.http.routers.whisper.entrypoints=https\" - \"traefik.http.routers.whisper.tls=true\" - \"traefik.http.routers.whisper.tls.certresolver=cloudflare\" - \"traefik.http.services.whisper.loadbalancer.server.port=80\" - \"traefik.http.routers.whisper.middlewares=default-headers@file\" depends_on: - mongo - translate environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} - PUBLIC_INTERNAL_API_HOST=${WHISHPER_HOST} - PUBLIC_TRANSLATION_API_HOST=${WHISHPER_HOST} - PUBLIC_API_HOST=${WHISHPER_HOST:-} - PUBLIC_WHISHPER_PROFILE=gpu - WHISPER_MODELS_DIR=/app/models - UPLOAD_DIR=/app/uploads deploy: resources: reservations: devices: - driver: nvidia count: all capabilities: [gpu]networks: traefik: external: trueGeneral Docker Compose StackThis Docker compose stack does not use traefik and also exposes the port on the host for each service. If you don’t want to expose the port, comment that section out. If you want to use the stack with traefik and macvlan, see the stack I used in the videoBefore running this, you will need to create the network for Docker to use.docker network create ai-stackservices: ollama: image: ollama/ollama:latest container_name: ollama restart: unless-stopped environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} - OLLAMA_KEEP_ALIVE=24h - ENABLE_IMAGE_GENERATION=True - COMFYUI_BASE_URL=http://stable-diffusion-webui:7860 networks: - ai-stack volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./ollama:/root/.ollama ports: - \"11434:11434\" # Add this line to expose the port deploy: resources: reservations: devices: - driver: nvidia count: 1 capabilities: [gpu] open-webui: image: ghcr.io/open-webui/open-webui:latest container_name: open-webui restart: unless-stopped networks: - ai-stack environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} - 'OLLAMA_BASE_URL=http://ollama:11434' - ENABLE_RAG_WEB_SEARCH=True - RAG_WEB_SEARCH_ENGINE=searxng - RAG_WEB_SEARCH_RESULT_COUNT=3 - RAG_WEB_SEARCH_CONCURRENT_REQUESTS=10 - SEARXNG_QUERY_URL=http://searxng:8080/search?q=<query> volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./open-webui:/app/backend/data depends_on: - ollama extra_hosts: - host.docker.internal:host-gateway ports: - \"8080:8080\" # Add this line to expose the port searxng: image: searxng/searxng:latest container_name: searxng networks: - ai-stack environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./searxng:/etc/searxng depends_on: - ollama - open-webui restart: unless-stopped ports: - \"8081:8080\" # Add this line to expose the port stable-diffusion-download: build: ./stable-diffusion-webui-docker/services/download/ image: comfy-download environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./stable-diffusion-webui-docker/data:/data stable-diffusion-webui: build: ./stable-diffusion-webui-docker/services/comfy/ image: comfy-ui environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} - CLI_ARGS= volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./stable-diffusion-webui-docker/data:/data - ./stable-diffusion-webui-docker/output:/output stop_signal: SIGKILL tty: true deploy: resources: reservations: devices: - driver: nvidia device_ids: ['0'] capabilities: [compute, utility] restart: unless-stopped networks: - ai-stack ports: - \"7860:7860\" # Add this line to expose the port mongo: image: mongo env_file: - .env networks: - ai-stack restart: unless-stopped volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./whisper/db_data:/data/db - ./whisper/db_data/logs/:/var/log/mongodb/ environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} - MONGO_INITDB_ROOT_USERNAME=${DB_USER:-whishper} - MONGO_INITDB_ROOT_PASSWORD=${DB_PASS:-whishper} command: ['--logpath', '/var/log/mongodb/mongod.log'] ports: - \"27017:27017\" # Add this line to expose the port translate: container_name: whisper-libretranslate image: libretranslate/libretranslate:latest-cuda env_file: - .env networks: - ai-stack restart: unless-stopped volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./whisper/libretranslate/data:/home/libretranslate/.local/share - ./whisper/libretranslate/cache:/home/libretranslate/.local/cache user: root tty: true environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} - LT_DISABLE_WEB_UI=True - LT_LOAD_ONLY=${LT_LOAD_ONLY:-en,fr,es} - LT_UPDATE_MODELS=True deploy: resources: reservations: devices: - driver: nvidia count: all capabilities: [gpu] ports: - \"5000:5000\" # Add this line to expose the port whisper: container_name: whisper pull_policy: always image: pluja/whishper:latest-gpu env_file: - .env networks: - ai-stack volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./whisper/uploads:/app/uploads - ./whisper/logs:/var/log/whishper - ./whisper/models:/app/models restart: unless-stopped depends_on: - mongo - translate environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} - PUBLIC_INTERNAL_API_HOST=${WHISHPER_HOST} - PUBLIC_TRANSLATION_API_HOST=${WHISHPER_HOST} - PUBLIC_API_HOST=${WHISHPER_HOST:-} - PUBLIC_WHISHPER_PROFILE=gpu - WHISPER_MODELS_DIR=/app/models - UPLOAD_DIR=/app/uploads deploy: resources: reservations: devices: - driver: nvidia count: all capabilities: [gpu] ports: - \"8000:80\" # Add this line to expose the portnetworks: ai-stack: external: trueChanges for ComfyUIBefore starting the stack, in the room ai-stack folder, you’ll want to clone the repo (or just copy the necessary files).(this will create the folder for you)git clone https://github.com/AbdBarho/stable-diffusion-webui-docker.gitAfter cloning, you’ll want to make a change to the Docker filenano stable-diffusion-webui-docker/services/comfy/DockerfileI commented out the pinning to commit hash and just grabbed the latest comfy.FROM pytorch/pytorch:2.3.0-cuda12.1-cudnn8-runtimeENV DEBIAN_FRONTEND=noninteractive PIP_PREFER_BINARY=1RUN apt-get update && apt-get install -y git && apt-get cleanENV ROOT=/stable-diffusionRUN --mount=type=cache,target=/root/.cache/pip \\ git clone https://github.com/comfyanonymous/ComfyUI.git ${ROOT} && \\ cd ${ROOT} && \\ git checkout master && \\# git reset --hard 276f8fce9f5a80b500947fb5745a4dde9e84622d && \\ pip install -r requirements.txtWORKDIR ${ROOT}COPY . /docker/RUN chmod u+x /docker/entrypoint.sh && cp /docker/extra_model_paths.yaml ${ROOT}ENV NVIDIA_VISIBLE_DEVICES=all PYTHONPATH=\"${PYTHONPATH}:${PWD}\" CLI_ARGS=\"\"EXPOSE 7860ENTRYPOINT [\"/docker/entrypoint.sh\"]CMD python -u main.py --listen --port 7860 ${CLI_ARGS}If you cloned the repo and want to verify your changes, you can do so with:git diffYou should see something likediff --git a/services/comfy/Dockerfile b/services/comfy/Dockerfileindex 2de504d..a84c8ce 100644--- a/services/comfy/Dockerfile+++ b/services/comfy/Dockerfile@@ -9,7 +9,7 @@ RUN --mount=type=cache,target=/root/.cache/pip \\ git clone https://github.com/comfyanonymous/ComfyUI.git ${ROOT} && \\ cd ${ROOT} && \\ git checkout master && \\- git reset --hard 276f8fce9f5a80b500947fb5745a4dde9e84622d && \\+# git reset --hard 276f8fce9f5a80b500947fb5745a4dde9e84622d && \\ pip install -r requirements.txt WORKDIR ${ROOT}(END)Downloading ModelsYou’ll want to grab any models you like from HuggingFace. I am using stabilityai/stable-diffusion-3-mediumYou’ll want to download all of the models and then transfer them to your serverand put them in the appropriate foldersModels will need to bt placed in the Stable-diffusion folder.stable-diffusion-webui-docker/data/models/Stable-diffusionModels are any file in the root of stable-diffusion-3-medium that have the extension *.safetensorsFor clips, you’ll need to create this folder (because it doesn’t exist)mkdir stable-diffusion-webui-docker/data/models/CLIPEncoderIn there you’ll place your clips, from the text_encoders folder from stable-diffusion-3-mediumExample Workflows for ComfyUI and Stable Diffusion 3 MediumYou’ll need to download the same workflows to the machine that accesses ComfyUI so you can import them into the browser.Example workflows are also available on HuggingFace in the Stable Diffusion 3 Medium repoVerifying ModelsIf you’re going to spend all of that time downloading these model files, you should also pend a few minutes verifying them. I typically do this once they are on the server running the AI Stackshasum -a 256 ./sd3_medium.safetensorsThis should output something like:cc236278d28c8c3eccb8e21ee0a67ebed7dd6e9ce40aa9de914fa34e8282f191 ./sd3_medium.safetensorsYou’ll want to be sure the checksum matches the checksum from the source (HuggingFace, etc).Home Assistant Stack (Docker Compose)Please see folder structure aboveBefore running this, you will need to create the network for Docker to use.This might already exist if you are using traefik. If so skip this step.docker network create traefikThis will create the macvlan network. Adjust accordingly.docker network create -d macvlan \\--subnet=192.168.20.0/24 \\--gateway=192.168.20.1 \\-o parent=eth1 \\iot_macvlan---services: homeassistant: container_name: homeassistant networks: iot_macvlan: ipv4_address: 192.168.20.202 #optional, I am using mac vlan, if you don't want to, remove iot_macvlan and don't create the network above traefik: image: ghcr.io/home-assistant/home-assistant:stable depends_on: - faster-whisper-gpu - wyoming-piper volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./home-assistant/config:/config environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} restart: unless-stopped labels: - \"traefik.enable=true\" - \"traefik.http.routers.homeassistant.rule=Host(`homeassistant.local.example.com`)\" - \"traefik.http.routers.homeassistant.entrypoints=https\" - \"traefik.http.routers.homeassistant.tls=true\" - \"traefik.http.routers.homeassistant.tls.certresolver=cloudflare\" - \"traefik.http.routers.homeassistant.middlewares=default-headers@file\" - \"traefik.http.services.homeassistant.loadbalancer.server.port=8123\" faster-whisper-gpu: image: lscr.io/linuxserver/faster-whisper:gpu container_name: faster-whisper-gpu networks: - traefik environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} - WHISPER_MODEL=tiny-int8 - WHISPER_BEAM=1 #optional - WHISPER_LANG=en #optional volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./faster-whisper/data:/config restart: unless-stopped deploy: resources: reservations: devices: - driver: nvidia count: 1 capabilities: [gpu] wyoming-piper: container_name: wyoming-piper networks: - traefik image: rhasspy/wyoming-piper # no gpu volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./wyoming-piper/data:/data environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} restart: unless-stopped command: --voice en_US-lessac-medium deploy: resources: reservations: devices: - driver: nvidia count: 1 capabilities: [gpu]networks: traefik: external: true iot_macvlan: external: trueCode Completion (VSCode)I am using Basic Auth Middleware with traefik. Please see traefik section for details on how to set this up.ExtensionI am using Continue for code completion and integrated chat.Example config.If you aren’t going to use auth, remove the requestOptions key.If you are going to use auth, please replace the xxx with the value from above{ \"models\": [ { \"title\": \"Ollama (Self-Hosted)\", \"provider\": \"ollama\", \"model\": \"AUTODETECT\", \"completionOptions\": {}, \"apiBase\": \"https://ollama.local.example.com\", \"requestOptions\": { \"headers\": { \"Authorization\": \"Basic xxx\" } } } ], \"tabAutocompleteModel\": { \"title\": \"Starcoder 3b\", \"provider\": \"ollama\", \"model\": \"starcoder2:3b\", \"apiBase\": \"https://ollama.local.example.com\", \"requestOptions\": { \"headers\": { \"Authorization\": \"Basic xxx\" } } }}Join the conversationYou know that video on self-hosted AI that I just released? Well I just followed up with one of the most in-depth tutorials I have ever released.FULL TUTORIAL HERE👇https://t.co/5JAo9Phd1Y pic.twitter.com/zdqgd0IgS8— Techno Tim (@TechnoTimLive) July 8, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "Self-Hosted AI That's Actually Useful", "url": "/posts/private-practical-local-ai/", "categories": "homelab, self-hosted", "tags": "ai, docker, software, llm, ollama, whisper", "date": "2024-07-05 08:00:00 -0500", "snippet": "I built a private, local, and self-hosted AI stack to help me out with daily tasks.📺 Watch VideoDisclosures Thanks to Surfshark Sponsoring this Video! Secure your privacy with Surfshark! Enter co...", "content": "I built a private, local, and self-hosted AI stack to help me out with daily tasks.📺 Watch VideoDisclosures Thanks to Surfshark Sponsoring this Video! Secure your privacy with Surfshark! Enter coupon code TechnoTim for 4 months EXTRA at https://surfshark.deals/TechnoTimInfoIf you’re looking for the tutorial to run this yourself, you can out the video here How to Self-Host Your Own Private AI StackFull tutorial coming soon on my other channel! TechnoTimTinkersHardware Machine Used for AI: Building My ULTIMATE, All-inOne, HomeLab ServerSoftware Ollama Open WebUI ComfyUI Stable Diffusion web UI pluja/whishper HuggingFace Home Assistant Wyoming Protocol Continue Code Assistant searXNG MacWhisperJoin the conversationAI should also be private, local, and useful. Here are some practical projects that prove it can be.https://t.co/2IQwvVbq5s pic.twitter.com/FU0a47K0uU— Techno Tim (@TechnoTimLive) July 5, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "Track Changes Online with ChangeDetection, a Self-Hosted Docker Container!", "url": "/posts/change-detection-docker/", "categories": "homelab, hardware", "tags": "changedetection, docker, software", "date": "2024-06-21 08:00:00 -0500", "snippet": "Tracking things on the web just got a whole lot easier with ChangeDetection, the free and open source Docker container! Track website changes, price changes of products, and even track out of stoc...", "content": "Tracking things on the web just got a whole lot easier with ChangeDetection, the free and open source Docker container! Track website changes, price changes of products, and even track out of stock products with notifications all from a container you host yourself!📺 Watch VideoDisclosures Thanks to Docker for Sponsoring this Video! Get Actionable insights for software supply chain management with Docker Scout! https://dockr.ly/45HWDnRInfo⭐ ChangeDetection on GitHub: https://github.com/dgtlmoon/changedetection.ioDocker SetupSee this post on how to install docker and docker composePrepare Our ServerCreate folder for your compose and mountsmkdir changedetectioncd changedetectionThen we’ll create a folder to hold our data and our datastoremkdir datacd datamkdir datastorecd datastorecd ../.. # go back to the root of changedetection/Create docker compose file and add contentstouch compose.yamlnano compose.yamlYour folder structure should look like this./changedetection├── data│ └── datastore└── docker-compose.ymlTasks from Our Compose FileDocker Compose ContentsSimple version of change detection---services: changedetection: image: ghcr.io/dgtlmoon/changedetection.io:latest container_name: changedetection hostname: changedetection environment: # - BASE_URL=https://mysite.com # configure this for your own domain volumes: - ./data/datastore:/datastore ports: - 5000:5000Advanced version of change detectionIf you want to use Selenium + Webdriver, uncomment the WEBDRIVER_URL variable and the browser-chrome service, and then comment out PLAYWRIGHT_DRIVER_URL variable and playwright-chrome service.To see all supported configurations, see the Docker compose file on github---services: changedetection: image: ghcr.io/dgtlmoon/changedetection.io:latest container_name: changedetection hostname: changedetection volumes: - ./data/datastore:/datastore ports: - 5000:5000 environment: # - WEBDRIVER_URL=http://playwright-chrome:4444/wd/hub - PLAYWRIGHT_DRIVER_URL=ws://playwright-chrome:3000 # - BASE_URL=https://mysite.com # configure this for your own domain depends_on: playwright-chrome: condition: service_started restart: unless-stopped # browser-chrome: # hostname: browser-chrome # image: selenium/standalone-chrome:125.0 # shm_size: '2gb' # # volumes: # # # Workaround to avoid the browser crashing inside a docker container # # # See https://github.com/SeleniumHQ/docker-selenium#quick-start # # - /dev/shm:/dev/shm # restart: unless-stopped playwright-chrome: hostname: playwright-chrome image: browserless/chrome restart: unless-stopped environment: - SCREEN_WIDTH=1920 - SCREEN_HEIGHT=1024 - SCREEN_DEPTH=16 - ENABLE_DEBUGGER=false - PREBOOT_CHROME=true - CONNECTION_TIMEOUT=300000 - MAX_CONCURRENT_SESSIONS=10 - CHROME_REFRESH_TIME=600000 - DEFAULT_BLOCK_ADS=true - DEFAULT_STEALTH=true # Ignore HTTPS errors, like for self-signed certs - DEFAULT_IGNORE_HTTPS_ERRORS=trueChrome ExtensionIf you want to install the Chrome Extenions, you can but adding it here https://chromewebstore.google.com/detail/changedetectionio-website/kefcfmgmlhmankjmnbijimhofdjekbop?hl=enThen all you need to do to configure it is visit your ChangeDetection site and click Settings and it will automatically configure it for you!Then when visiting a site, all you need to do it click the extension and click add!Join the conversationThis week I spun up ChangeDetection, a free and open source (and self-hosted) container to help you track things on the web! Check it out!https://t.co/Kmi5i94GcJ pic.twitter.com/s1uteYMHtH— Techno Tim (@TechnoTimLive) June 21, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "TrueNAS vs Unraid - Which one is the BEST NAS OS for my HomeLab", "url": "/posts/truenas-vs-unraid/", "categories": "homelab, hardware", "tags": "truenas, unraid, homelab, hardware, software", "date": "2024-06-09 08:00:00 -0500", "snippet": "Which is the best NAS operating system to use at home and in your HomeLab?Is it Unraid for maximizing storage efficiency?Or is it TrueNAS for bringing enterprise ZFS to home?Let’s find out.📺 Watch ...", "content": "Which is the best NAS operating system to use at home and in your HomeLab?Is it Unraid for maximizing storage efficiency?Or is it TrueNAS for bringing enterprise ZFS to home?Let’s find out.📺 Watch VideoDisclosures This video is NOT sponsored. I bought Unraid with my own money. If you’d like see more sponsor-free videos, see one of the ways to support me below!Ways to support Support me on Patreon: https://www.patreon.com/technotim Sponsor me on GitHub: https://github.com/sponsors/timothystewart6 Subscribe on Twitch: https://www.twitch.tv/technotim Become a YouTube member: https://www.youtube.com/channel/UCOk-gHyjcWZNj3Br4oxwh0A/join Merch Shop 🛍️: https://l.technotim.live/shopJoin the conversationWhich is the best NAS operating system to use at home and in your HomeLab? Is it Unraid for maximizing storage efficiency? Or is it TrueNAS for bringing enterprise ZFS to home? Let's find out.https://t.co/IoAHmiSev1 pic.twitter.com/Zn9zu1Ogy2— Techno Tim (@TechnoTimLive) June 9, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "Proxmox Automation with Proxmox Helper Scripts!", "url": "/posts/proxmox-helper-scripts/", "categories": "proxmox", "tags": "proxmox, homelab, lxc, docker, virtualization", "date": "2024-05-30 08:00:00 -0500", "snippet": "Proxmox helper scripts is a collection of scripts to help you easily make changes to your Proxmox VE server along with installing many LXC Containers. This makes installing, configuring, and main...", "content": "Proxmox helper scripts is a collection of scripts to help you easily make changes to your Proxmox VE server along with installing many LXC Containers. This makes installing, configuring, and maintaining your Proxmox server in your HomeLab along with many applications as simple as running a script.📺 Watch VideoCheck out Proxmox VE Helper Scripts on Github: https://github.com/tteck/ProxmoxDisclosures Nothing in this video was sponsoredNotes Note: Be sure to always inspect any script before executing it, whether local or from the internet!You can find the website here: https://helper-scripts.com/scriptsIf you want to execute scripts from a commit SHA (somewhat immutable), you can execute the script like so (commit SHA of the date this video was released): Visit the link with a commit hash https://github.com/tteck/Proxmox/tree/e842d2ec3d8f358eed443be2ecbecb2f3b4137d0 Find your script (homeassistant-core-install.sh) choose the RAW option This will create a link like https://raw.githubusercontent.com/tteck/Proxmox/e842d2ec3d8f358eed443be2ecbecb2f3b4137d0/install/homeassistant-core-install.shYou can now use this hash to execute this script. This will ensure that you can run this repeatable (and not always latest)bash -c \"$(wget -qLO - https://raw.githubusercontent.com/tteck/Proxmox/e842d2ec3d8f358eed443be2ecbecb2f3b4137d0/install/homeassistant-core-install.sh)\"You can reuse this commit SHA for all other scripts (just replace the path)Join the conversationThis past week I got to learn all about Proxmox Helper Scripts, a wonderful collection of scripts to help you automate common tasks with Proxmox along with LXC container installs!https://t.co/CRuExA8Ik2 pic.twitter.com/1u1JRWGEav— Techno Tim (@TechnoTimLive) May 30, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "I tried Unraid for the FIRST time in 2024", "url": "/posts/unraid-first-time/", "categories": "homelab, hardware", "tags": "unraid, homelab, hardware, software", "date": "2024-05-24 08:00:00 -0500", "snippet": "I knew nothing about Unraid until today. I finally installed Unraid in my HomeLab on one of my servers. Is it any good? Does it live up to the hype? Let’s find out in my candid walkthrough of Un...", "content": "I knew nothing about Unraid until today. I finally installed Unraid in my HomeLab on one of my servers. Is it any good? Does it live up to the hype? Let’s find out in my candid walkthrough of Unraid as you see and hear my successes as well as my struggles.📺 Watch VideoDisclosures This video is NOT sponsored. I bought Unraid with my own money. If you’d like see more sponsor-free videos, see one of the ways to support me below!Quality USB Drives SAMSUNG FIT Plus: https://amzn.to/3VfsHvR SanDisk Ultra Fit: https://amzn.to/3WP2zcm PNY Elite-X Fit: https://amzn.to/3wFqoZBUnraid License Unraid Buying Options: https://l.technotim.live/unraid(Affiliate links may be included in this description. I may receive a small commission at no cost to you.)Ways to support Support me on Patreon: https://www.patreon.com/technotim Sponsor me on GitHub: https://github.com/sponsors/timothystewart6 Subscribe on Twitch: https://www.twitch.tv/technotim Become a YouTube member: https://www.youtube.com/channel/UCOk-gHyjcWZNj3Br4oxwh0A/join Merch Shop 🛍️: https://l.technotim.live/shopJoin the conversationThis past week, I tried Unraid so that you don't have to. Is it any good in 2024? Let's find outhttps://t.co/3k6aJpqjma pic.twitter.com/QKgH0kjQS4— Techno Tim (@TechnoTimLive) May 24, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "Replacing the microSD with something MUCH FASTER!", "url": "/posts/no-more-microsd/", "categories": "homelab, hardware", "tags": "pi, raspberry-pi, microsd, ssd, hardware", "date": "2024-05-17 08:00:00 -0500", "snippet": "Today I got rid of the slow and pesky microSD card in my Pi and replaced it with something MUCH faster in my Pi LED Panel. Don’t know what my Pi LED Panel is? Check it out! This is my first video...", "content": "Today I got rid of the slow and pesky microSD card in my Pi and replaced it with something MUCH faster in my Pi LED Panel. Don’t know what my Pi LED Panel is? Check it out! This is my first video on the new channel @TechnoTimTinkers 🎉📺 Watch VideoDisclosures: nothing in this video was sponsoredPartsThings mentioned in the video (some are affiliate links) : Pi 4 8GB: https://amzn.to/4dG93QP USB to SATA Adapter: https://amzn.to/3QNr4CU Shadow Box (similar to mine, 12”x16”): https://amzn.to/4dU7vTs Cheapest SSD I could find: https://amzn.to/3QPzQQG 32x32 LED Panel: https://www.adafruit.com/product/607 Matrix LED Hat: https://www.adafruit.com/product/2345 Rainbow Ribbon Cable: https://amzn.to/3V3pz62 5v/10a AC to DC Power Supply: https://amzn.to/3K5b5MT Desk Mount for Camera - https://amzn.to/4dDvSV8 Phone Mount Adapter - https://amzn.to/3yquo0m(Affiliate links may be included in this description. I may receive a small commission at no cost to you.)NotesThis project was built using rpi-rgb-led-matrixAfter getting the new power supply I noticed a few odd things When powered via hat only with the new 5v/10a AC to DC power supply, the USB drive wasn’t recognized When powering via USB-C 5v/5a the LED panel was too dim to display some colors so it looked distortedI read the Pi hat documentation over and over, and no where did it mention that anything else was needed other than a large power supply. I thought for sure it was now a hardware issue and was in over my head. I dropped a message in a Discord that both Jeff Geerling and I are in and he mentioned checking out this postIn that post it suggests to add max_usb_current=1 to your config.txt.I tested it and sure enough the Pi can now power the LED panel, the Pi, and the USB drive all from a single power supply connected to the hat. 🎉Thanks Jeff!Join the conversationI just posted my first video on the new (3rd) channel "Techno Tim Tinkers". 🎉. . It's a project that I have been putting off forever...https://t.co/aL1k98Z9rO</p>— Techno Tim (@TechnoTimLive) May 17, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "Building My ULTIMATE, All-inOne, HomeLab Server", "url": "/posts/ultimate-homelab-server/", "categories": "homelab, hardware", "tags": "homelab, hardware, 45drives, nas, proxmox, unraid, ubuntu", "date": "2024-05-10 08:00:00 -0500", "snippet": "Today I built the ultimate, all in one, HomeLab Home Server to handle everything.📺 Watch VideoDisclosures: Sliger did send this case to me however asked for nothing in return.Other 4u Cases Slige...", "content": "Today I built the ultimate, all in one, HomeLab Home Server to handle everything.📺 Watch VideoDisclosures: Sliger did send this case to me however asked for nothing in return.Other 4u Cases Sliger CX4150a - https://www.sliger.com/products/rackmount/4u/cx4150a/ SilverStone RM44 4U - https://amzn.to/3K0wpmk RackChoice 4U - https://amzn.to/3UB8bEfOther Parts Samsung SSDs - https://amzn.to/3USTxtj Corsair Airflow Case (newer) - https://amzn.to/44BV0HI 10g Ethernet adapter - https://amzn.to/3wkN0hP LSI HBA - https://amzn.to/3UWBuCN(Affiliate links may be included in this description. I may receive a small commission at no cost to you.)Join the conversationToday I built the ultimate, all in one, HomeLab server to handle everything.https://t.co/K8YbJ3XKTl pic.twitter.com/qD2K6A46D5— Techno Tim (@TechnoTimLive) May 10, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "Traefik 3 and FREE Wildcard Certificates with Docker", "url": "/posts/traefik-3-docker-certificates/", "categories": "homelab", "tags": "traefik, docker, cloudflare, pihole, lets-encrypt", "date": "2024-04-30 08:00:00 -0500", "snippet": "In today’s Traefik tutorial we’ll get FREE Wildcard certificates to use in our HomeLab and with all of our internal self-hosted services. We’re going to set up Traefik 3 in Docker and get Let’s En...", "content": "In today’s Traefik tutorial we’ll get FREE Wildcard certificates to use in our HomeLab and with all of our internal self-hosted services. We’re going to set up Traefik 3 in Docker and get Let’s Encrypt certificates using Cloudflare as our DNS Provider (we’ll cover how to set up others too). Then we’ll configure local DNS using PiHole (or any other local DNS) to route to our services that are now protected with secure certificates!📺 Watch VideoDisclosures Video was sponsored by UptimeRobot Save 20% on UptimeRobot https://l.technotim.live/uptime-robot-technotim! Looking to do this same thing in Kubernetes? Check out traefik + cert-manager on Kubernetes Looking for the Traefik + Portainer guide? Check out traefik + portainer on DockerFor reference, the following folder structure was used:./traefik├── data│   ├── acme.json│   ├── config.yml│   └── traefik.yml└── cf_api_token.txt└── docker-compose.ymlYou can also do this with other DNS providers too!Docker SetupSee this post on how to install docker and docker-composePrepare Our ServerCreate folder for your compose and mountsmkdir docker_volumescd docker_volumesthen we’ll create a folder to hold traefik filesmkdir traefikcd traefikcreate docker compose file and add contentstouch docker-compose.yamlnano docker-compose.yamlTasks from Our Compose FileDocker Compose Contentsdocker-compose.yamlversion: \"3.8\"services: traefik: image: traefik:v3.0 container_name: traefik restart: unless-stopped security_opt: - no-new-privileges:true networks: - proxy ports: - 80:80 - 443:443 # - 443:443/tcp # Uncomment if you want HTTP3 # - 443:443/udp # Uncomment if you want HTTP3 environment: CF_DNS_API_TOKEN_FILE: /run/secrets/cf_api_token # note using _FILE for docker secrets # CF_DNS_API_TOKEN: ${CF_DNS_API_TOKEN} # if using .env TRAEFIK_DASHBOARD_CREDENTIALS: ${TRAEFIK_DASHBOARD_CREDENTIALS} secrets: - cf_api_token env_file: .env # use .env volumes: - /etc/localtime:/etc/localtime:ro - /var/run/docker.sock:/var/run/docker.sock:ro - ./data/traefik.yml:/traefik.yml:ro - ./data/acme.json:/acme.json # - ./data/config.yml:/config.yml:ro labels: - \"traefik.enable=true\" - \"traefik.http.routers.traefik.entrypoints=http\" - \"traefik.http.routers.traefik.rule=Host(`traefik-dashboard.local.example.com`)\" - \"traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_DASHBOARD_CREDENTIALS}\" - \"traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https\" - \"traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https\" - \"traefik.http.routers.traefik.middlewares=traefik-https-redirect\" - \"traefik.http.routers.traefik-secure.entrypoints=https\" - \"traefik.http.routers.traefik-secure.rule=Host(`traefik-dashboard.local.example.com`)\" - \"traefik.http.routers.traefik-secure.middlewares=traefik-auth\" - \"traefik.http.routers.traefik-secure.tls=true\" - \"traefik.http.routers.traefik-secure.tls.certresolver=cloudflare\" - \"traefik.http.routers.traefik-secure.tls.domains[0].main=local.example.com\" - \"traefik.http.routers.traefik-secure.tls.domains[0].sans=*.local.example.com\" - \"traefik.http.routers.traefik-secure.service=api@internal\"secrets: cf_api_token: file: ./cf_api_token.txtnetworks: proxy: external: truedata foldermkdir datacd datatouch acme.jsonchmod 600 acme.jsonTraefik Configtouch traefik.ymlnano traefik.ymltraefik.yml contents:api: dashboard: true debug: trueentryPoints: http: address: \":80\" http: redirections: entryPoint: to: https scheme: https https: address: \":443\"serversTransport: insecureSkipVerify: trueproviders: docker: endpoint: \"unix:///var/run/docker.sock\" exposedByDefault: false # file: # filename: /config.ymlcertificatesResolvers: cloudflare: acme: email: youremail@email.com storage: acme.json # caServer: https://acme-v02.api.letsencrypt.org/directory # prod (default) caServer: https://acme-staging-v02.api.letsencrypt.org/directory # staging dnsChallenge: provider: cloudflare #disablePropagationCheck: true # uncomment this if you have issues pulling certificates through cloudflare, By setting this flag to true disables the need to wait for the propagation of the TXT record to all authoritative name servers. #delayBeforeCheck: 60s # uncomment along with disablePropagationCheck if needed to ensure the TXT record is ready before verification is attempted resolvers: - \"1.1.1.1:53\" - \"1.0.0.1:53\"Create Docker Networkdocker network create proxyCloudflare API Token Secrettouch cf_api_token.txtnano cf_api_token.txtPaste your token into file from CloudflareTraefik Dashboard Password & .envmake sure you have htpasswd installed.To install on Linuxsudo apt updatesudo apt install apache2-utilsMac OS (should already be installed)Windowshtpasswd.exe Should already be installed on WindowsGenerate credential pairecho $(htpasswd -nB user) | sed -e s/\\\\$/\\\\$\\\\$/gtouch .envnano .envpaste your credential pair:e.g.TRAEFIK_DASHBOARD_CREDENTIALS=user:$$2y$$05$$lSaEi.G.aIygyXRdiFpt7OqmUMW9QUG5I1N.j0bXoXxIjxQmoGOWuStart the stackdocker compose up -d --force-recreateTroubleshootingCommon ways to troubleshootdocker psdocker logs traefikdocker exec -it traefik /bin/shinside of containertoplscat acme.jsoncat traefik.ymlls /run/secretscat /run/secrets/cf_api_tokenecho ${CF_DNS_API_TOKEN_FILE}echo ${TRAEFIK_DASHBOARD_CREDENTIALS}DNSnslookup traefik-dashboard.local.example.comSwitch to Production Acme Endpoints... caServer: https://acme-v02.api.letsencrypt.org/directory # prod (default) #caServer: https://acme-staging-v02.api.letsencrypt.org/directory # staging...Clear out the existing staging certificatescd datanano acme.jsonClear and saveRestart the stackdocker compose up -d --force-recreateAdding Another Workload (NGINX Demo)mkdir nginxcd nginxtouch docker-compose.yamlnano docker-compose.yamlContents of docker-compose.yamlversion: '3.8'services: nginx: image: nginxdemos/nginx-hello labels: - \"traefik.enable=true\" - \"traefik.http.routers.nginx.rule=Host(`nginx.local.example.com`)\" - \"traefik.http.routers.nginx.entrypoints=https\" - \"traefik.http.routers.nginx.tls=true\" - \"traefik.http.services.nginx.loadbalancer.server.port=8080\" networks: - proxynetworks: proxy: external: trueCheck DNSnslookup nginx.local.example.comStart the new NGINX Stackdocker compose up -d --force-recreateAdding External RoutesUncomment a few things:In docker-compose.yaml... - ./data/config.yml:/config.yml:ro...in traefik.yml... file: filename: /config.yml...Create configcd datatouch config.ymlnano config.ymlContents of config.ymlhttp: #region routers routers: proxmox: entryPoints: - \"https\" rule: \"Host(`proxmox.local.example.com`)\" middlewares: - default-headers - https-redirectscheme tls: {} service: proxmox pihole: #endregion#region services services: proxmox: loadBalancer: servers: - url: \"https://192.168.0.17:8006\" passHostHeader: true#endregion middlewares: https-redirectscheme: redirectScheme: scheme: https permanent: true default-headers: headers: frameDeny: true browserXssFilter: true contentTypeNosniff: true forceSTSHeader: true stsIncludeSubdomains: true stsPreload: true stsSeconds: 15552000 customFrameOptionsValue: SAMEORIGIN customRequestHeaders: X-Forwarded-Proto: https default-whitelist: ipAllowList: sourceRange: - \"10.0.0.0/8\" - \"192.168.0.0/16\" - \"172.16.0.0/12\" secured: chain: middlewares: - default-whitelist - default-headersRestart the stackdocker compose up -d --force-recreateTo see more examples of commonly used services check out config.yml in the reference filesFinal Production FilesTraefik docker-compose.yamlversion: \"3.8\"services: traefik: image: traefik:v3.0 container_name: traefik restart: unless-stopped security_opt: - no-new-privileges:true networks: - proxy ports: - 80:80 - 443:443 # - 443:443/tcp # Uncomment if you want HTTP3 # - 443:443/udp # Uncomment if you want HTTP3 environment: CF_DNS_API_TOKEN_FILE: /run/secrets/cf_api_token # note using _FILE for docker secrets # CF_DNS_API_TOKEN: ${CF_DNS_API_TOKEN} # if using .env TRAEFIK_DASHBOARD_CREDENTIALS: ${TRAEFIK_DASHBOARD_CREDENTIALS} secrets: - cf_api_token env_file: .env # use .env volumes: - /etc/localtime:/etc/localtime:ro - /var/run/docker.sock:/var/run/docker.sock:ro - ./data/traefik.yml:/traefik.yml:ro - ./data/acme.json:/acme.json - ./data/config.yml:/config.yml:ro labels: - \"traefik.enable=true\" - \"traefik.http.routers.traefik.entrypoints=http\" - \"traefik.http.routers.traefik.rule=Host(`traefik-dashboard.local.example.com`)\" - \"traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_DASHBOARD_CREDENTIALS}\" - \"traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https\" - \"traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https\" - \"traefik.http.routers.traefik.middlewares=traefik-https-redirect\" - \"traefik.http.routers.traefik-secure.entrypoints=https\" - \"traefik.http.routers.traefik-secure.rule=Host(`traefik-dashboard.local.example.com`)\" - \"traefik.http.routers.traefik-secure.middlewares=traefik-auth\" - \"traefik.http.routers.traefik-secure.tls=true\" - \"traefik.http.routers.traefik-secure.tls.certresolver=cloudflare\" - \"traefik.http.routers.traefik-secure.tls.domains[0].main=local.example.com\" - \"traefik.http.routers.traefik-secure.tls.domains[0].sans=*.local.example.com\" - \"traefik.http.routers.traefik-secure.service=api@internal\"secrets: cf_api_token: file: ./cf_api_token.txtnetworks: proxy: external: truetraefik.ymlapi: dashboard: true debug: trueentryPoints: http: address: \":80\" http: redirections: entryPoint: to: https scheme: https https: address: \":443\"serversTransport: insecureSkipVerify: trueproviders: docker: endpoint: \"unix:///var/run/docker.sock\" exposedByDefault: false file: filename: /config.ymlcertificatesResolvers: cloudflare: acme: email: youremail@email.com storage: acme.json caServer: https://acme-v02.api.letsencrypt.org/directory # prod (default) # caServer: https://acme-staging-v02.api.letsencrypt.org/directory # staging dnsChallenge: provider: cloudflare #disablePropagationCheck: true # uncomment this if you have issues pulling certificates through cloudflare, By setting this flag to true disables the need to wait for the propagation of the TXT record to all authoritative name servers. #delayBeforeCheck: 60s # uncomment along with disablePropagationCheck if needed to ensure the TXT record is ready before verification is attempted resolvers: - \"1.1.1.1:53\" - \"1.0.0.1:53\"config.ymlhttp: #region routers routers: proxmox: entryPoints: - \"https\" rule: \"Host(`proxmox.local.example.com`)\" middlewares: - default-headers - https-redirectscheme tls: {} service: proxmox pihole: #endregion#region services services: proxmox: loadBalancer: servers: - url: \"https://192.168.0.17:8006\" passHostHeader: true#endregion middlewares: https-redirectscheme: redirectScheme: scheme: https permanent: true default-headers: headers: frameDeny: true browserXssFilter: true contentTypeNosniff: true forceSTSHeader: true stsIncludeSubdomains: true stsPreload: true stsSeconds: 15552000 customFrameOptionsValue: SAMEORIGIN customRequestHeaders: X-Forwarded-Proto: https default-whitelist: ipAllowList: sourceRange: - \"10.0.0.0/8\" - \"192.168.0.0/16\" - \"172.16.0.0/12\" secured: chain: middlewares: - default-whitelist - default-headersJoin the conversationTraefik 3 is here! So, today we'll get trusted certificates with Let's Encrypt for all of our self-hosted services! No more https warnings and no more weird ports!https://t.co/MoRKYXvA0M pic.twitter.com/5OR22iRJRJ— Techno Tim (@TechnoTimLive) April 30, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "FINALLY! A New UniFi Dream Machine!", "url": "/posts/udm-pro-max/", "categories": "homelab", "tags": "udm, unifi, ubiquiti, networking", "date": "2024-04-23 08:00:00 -0500", "snippet": "The UDM Pro Max is here and it’s packed with upgrades like a faster CPU, more RAM, an internal SSD, more eMMC, Dual Drive bays and more! Today we check on the new UniFi Dream Machine Pro Max, conf...", "content": "The UDM Pro Max is here and it’s packed with upgrades like a faster CPU, more RAM, an internal SSD, more eMMC, Dual Drive bays and more! Today we check on the new UniFi Dream Machine Pro Max, configure and test Shadow Mode, and test network throughput to see if this really is the fastest UniFi Dram Machine yet.📺 Watch Video Get your UDM Pro Max here: https://l.technotim.live/udm-pro-max (affiliate link)Disclosures: Nothing in this video was sponsored Products were given for testing the new Shadow Mode feature and the new UniFi OS4 (coming soon). I wasn’t paid money.Join the conversationA new UDM, the UniFi Dream Machine Pro Max.I spent a lot of time testing this device, does it out perform its predecessors? https://t.co/t5UjJxJ61H pic.twitter.com/s9vjJnaeWy— Techno Tim (@TechnoTimLive) April 23, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "Advanced Kubernetes Networking with Multus (It's easier than you think)", "url": "/posts/advanced-kubernetes-networking/", "categories": "homelab", "tags": "multus, kubernetes, networking, rke2, k3s, cni, cilium", "date": "2024-04-14 08:00:00 -0500", "snippet": "I just discovered Multus and it fixed Kubernetes networking! In this video we cover a lot of Kubernetes networking topics from beginner topics like CNIs, to advanced topics like adding Multus for ...", "content": "I just discovered Multus and it fixed Kubernetes networking! In this video we cover a lot of Kubernetes networking topics from beginner topics like CNIs, to advanced topics like adding Multus for more traditional networking within Kubernetes - which fixes a lot of problems you see with Kubernetes networking. Also, I had to turn the nerd up to 11 on this one.📺 Watch Video Be sure to check out and ⭐ the Multus repo on GitHub! Network diagram created with Excalidraw https://github.com/excalidraw/excalidraw Much of the documentation and diagrams we walked through can be found on DevOpsTales Huge thanks to the folks over in the Home Operations Discord too! Huge thanks to Andy (@clemenko) for helping me troubleshoot and diagnose issues with Multus/RKE2/CiliumDisclosures: Nothing in this video was sponsoredInstalling MultusMultus can be installed a few different ways. The best thing to do is check with your Kubernetes distribution if they support enabling this with configuration. If they do, this is much easier than installing it yourself Installing Multus with K3s Installing Multus on RKE2 Installing Multus without your distribution’s helpBe sure to apply any additional config mentioned in the above links. This will most likely include configuration for your CNI to allow multus to plug into it.Since I was using RKE2, I needed to apply this HelmChartConfig to configure Cilium to work with MultusDo not apply this unless you are also using Cilium and RKE2/# /var/lib/rancher/rke2/server/manifests/rke2-cilium-config.yaml---apiVersion: helm.cattle.io/v1kind: HelmChartConfigmetadata: name: rke2-cilium namespace: kube-systemspec: valuesContent: |- cni: exclusive: falseConfiguring MultusFirst check to see that it’s installedkubectl get pods --all-namespaces | grep -i multusYou should see something similar to the output below. This will vary depending on how you installed multus.kube-system rke2-multus-4kbbv 1/1 Running 0 30hkube-system rke2-multus-qbhrb 1/1 Running 0 30hkube-system rke2-multus-rmh9l 1/1 Running 0 30hkube-system rke2-multus-vbpr5 1/1 Running 0 30hkube-system rke2-multus-x4bpg 1/1 Running 0 30hkube-system rke2-multus-z22sq 1/1 Running 0 30hWe will need to create a NetworkAttachmentDefinition# network-attachment-definition.yaml---apiVersion: \"k8s.cni.cncf.io/v1\"kind: NetworkAttachmentDefinitionmetadata: name: multus-iot namespace: defaultspec: config: |- { \"cniVersion\": \"0.3.1\", \"type\": \"ipvlan\", \"master\": \"eth1\", \"ipam\": { \"type\": \"static\", \"routes\": [ { \"dst\": \"192.168.0.0/16\", \"gw\": \"192.168.20.1\" } ] } }Then apply this NetworkAttachmentDefinitionkubectl apply -f network-attachment-definition.yamlThen check to see if it was createdkubectl get network-attachment-definitions.k8s.cni.cncf.io multus-iotShould see something like:NAME AGEmultus-iot 30hYou can also describe it to see it contentskubectl describe network-attachment-definitions.k8s.cni.cncf.io multus-iotYou should see something like:Name: multus-iotNamespace: defaultLabels: <none>Annotations: <none>API Version: k8s.cni.cncf.io/v1Kind: NetworkAttachmentDefinitionMetadata: Creation Timestamp: 2024-04-14T04:56:02Z Generation: 1 Resource Version: 3215172 UID: 89b7f3d0-c094-4831-9b94-5ecdf6b38232Spec: Config: { \"cniVersion\": \"0.3.1\", \"type\": \"ipvlan\", \"master\": \"eth1\", \"ipam\": { \"type\": \"static\", \"routes\": [ { \"dst\": \"192.168.0.0/16\", \"gw\": \"192.168.20.1\" } ] }}Events: <none>Creating a Sample WorkloadLet’s create a sample pod and see if it gets our IP# sample-pod.yamlapiVersion: v1kind: Podmetadata: name: sample-pod namespace: default annotations: k8s.v1.cni.cncf.io/networks: | [{ \"name\": \"multus-iot\", \"namespace\": \"default\", \"mac\": \"c6:5e:a4:8e:7a:59\", \"ips\": [\"192.168.20.202/24\"] }]spec: containers: - name: sample-pod command: [\"/bin/ash\", \"-c\", \"trap : TERM INT; sleep infinity & wait\"] image: alpineCheck to see if it’s runningkubectl get pod sample-podYou should see something like:NAME READY STATUS RESTARTS AGEsample-pod 1/1 Running 0 30hNow let’s describe the pod to see if it got our IPkubectl describe pod sample-podYou should see something like:➜ home-ops git:(master) k describe pod sample-podName: sample-podNamespace: defaultPriority: 0Service Account: defaultNode: k8s-home-worker-01/192.168.20.70Start Time: Sun, 14 Apr 2024 00:01:28 -0500Labels: <none>Annotations: k8s.v1.cni.cncf.io/network-status: [{ \"name\": \"portmap\", \"interface\": \"eth0\", \"ips\": [ \"10.42.4.89\" ], \"mac\": \"1a:af:f2:3f:32:f8\", \"default\": true, \"dns\": {}, \"gateway\": [ \"10.42.4.163\" ] },{ \"name\": \"default/multus-iot\", \"interface\": \"net1\", \"ips\": [ \"192.168.20.202\" ], \"mac\": \"bc:24:11:a0:4b:35\", \"dns\": {} }] k8s.v1.cni.cncf.io/networks: [{ \"name\": \"multus-iot\", \"namespace\": \"default\", \"mac\": \"c6:5e:a4:8e:7a:59\", \"ips\": [\"192.168.20.202/24\"] }]Status: RunningIP: 10.42.4.89IPs: IP: 10.42.4.89Containers: sample-pod: Container ID: containerd://fdd56e2fcdb3d587d792878285ef0fe50d076167d2b283dbf42aeb1b210d36cf Image: alpine Image ID: docker.io/library/alpine@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b Port: <none> Host Port: <none> Command: /bin/ash -c trap : TERM INT; sleep infinity & wait State: Running Started: Sun, 14 Apr 2024 00:01:29 -0500 Ready: True Restart Count: 0 Environment: <none> Mounts: /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-lggfv (ro)Conditions: Type Status Initialized True Ready True ContainersReady True PodScheduled TrueVolumes: kube-api-access-lggfv: Type: Projected (a volume that contains injected data from multiple sources) TokenExpirationSeconds: 3607 ConfigMapName: kube-root-ca.crt ConfigMapOptional: <nil> DownwardAPI: trueQoS Class: BestEffortNode-Selectors: <none>Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s node.kubernetes.io/unreachable:NoExecute op=Exists for 300sEvents: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 8s default-scheduler Successfully assigned default/sample-pod to k8s-home-worker-01 Normal AddedInterface 7s multus Add eth0 [10.42.4.89/32] from portmap Normal AddedInterface 7s multus Add net1 [192.168.20.202/24] from default/multus-iot Normal Pulling 7s kubelet Pulling image \"alpine\" Normal Pulled 7s kubelet Successfully pulled image \"alpine\" in 388.090289ms (388.099785ms including waiting) Normal Created 7s kubelet Created container sample-pod Normal Started 7s kubelet Started container sample-podYou should see an adapter added to the pod as well as an IP:...Normal AddedInterface 7s multus Add net1 [192.168.20.202/24] from default/multus-iot...Testing the WorkloadBe sure you can ping that new IP➜ home-ops git:(master) ping 192.168.20.202PING 192.168.20.202 (192.168.20.202): 56 data bytes64 bytes from 192.168.20.202: icmp_seq=0 ttl=63 time=0.839 ms64 bytes from 192.168.20.202: icmp_seq=1 ttl=63 time=0.876 ms64 bytes from 192.168.20.202: icmp_seq=2 ttl=63 time=0.991 ms64 bytes from 192.168.20.202: icmp_seq=3 ttl=63 time=0.812 msexec into the pod and test connectivity and DNSkubectl exec -it pods/sample-pod -- /bin/shOnce in ping your gateway, ping another device on the network, and ping something on the internet/ # ping 192.168.20.1PING 192.168.20.1 (192.168.20.1): 56 data bytes64 bytes from 192.168.20.1: seq=0 ttl=64 time=0.318 ms64 bytes from 192.168.20.1: seq=1 ttl=64 time=0.230 ms64 bytes from 192.168.20.1: seq=2 ttl=64 time=0.531 ms^C--- 192.168.20.1 ping statistics ---3 packets transmitted, 3 packets received, 0% packet lossround-trip min/avg/max = 0.230/0.359/0.531 ms/ # ping 192.168.20.52PING 192.168.20.52 (192.168.20.52): 56 data bytes64 bytes from 192.168.20.52: seq=0 ttl=255 time=88.498 ms64 bytes from 192.168.20.52: seq=1 ttl=255 time=3.375 ms64 bytes from 192.168.20.52: seq=2 ttl=255 time=25.688 ms^C--- 192.168.20.52 ping statistics ---3 packets transmitted, 3 packets received, 0% packet lossround-trip min/avg/max = 3.375/39.187/88.498 ms/ # ping google.comPING google.com (142.250.191.238): 56 data bytes64 bytes from 142.250.191.238: seq=0 ttl=111 time=8.229 ms64 bytes from 142.250.191.238: seq=1 ttl=111 time=8.578 ms64 bytes from 142.250.191.238: seq=2 ttl=111 time=8.579 ms^C--- google.com ping statistics ---3 packets transmitted, 3 packets received, 0% packet lossround-trip min/avg/max = 8.229/8.462/8.579 ms/ #Now test DNS by looking up something on the internet, something on your local network, and something inside of your cluster/ # nslookup google.comServer: 10.43.0.10Address: 10.43.0.10:53Non-authoritative answer:Name: google.comAddress: 142.250.191.238Non-authoritative answer:Name: google.comAddress: 2607:f8b0:4009:81b::200e/ # nslookup k8s-home-worker-01.local.techtronic.usServer: 10.43.0.10Address: 10.43.0.10:53Name: k8s-home-worker-01.local.techtronic.usAddress: 192.168.60.53Non-authoritative answer:/ # nslookup homepageServer: 10.43.0.10Address: 10.43.0.10:53** server can't find homepage.cluster.local: NXDOMAIN** server can't find homepage.svc.cluster.local: NXDOMAIN** server can't find homepage.cluster.local: NXDOMAIN** server can't find homepage.svc.cluster.local: NXDOMAINName: homepage.default.svc.cluster.localAddress: 10.43.143.7If all of the tests passed, you should be good!You can now do the same thing for your other workloads that need to use Multus!GotchasRKE2If you’re using RKE2 and you notice that your worker nodes are using the wrong IP address after adding an additional NIC, you can override the Node IP with config:# /etc/rancher/rke2/config.yamlnode-ip: 192.168.60.53 # the node's primary IP used for kubernetesnode-external-ip: 192.168.60.53 # the node's primary IP used for kubernetesYou will need to restart the rke service or reboot.Check withkubectl get nodes -o wideYou should then see the IP on the node (note my k8s-home-worker-01 has the fix, but k8s-home-worker-02 and k8s-home-worker-03 don’t)NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIMEk8s-home-01 Ready control-plane,etcd,master 5d v1.28.8+rke2r1 192.168.60.50 <none> Ubuntu 22.04.4 LTS 5.15.0-102-generic containerd://1.7.11-k3s2k8s-home-02 Ready control-plane,etcd,master 5d v1.28.8+rke2r1 192.168.60.51 <none> Ubuntu 22.04.4 LTS 5.15.0-102-generic containerd://1.7.11-k3s2k8s-home-03 Ready control-plane,etcd,master 5d v1.28.8+rke2r1 192.168.60.52 <none> Ubuntu 22.04.4 LTS 5.15.0-102-generic containerd://1.7.11-k3s2k8s-home-worker-01 Ready worker 5d v1.28.8+rke2r1 192.168.60.53 192.168.60.53 Ubuntu 22.04.4 LTS 5.15.0-102-generic containerd://1.7.11-k3s2k8s-home-worker-02 Ready worker 5d v1.28.8+rke2r1 192.168.20.71 <none> Ubuntu 22.04.4 LTS 5.15.0-102-generic containerd://1.7.11-k3s2k8s-home-worker-03 Ready worker 5d v1.28.8+rke2r1 192.168.20.72 <none> Ubuntu 22.04.4 LTS 5.15.0-102-generic containerd://1.7.11-k3s2You can see more flags on the RKE2 documentation pagecloud-init and routingI have also seen odd issues when with routing and using cloud init. I’ve had to override some settings using netplanYou can see there is a misplaced route in your tables➜ ~ ip route192.168.20.0/24 dev eth1 proto kernel scope link src 192.168.20.72 metric 100192.168.20.1 dev eth1 proto dhcp scope link src 192.168.20.72 metric 100192.168.60.0/24 dev eth0 proto kernel scope link src 192.168.60.55 metric 100192.168.60.1 dev eth0 proto dhcp scope link src 192.168.60.55 metric 100192.168.60.10 via 192.168.20.1 dev eth1 proto dhcp src 192.168.20.72 metric 100 # wrong192.168.60.10 dev eth0 proto dhcp scope link src 192.168.60.55 metric 100192.168.60.22 via 192.168.20.1 dev eth1 proto dhcp src 192.168.20.72 metric 100 #wrong192.168.60.22 dev eth0 proto dhcp scope link src 192.168.60.55 metric 100To fix this, we need to override the routes with netplansudo nano /etc/netplan/50-cloud-init.yaml# This file is generated from information provided by the datasource. Changes# to it will not persist across an instance reboot. To disable cloud-init's# network configuration capabilities, write a file# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:# network: {config: disabled}network: version: 2 ethernets: eth0: addresses: - 192.168.60.55/24 match: macaddress: bc:24:11:f1:2a:e7 nameservers: addresses: - 192.168.60.10 - 192.168.60.22 routes: - to: default via: 192.168.60.1 set-name: eth0 eth1: addresses: - 192.168.20.65/24 match: macaddress: bc:29:71:9a:01:29 nameservers: addresses: - 192.168.60.10 - 192.168.60.22 routes: - to: 192.168.20.0/24 via: 192.168.20.1 set-name: eth1 eth2: addresses: - 192.168.40.52/24 match: macaddress: bc:24:11:3d:c9:f7 nameservers: addresses: - 192.168.60.10 - 192.168.60.22 routes: - to: 192.168.40.0/24 via: 192.168.40.1 set-name: eth2If you know of a better way to do this, please let me know in the comments.k3sYou will have to make some changes for this to work with k3s. Thanks ThePCGeek! # k3s multus installapiVersion: helm.cattle.io/v1kind: HelmChartmetadata: name: multus namespace: kube-systemspec: repo: https://rke2-charts.rancher.io chart: rke2-multus targetNamespace: kube-system # createNamespace: true valuesContent: |- config: cni_conf: confDir: /var/lib/rancher/k3s/agent/etc/cni/net.d clusterNetwork: /var/lib/rancher/k3s/agent/etc/cni/net.d/10-flannel.conflist binDir: /var/lib/rancher/k3s/data/current/bin/ kubeconfig: /var/lib/rancher/k3s/agent/etc/cni/net.d/multus.d/multus.kubeconfigmac-vlanI have also used this mac-vlan config below successfully---apiVersion: \"k8s.cni.cncf.io/v1\"kind: NetworkAttachmentDefinitionmetadata: name: multus-iot namespace: defaultspec: config: |- { \"cniVersion\": \"0.3.1\", \"name\": \"multus-iot\", \"plugins\": [ { \"type\": \"macvlan\", \"master\": \"eth1\", \"mode\": \"bridge\", \"capabilities\": { \"ips\": true }, \"ipam\": { \"type\": \"static\", \"routes\": [{ \"dst\": \"192.168.0.0/16\", \"gw\": \"192.168.20.1\" }] } } ] }Sample PodsapiVersion: v1kind: Podmetadata: name: sample-pod namespace: default annotations: k8s.v1.cni.cncf.io/networks: | [{ \"name\": \"multus-iot\", \"namespace\": \"default\", \"mac\": \"c6:5e:a4:8e:7a:59\", \"ips\": [\"192.168.20.210/24\"], \"gateway\": [ \"192.168.20.1\" ] }]spec: containers: - name: sample-pod command: [\"/bin/ash\", \"-c\", \"trap : TERM INT; sleep infinity & wait\"] image: alpineJoin the conversationToday I released 40 minute, super niche technical video on advanced Kubernetes networking with Multus. I didn't do it for the algorithm, I did it because I loved every minute of it. (Well, after I got it working)https://t.co/O7sLjDIMXt pic.twitter.com/bBnBbmlsDx— Techno Tim (@TechnoTimLive) April 14, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "YOU Review MY HomeLab and Colocation Architecture!", "url": "/posts/homelab-colo-architecture-review/", "categories": "homelab", "tags": "homelab, datacenter, colocation, architecture, proxmox, rancher, unifi, flux, rke2, pihole", "date": "2024-04-05 08:00:00 -0500", "snippet": "After moving some of my HomeLab servers into the new colocation I have so many choices to make when it comes to services and architecture! From networking, to VPN, to security, to hypervisors, to b...", "content": "After moving some of my HomeLab servers into the new colocation I have so many choices to make when it comes to services and architecture! From networking, to VPN, to security, to hypervisors, to backups, and even DNS! I NEED YOUR HELP! Help me decide if I have created a solid foundation for my new HomeLab in a Colo!Network diagram created with Figma📺 Watch VideoDisclosures: Nothing in this video was sponsoredFind your UniFi cloud gateway here: https://store.ui.com?a_aid=TechnoTim(Affiliate links are included in this description. I may receive a small commission at no cost to you.)Join the conversationAfter moving some of my HomeLab servers into the new colocation I have so many choices to make when it comes to services and architecture! https://t.co/J998yIGsaY— Techno Tim (@TechnoTimLive) April 5, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "I Colocated My HomeLab in a Data Center", "url": "/posts/homelab-datacenter-1/", "categories": "homelab", "tags": "homelab, datacenter, colocation", "date": "2024-03-21 08:00:00 -0500", "snippet": "After a few months of planning and building, I colocated some of my homelab servers in a data center! There were so many unknowns like, how much does colocating server cost? Do you need to bring y...", "content": "After a few months of planning and building, I colocated some of my homelab servers in a data center! There were so many unknowns like, how much does colocating server cost? Do you need to bring your own networking? How do you even prepare for this? Join me as we figure this all out!And don’t worry, I still have servers at home too!📺 Watch VideoDisclosures: Huge thanks to William for inviting me to his colo rack! Thanks to Ubiquiti for sending a UDM for my rack!Find your UniFi cloud gateway here: https://store.ui.com?a_aid=TechnoTim(Affiliate links are included in this description. I may receive a small commission at no cost to you.)Join the conversationWhat happens when you colocate some of your HomeLab servers into a Data Center? And a better question, is it still called a HomeLab?https://t.co/mfxl6elVEL pic.twitter.com/ee8iMH3R5Q— Techno Tim (@TechnoTimLive) March 21, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "Meet LocalSend - A Cross Platform, Open Source Alternative to AirDrop", "url": "/posts/localsend/", "categories": "apps", "tags": "app, open-source, homelab, localsend, windows, android, ios, macos, linux", "date": "2024-03-09 07:00:00 -0600", "snippet": "LocalSend is an open source application that securely transfers files between devices without the internet. It’s cross platform meaning that it’s available for Windows, Mac, Linux, iOS (iPhone, i...", "content": "LocalSend is an open source application that securely transfers files between devices without the internet. It’s cross platform meaning that it’s available for Windows, Mac, Linux, iOS (iPhone, iPad), and Android devices. This is a great alternative to AirDrop or QuickSend and can send and receive files to other devices without a 3rd party service like Google Drive.📺 Watch VideoDisclosures: Nothing in this video was sponsoredDon’t forget to ⭐ localsend on GitHub!Installing on WindowsFrom a terminal:Using Wingetwinget install localsendUsing Chocolateychoco install localsendInstall from GitHubhttps://github.com/localsend/localsend/releasesInstalling on iOSApp Store recommended for most users.Download on the App StoreInstalling on AndroidApp Store recommended for most users.Get it on Google PlayInstall using an APK https://github.com/localsend/localsend/releasesInstalling on LinuxPackage Manager:Install with terminal.Ubuntu / DebianDownload deb file https://github.com/localsend/localsend/releasescd ~/Downloads #change to download foldersudo dpkg -i LocalSend-1.14.0-linux-x86-64.deb #change version to match downloadsudo apt install -f # install missing dependenciessudo dpkg -i LocalSend-1.14.0-linux-x86-64.deb #change version to match downloadFlathubflatpak install flathub org.localsend.localsend_appflatpak run org.localsend.localsend_appAURyay -S localsend-binNixnix-shell -p localsendpkgs.localsend # ConfigInstalling on macOSPackage Managers:Install with terminal.Homebrewbrew tap localsend/localsendbrew install localsendNixnix-shell -p localsendpkgs.localsend # ConfigBinaries:Download for offline usage. https://github.com/localsend/localsend/releasesApp Store recommended for most users.Download on the App StoreSee all releaseshttps://github.com/localsend/localsend/releasesJoin the conversationI found a free and open source alternative to AirDrop called LocalSend! It works with Windows, macOS, Android, and even Linux! Join me as I test it on every platform and see if I can transfer a file to every platform using this app!👉https://t.co/iWcGjDL476 pic.twitter.com/K24T37TOoq— Techno Tim (@TechnoTimLive) March 9, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "Meet Gatus - An Advanced Uptime Health Dashboard", "url": "/posts/gatus-uptime-monitoring/", "categories": "self-hosted", "tags": "gatus, dashboard, docker, open-source, homelab", "date": "2024-02-26 07:00:00 -0600", "snippet": "Meet Gatus a self-hosted, open source, health dashboard that lets you monitor all of you services and systems! This dashboard not only tracks your uptime, but also measure the results plotting the...", "content": "Meet Gatus a self-hosted, open source, health dashboard that lets you monitor all of you services and systems! This dashboard not only tracks your uptime, but also measure the results plotting the results on a chart over time. It also hooks into systems like Slack, Team, Discord, Twilio, and more! Join me as we configure and deploy Gatus into our own environment to measure and monitor all the things!📺 Watch VideoDisclosures: Nothing in this video was sponsoredDon’t forget to ⭐ Gatus on GitHub!Create Docker Composessh into serverMake a directory and cd into itmkdir gatus_uptimecd gatus_uptimeIn here we’re going to create a docker compose filetouch docker-compose.yamlnano docker-compose.yamlBasic Docker Composeversion: \"3.9\"services: gatus: image: twinproduction/gatus:latest restart: always ports: - \"8080:8080\" environment: - POSTGRES_USER=gatus_uptime_user # postgres user with access to the database - POSTGRES_PASSWORD=gatuspassword # postgres user password - POSTGRES_DB=gatus_uptime # this should be the name of your postgres database volumes: - ./config:/configPostgres DatabaseI am going use postgres to hold out data. Postgres is an open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. If you need to create a Postgres database, here’s the official Docker image. If you want to include Postgres in the same stack, you can see an example here. It also supports SQLite if you don’t want to use postgresUsing pgadmin (Windows/macOS/Linux support) or similar tools: Create database: gatus_uptime Create user: gatus_uptime_user Give user access to dbOnce you have that you should test your connection before proceeding.Gatus ConfigMake a config folder to house our config and create a config file.mkdir configcd configtouch config.yamlNow we need to create a config file for the sites we want to monitor.Place the following contents inside of the config.yamlstorage: type: postgres path: \"postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB}?sslmode=disable\"endpoints: - name: back-end group: core url: \"https://example.org/\" interval: 5m conditions: - \"[STATUS] == 200\" - \"[CERTIFICATE_EXPIRATION] > 48h\" - name: monitoring group: internal url: \"https://example.org/\" interval: 5m conditions: - \"[STATUS] == 200\" - name: nas group: internal url: \"https://example.org/\" interval: 5m conditions: - \"[STATUS] == 200\" - name: example-dns-query url: \"8.8.8.8\" # Address of the DNS server to use interval: 5m dns: query-name: \"example.com\" query-type: \"A\" conditions: - \"[BODY] == 93.184.216.34\" - \"[DNS_RCODE] == NOERROR\" - name: icmp-ping url: \"icmp://example.org\" interval: 1m conditions: - \"[CONNECTED] == true\"Be sure to update the DB hostname with your IP if you’re using an external database.path: \"postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@192.168.30.240:5432/${POSTGRES_DB}?sslmode=disable\"You can use DNS here too if you like e.g. @database.example.com:5432Starting GatusNow we can start our containergatus docker compose up -dCheck to be sure the container is running with out errorsdocker logs gatus-gatus-1Before we check out the UI, let’s look at postgres and verify that tables were created in our database. You should see them listed here: gatus_uptime>Schemas>public>TablesOnce we can seethat tables were created, now lets check out the UI.Gatus is hosted on the default port of 8080.Visit the IP with port in your browser:http://192.168.10.125:8080/Real World ExampleHere’s how I monitor my sites:storage: type: postgres path: \"postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@192.168.30.240:5432/${POSTGRES_DB}?sslmode=disable\"endpoint-defaults: &defaults group: External interval: 30s client: timeout: 10s conditions: - \"[STATUS] == 200\" - \"[CERTIFICATE_EXPIRATION] > 48h\"endpoints: - name: shop.technotim.live - HTTP <<: *defaults url: \"https://shop.technotim.live\" - name: technotim.live - HTTP <<: *defaults url: \"https://technotim.live\" - name: links.technotim.live - HTTP <<: *defaults url: \"https://links.technotim.live\" - name: l.technotim.live - HTTP <<: *defaults url: \"https://l.technotim.live\" - name: shop.technotim.live - DNS group: External url: \"8.8.8.8\" # Address of the DNS server to use interval: 5m dns: query-name: \"shop.technotim.live\" query-type: \"A\" conditions: - \"[BODY] == 23.227.38.74\" - \"[DNS_RCODE] == NOERROR\" - name: shop.technotim.live - Ping group: External url: \"icmp://shop.technotim.live\" interval: 1m conditions: - \"[CONNECTED] == true\" - name: Postgres group: Internal url: \"tcp://192.168.30.240:5432\" interval: 30s conditions: - \"[CONNECTED] == true\"AlertsGatus supports many systems for alertsTo keep it simple, we’re going to create a discord alert. First create a webhook in your discord server Then use that hook url in your configWe’ll configure some defaults too so we can keep our endpoints tidy like so:alerting: discord: webhook-url: \"https://discord.com/api/webhooks/**********/**********\" default-alert: description: \"Health Check Failed\" send-on-resolved: true failure-threshold: 2 success-threshold: 2Then you’ll need to update each endpoint with the alert: alerts: - type: discordOr, you can just add it to your anchor which will add it to allendpoint-defaults: &defaults group: External interval: 30s client: timeout: 10s conditions: - \"[STATUS] == 200\" - \"[CERTIFICATE_EXPIRATION] > 48h\" alerts: - type: discordNow let’s create some chaos. Take your site down After 2 time outs we get the alertsNow let’s test recovery Bring Site back up After 2 checks we can see the recovery alertFull config example:storage: type: postgres path: \"postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@192.168.30.240:5432/${POSTGRES_DB}?sslmode=disable\"alerting: discord: webhook-url: \"https://discord.com/api/webhooks/**********/**********\" default-alert: description: \"Health Check Failed\" send-on-resolved: true failure-threshold: 2 success-threshold: 2endpoint-defaults: &defaults group: External interval: 15s client: timeout: 10s conditions: - \"[STATUS] == 200\" - \"[CERTIFICATE_EXPIRATION] > 48h\" alerts: - type: discordendpoints: - name: shop.technotim.live - HTTP <<: *defaults url: \"https://shop.technotim.live\" - name: technotim.live - HTTP <<: *defaults url: \"https://technotim.live\" - name: links.technotim.live - HTTP <<: *defaults url: \"https://links.technotim.live\" - name: l.technotim.live - HTTP <<: *defaults url: \"https://l.technotim.live\" - name: shop.technotim.live - DNS group: External url: \"8.8.8.8\" # Address of the DNS server to use interval: 5m dns: query-name: \"shop.technotim.live\" query-type: \"A\" conditions: - \"[BODY] == 23.227.38.74\" - \"[DNS_RCODE] == NOERROR\" - name: shop.technotim.live - Ping group: External url: \"icmp://shop.technotim.live\" interval: 1m conditions: - \"[CONNECTED] == true\" - name: Postgres group: Internal url: \"tcp://192.168.30.240:5432\" interval: 30s conditions: - \"[CONNECTED] == true\"Join the conversationOver the last few weeks I have been looking for a more advanced self-hosted monitoring system. One that gives me more than just a simple up and down status and one that is config based. I think I found it!Check it out!👉https://t.co/7Z2xGA0w65 pic.twitter.com/LkDOo3hPzo— Techno Tim (@TechnoTimLive) February 26, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "Introducing, the Techno Tim Shop", "url": "/posts/techno-tim-shop-launch/", "categories": "life", "tags": "merch, dark-mode, homelab", "date": "2024-02-17 07:00:00 -0600", "snippet": "Today marks a very special day for me. It’s something I’ve been working on for quite some time, and it’s finally ready for everyone to see! 🎉Today, I launched the Techno Tim Shop with its first dro...", "content": "Today marks a very special day for me. It’s something I’ve been working on for quite some time, and it’s finally ready for everyone to see! 🎉Today, I launched the Techno Tim Shop with its first drop: the “Dark Mode Everything” collection. This collection was designed in-house, quite literally, by my wife in our own house, and it represents my love for Dark Mode. There’s something for everyone in this collection.Keep in mind that this is not a print-on-demand service, so supplies are truly limited for this initial drop. Thank you all for helping me get to this point! I couldn’t have done it without you!https://shop.technotim.liveWhere to BuyYou can see all of the items I offer in my shop here: https://shop.technotim.live(Affiliate links may be included. I may receive a small commission at no cost to you.)Join the conversationToday marks a very special day for me. It's something I've been working on for quite some time, and it's finally ready for everyone to see! 🎉 Today, I launched the Techno Tim Shop with its first drop: the "Dark Mode Everything" collection. https://t.co/ZBMUFcvjjJ pic.twitter.com/KZYRFYAoAB— Techno Tim (@TechnoTimLive) February 17, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "Optimizing TrueNAS for SPEED (and Safety)", "url": "/posts/truenas-performance-guide/", "categories": "truenas", "tags": "homelab, truenas, zfs", "date": "2024-02-09 07:00:00 -0600", "snippet": "After setting up your TrueNAS server there are lots of things to configure when it comes to tuning ZFS. From pools, to disk configuration, to cache to networking, backups and more. This guide wil...", "content": "After setting up your TrueNAS server there are lots of things to configure when it comes to tuning ZFS. From pools, to disk configuration, to cache to networking, backups and more. This guide will walk you through everything you should do after installing TrueNAS with a focus on speed, safety, and optimization.📺 Watch VideoDisclosures: Nothing in this video was sponsoredPool OptimizationsI chose Mirrored VDEVs for a few reasons:Upsides Provides redundancy Increased performance Great for small random reads Expansion, much easier than any other raid type You can expand by adding an additional pair This means I only need to buy 2 disks to expand my pool Resilvering is fast Downsides Write performance can be impacted since each write involves updating all VDEVS in a mirror Adding a separate ZIP like an SSD can improve write performance, which we’ll talk about If I lose 2 drives in the same mirror I lose the whole pool Which means that I need to replace disks fast If your pool of mirrored VDEVs is big enough, the chances are less likely to happen 50% capacity lossDatasets Encryption: On Sync: Standard Compression: LZ4 Enabled Atime: Off ZFS Deduplication: OffARC Adaptive Replacement Cache, this is where data is stored that is frequently accessed along with metadata about the files. Algorithm for adding and evicting data for least recently used. This makes accessing files quicker because it doesn’t need to read from disk and takes the load off those disks so they can do another tasks This isn’t really used for write, that’s ZIL, but some async writes and write directly to ARC There’s a general rule of thumb that you should have 1GB for each TB, however the more the better. One tweak that you might have to do if using ZFS on a Linux system like TrueNAS Scale and that’s adjusting the ARC allocation This is not needed after this patch is released By default linux only allocates 50% You can override this with a quick command while the system is running and then you can also follow that up with a startup command to be sure that this persists between reboots Generally speaking you should let your system run for a few days before making this adjustment as well as running any services and VMs to be sure you don’t over allocate your RAM to ARC. See Tom Lawrence’s Video on this topic Read SpeedsTo increase read speeds: More RAM More disks / spindles L2ARC Stripe these, even 1 large SSD is good Write SpeedsTo increase write speeds: More Disks - spinning disks can only read/write at about 150 MB/s Disable Sync write? (No!, not safe) Create SLOG device Should use disks fast that in the pool like SSDs Be sure you have at least a mirror for this This moves ZIL off the main pool, which frees up the pool to do other things Network Considerations LAGG / LACP gives you 2 lanes Gives you redundancy Generally speaking if your switch supports it, a great ideaNetwork and disk speed go hand in hand If your pool can’t read at 10 Gb/s there’s no sense of having 10 gb/s networking If your disks have huge IOSps (think all SSD) your network can’t handle the throughput Somewhere in the middleVLAN Routing Another huge consideration is inter VLAN routing. If you have to cross VLANs, be sure that your switch or router can handle these speeds or you might have to get creative with a dedicated data network that doesn’t traverse VLANs.Snapshots This is diff based Fist will be relatively large Subsequent will be smaller My Settings: Lifetime of 2 weeks Enable Recursion Don’t allow taking empty snapshots Enable the scheduleBackups Yes, but hard to do on a budget Ideally you want to replicate these snapshots to another pool, preferably on another machineAlerts Check to be sure alerts are enabled and workingUPS Yes, enough saidWhere to BuyHere are some items I found useful when building my NAS Supermicro NVMe Add-in Card - https://www.ebay.com/itm/375100900409?mkcid=1&mkrid=711-53200-19255-0&siteid=0&campid=5338780159&customid=&toolid=10001&mkevt=1 Dell NVMe Add-in Card - https://www.ebay.com/itm/164864777644?mkcid=1&mkrid=711-53200-19255-0&siteid=0&campid=5338780159&customid=&toolid=10001&mkevt=1 M.2 Heatsink SSD Cooler for PS5 PCIE NVME - https://amzn.to/4bwsYAq Intel OPTANE SSD P1600X Series 118GB M.2 PCIE - https://amzn.to/497Np53 SAMSUNG 990 PRO Series - 2TB PCIe Gen4. X4 NVMe 2.0c - M.2 Internal SSD - https://amzn.to/4buzeZz Seagate IronWolf 12TB NAS Internal Hard Drive HDD - https://amzn.to/3usqnH8 Seagate Exos X18 ST14000NM000J 14 TB Hard Drive - https://amzn.to/3SC6ntT APC UPS 1500VA UPS Battery Backup and Surge Protector - https://amzn.to/499JvZx Tripp Lite SMART1500LCD 1500VA UPS Smart Battery Backup (rackmount) - https://amzn.to/3SOXhLr(Affiliate links may be included. I may receive a small commission at no cost to you.)Join the conversationOver the last few weeks while building my new TrueNAS server I learned a lot about ZFS and how to optimize my new NAS for performance.https://t.co/qvAJBBSCkA pic.twitter.com/6LB5IqHZo7— Techno Tim (@TechnoTimLive) February 9, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "PiKVM with TESmart KVM Fixed!", "url": "/posts/pikvm-tesmart/", "categories": "homelab", "tags": "homelab, hardware, pikvm, tesmart", "date": "2024-01-19 07:00:00 -0600", "snippet": "After many hours and testing, swapping, resetting, and EDID training, all of my PiKVM and TESmart issues were solved with with a simple, cheap dongle. If you aren’t aware of the struggles I faced ...", "content": "After many hours and testing, swapping, resetting, and EDID training, all of my PiKVM and TESmart issues were solved with with a simple, cheap dongle. If you aren’t aware of the struggles I faced when using the PiKVM with a TESmart switch, all of it is detailed in a previous post where I ended up settling on another switch altogether. That’s all changed now with a simple EDID emulator passthrough adapter (affiliate link). However, for the uninformed, I’ll summarize the symptoms I experienced with the PiKVM and TESmart KVM and how I was able to fix these issues.My ExperienceWhen I originally set up my PiKVM (v3 at the time) I wanted to remote control more than one machine. I have a server rack and I rationalized that 8 would be a good number of machines to remote control and ultimately justify the cost of the hardware (cost spread over 8 machines). I also wanted something to rackmount since, after all, I have a server rack. That’s when I found the TESmart 8X1 HDMI KVM Switch 8 (affiliate link).It met all of my requirements: 8 ports Rackmountable Compatible with PiKVM (or so I thought)This device was listed as compatible with PiKVM so I thought it was a safe bet.I have (3) Intel NUC 11th Gen device I planned on connecting to this switch along with an old PC that has a ASUS Z87-PRO motherboard. I figured since they were all Intel based GPUs it was a safe bet. Boy was I wrong…Shortly after configuring the PiKVM with the TESmart KVM and my devices it was clear that something was definitely wrong.As you can see, 1 out of 3 devices work. All 3 are the same model. Usually none of them work even after properly training them.Some of the symptoms were: Black screen without any video When switching machines, you see video but quickly goes to black When switching to some devices, you see a green screen While getting a green screen, the CPU spikes on the PiKVM to where you have to rebootThings I triedI knew this was not good, however I figured it was something that could be fixed in software, after all the PiKVM is open source and running Linux. I did the obvious first, which was training the PiKVM and the TESmart switch according to TESmart’s YouTube video (which is excellent by the way). This kind of helped and by kind of I mean that 1 device would sometimes work but then after adding additional devices it would start experiencing the same symptoms as above. So I thought I could fix it in software…I tried updating the device, testing different EDIDs,and even working with the creator of the PiKVM, Max Devaev, to see if we could tweak any settings to make it work with the TESmart KVM. After capturing logs and EDIDs, Max determined that the EDID was getting “poisoned” with some other EDID when switching. So we decided that it was a hardware issue. I ended up purchasing an EZCOO switch (affiliate link) which ended up working perfectly, albeit not rackmountable.I reached out to TESmart around the same time to see if maybe it was something they had experience in the past, or something that might be addressed in a firmware update. They were great to work with (huge shout out to Ray from TESmart!) and walked me though some additional troubleshooting steps. Each step still yielded the same results. When we exhausted everything we could try, they sent a replacement to see if that might resolve the issue, but sadly it did not.PiKVM v4 and MoreAll of this troubleshooting was done on the PiKVM v3, which I had purchased pretty late in its lifecycle, and v4 was right around the corner. Max from PiKVM said that he felt the issue could be resolved in their v4 model and mentioned he would send one when it launched. I was hopeful that this work. A few months later, the PiKVM v4 Plus arrived on my doorstep.PiKVM v4 Plus & PiKVM v4 MiniAfter receiving the PiKVM v4 and hooking it up to the TESmart switch I found that I had the same issue as before. This told me it was most likely something with the TESmart switch. I reached out to them again after discovering that I had the 4k 30 fps model and hoped that the 4k 60 fps model would make a difference, after all there were some people who said theirs worked just fine and internet rumors that the 60 fps model worked better.I talked to TESmart again and they shipped a replacement, this time the 4k 60 fps model. I quickly hooked it up and once again experienced all of the same symptoms. I was really puzzled as to why this was happening to me when it works fine with other switches and others claimed to use this switch fine.Community to the Rescue!After testing all of this, I was convinced that I would never be able to use my rackmount KVM. I have to admit that I wasn’t that upset that it didn’t work, I was more upset that I didn’t know when to quit. I was frustrated that I sunk over 80 hours of my time trying to fix this when in fact there was no fix. Sometimes you gotta just let go…That’s when I got lucky and someone posted a comment on my previous post with something new to try. The comment from juristoeckli that mentioned something about an “EDID Emulator”. I had never heard of these before nor was I sure that this was the issue. Then NateDiTo also left a comment about how they had used these EDID emulators (affiliate link) and they worked for them. Finally, I wasn’t alone! Someone else who was experiencing the same thing or at least knew my struggle!That’s when I decided to give it a shot. I told myself “If these don’t work, I am giving up!” and I meant it this time (maybe… 😂).This little device will override your EDID possibly making it compatible with the device it’s connecting to.How I fixed itI purchased a cheaper version of the EDID emulator (affiliate link) hoping they would work. Also, serendipitously, Ray from TESmart had mentioned an EDID emulator in an email that same night. He mentioned this as a last resort, however in my mind this was my last resort. After the devices arrived, I quickly inserted the emulators into the TESmart and connected my machines to them.I plugged them directly into the TESmart switch and all devices started working immediately!I retrained the devices per the video, and sure enough after powering the first one one it worked! I could see my machine in the PiKVM without issues! I quickly tempered my expectations because I have been here before. One device would sometimes work fine, but never more than one. Sure enough after training the next 2 devices it worked fine. I could now control all 3 devices from the PiKVM with the TESmart KVM switch. I tested by rebooting the devices and even the PiKVM and everything still works! They now work as reliably as they did with the EZCOO switch.So why does this work?When I think about the solution, it’s challenging to know how and why this is working. As I understand it, EDID emulators are meant to override a device’s EDID, basically telling the connected device which capabilities it supports. You would think that my devices were sending the proper EDID to the TESmart switch, however as I experienced with 4 devices (2 unique), this was not the case.Some people have mentioned that this happens more often when running Linux, and I even experienced that myself too. When one of my Intel NUCs was running Windows it seemed to work fine but when running Proxmox (Debian Linux) it seemed to experience these issues. This could be a Windows vs. Linux issue, or it could be chalked up to my other experience where 1 device would work fine but none of the others. I’ve tested quite a bit over the span of a year and it’s challenging to know for sure. Oddly enough, this doesn’t happen to everyone who uses TESmart switches. I do think it’s a combination of TESmart + Device + OS/driver that triggers the problem, because again, it works with my with EZCOO switch. I also have a hunch that these emulators might be instructing the device’s GPU to stay powered on even when a device isn’t plugged into it (just like HDMI dummy plugs), however I don’t know if that’s true. If you know, let me know in the comments below!I am considering this “fixed” now even though technically this is a “workaround.” A huge thanks to Max from PiKVM, Ray from TESmart (and the TESmart team), and juristoeckli and NateDiTo in the comments because without all of you I would have given up. Each new idea or additional troubleshooting step motivated me to keep going. I can finally use this switch and recommend it to those who want something rackmountable (with workarounds).ConfigHere is the configuration I use:/etc/kvmd/override.yaml# /etc/kvmd/override.yaml.bak.tesmart##################################################################### ## Override Pi-KVM system settings. This file uses the YAML syntax. ## ## https://github.com/pikvm/pikvm/blob/master/pages/config.md ## ## All overridden parameters will be applied AFTER other configs ## and \"!include\" directives and BEFORE validation. ## Not: Sections should be combined under shared keys. ## #####################################################################kvmd: gpio: drivers: tes: type: tesmart host: 192.168.20.63 port: 5000 wol_server0: type: wol mac: 1c:69:7a:ad:11:85 wol_server1: type: wol mac: 88:ae:dd:05:cf:09 wol_server2: type: wol mac: 88:ae:dd:05:c6:3b wol_server3: type: wol mac: 3c:ec:ef:0e:d3:a4 wol_server3a: type: wol mac: 3c:ec:ef:0e:d3:a5 wol_server4: type: wol mac: 3c:ec:ef:90:c8:0c wol_server4a: type: wol mac: 3c:ec:ef:90:c8:0d reboot: type: cmd cmd: [/usr/bin/sudo, reboot] restart_service: type: cmd cmd: [/usr/bin/sudo, systemctl, restart, kvmd] scheme: ch0_led: driver: tes pin: 0 mode: input ch1_led: driver: tes pin: 1 mode: input ch2_led: driver: tes pin: 2 mode: input ch3_led: driver: tes pin: 3 mode: input ch4_led: driver: tes pin: 4 mode: input pikvm_led: pin: 0 mode: input ch0_button: driver: tes pin: 0 mode: output switch: false ch1_button: driver: tes pin: 1 mode: output switch: false ch2_button: driver: tes pin: 2 mode: output switch: false ch3_button: driver: tes pin: 3 mode: output switch: false ch4_button: driver: tes pin: 4 mode: output switch: false wol_server0: driver: wol_server0 pin: 0 mode: output switch: false wol_server1: driver: wol_server1 pin: 0 mode: output switch: false wol_server2: driver: wol_server2 pin: 0 mode: output switch: false wol_server3: driver: wol_server3 pin: 0 mode: output switch: false wol_server3a: driver: wol_server3a pin: 0 mode: output switch: false wol_server4: driver: wol_server4 pin: 0 mode: output switch: false wol_server4a: driver: wol_server4a pin: 0 mode: output switch: false reboot_button: driver: reboot pin: 0 mode: output switch: false restart_service_button: driver: restart_service pin: 0 mode: output switch: false view: table: - [\"#NUC1\", ch0_led, ch0_button, \"wol_server0 | WoL\"] - [\"#NUC2\", ch1_led, ch1_button, \"wol_server1 | WoL\"] - [\"#NUC3\", ch2_led, ch2_button, \"wol_server2 | WoL\"] - [\"#HL15\", ch3_led, ch3_button, \"wol_server3 | WoL-10g\", \"wol_server3a | WoL-10g\"] - [\"#Storinator\", ch4_led, ch4_button, \"wol_server4 | WoL-10g\", \"wol_server4a | WoL-10g\"] - [\"#PiKVM\", \"pikvm_led|green\", \"restart_service_button|confirm|Service\", \"reboot_button|confirm|Reboot\"]edit /etc/sudoers.d/99_kvmdadd to the end:kvmd ALL=(ALL) NOPASSWD: /usr/bin/rebootkvmd ALL=(ALL) NOPASSWD: /usr/bin/systemctlThen reboot or restart services.Where to BuyHere are the items that I used during this project. PiKVM - https://pikvm.org TESmart Switch - https://amzn.to/3YV0Gsi TESmart Switch (buy direct, usually cheaper) - https://l.technotim.live/tesmart HDMI Cables - https://amzn.to/3SgJ34g USB B Cables - https://amzn.to/3Eel0wU EDID emulator (the ones I use) - https://amzn.to/3tQp04Z EDID emulators (3 pack recommended by the community) - https://amzn.to/47MUtCO VGA to HDMI Adapter (great for connecting VGA devices to a PiKVM) - https://amzn.to/491uAAo Intel NUC 11 kit - https://amzn.to/3vRDAJK(Affiliate links may be included. I may receive a small commission at no cost to you.)Join the conversationAll the problems I had with the PiKVM and TESmart KVM switch were fixed with this one cheap little device.https://t.co/yOGjQTywYy— Techno Tim (@TechnoTimLive) January 19, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "Meet Homepage - Your HomeLab Services Dashboard", "url": "/posts/homepage-dashboard/", "categories": "self-hosted", "tags": "homepage, dashboard, docker, open-source, homelab", "date": "2024-01-15 07:00:00 -0600", "snippet": "Meet Homepage, your new HomeLab services dashboard homepage! Homepage is an open source, highly customizable homepage (or startpage) dashboard that runs on Docker and is integrated with over 100 ...", "content": "Meet Homepage, your new HomeLab services dashboard homepage! Homepage is an open source, highly customizable homepage (or startpage) dashboard that runs on Docker and is integrated with over 100 API services. It’s easy to set up, looks good by default, and helps you keep track of everything you are running in your HomeLab and more. Today we’ll set up Homepage and get it running in Docker in no time.📺 Watch VideoDisclosures: Nothing in this video was sponsoredDon’t forget to ⭐ homepage on GitHub!Requirements docker (and compose)Docker SetupSee this post on how to install docker and docker composeInstallMake a directorymkdir homepagecd into itcd homepagecreate a docker-compose.yaml filetouch docker-compose.yamlEdit itnano docker-compose.yamlPlace the contentsversion: \"3.3\"services: homepage: image: ghcr.io/gethomepage/homepage:latest container_name: homepage ports: - 3000:3000 env_file: .env # use .env volumes: - /path/to/config:/app/config # Make sure your local config directory exists - /var/run/docker.sock:/var/run/docker.sock # (optional) For docker integrations, see alternative methods environment: PUID: $PUID # read them from .env PGID: $PGID # read them from .envCreate an .env file for variablestouch .envEdit itnano .envadd to file:PUID=1000PGID=1000Save and exitStart the containerdocker compose up -d Note: The container can take up to 60 seconds to start the first time. It’s a good idea to check the container to see if it is passing health checks before browsing to your site.Check to be sure you see that the container is healthy.You can check by running:docker psYou should see something like:CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES8d841cf77e6f ghcr.io/gethomepage/homepage:latest \"docker-entrypoint.s…\" 2 minutes ago Up 2 minutes (healthy) 0.0.0.0:3000->3000/tcp, :::3000->3000/tcp homepageOnce it’s healthy, visit http://<IP-ADDRESS-DOCKER-MACHINE>:3000You should see your new homepage!ConfigureOn docker machine, cd into config directorycd configYou’ll see yaml files, these are configurations we can edit to configure our homepageedit settings.yamlnano config/settings.yaml---# For configuration options and examples, please see:# https://gethomepage.dev/latest/configs/settingstitle: My Awesome Homepage # <----- add this lineproviders: openweathermap: openweathermapapikey weatherapi: weatherapiapikeySave, exit, and revisit your homepageShould refresh, if not click the refresh in lower right hand cornerTitle of document should now be My Awesome HomepageIf we want, we can also customize the background but updating this file tooEdit settings.yamlnano settings.yaml---# For configuration options and examples, please see:# https://gethomepage.dev/latest/configs/settingstitle: My Awesome Homepage background: https://images.unsplash.com/photo-1502790671504-542ad42d5189?auto=format&fit=crop&w=2560&q=80 # <----- add this lineproviders: openweathermap: openweathermapapikey weatherapi: weatherapiapikeySave and exit again, and the background should be updated.You can also mount your own image rather than reference one on the web however I am going to stick with one from the web that I don’t have to worry about additional mounts and configuration in the future.If we want to add some additional filters to the image using tailwind css, we can like so---# For configuration options and examples, please see:# https://gethomepage.dev/latest/configs/settingstitle: My Awesome Homepage background: image: https://images.unsplash.com/photo-1502790671504-542ad42d5189?auto=format&fit=crop&w=2560&q=80 blur: sm # sm, \"\", md, xl... see https://tailwindcss.com/docs/backdrop-blur saturate: 50 # 0, 50, 100... see https://tailwindcss.com/docs/backdrop-saturate brightness: 50 # 0, 50, 75... see https://tailwindcss.com/docs/backdrop-brightness opacity: 50 # 0-100# ^^^^ add the above block providers: openweathermap: openweathermapapikey weatherapi: weatherapiapikeyIf we want to set out homepage to dark mode and the color to slate, we can like:---# For configuration options and examples, please see:# https://gethomepage.dev/latest/configs/settingstitle: My Awesome Homepage theme: dark # <----- add this linecolor: slate # <----- add this linebackground: image: https://images.unsplash.com/photo-1502790671504-542ad42d5189?auto=format&fit=crop&w=2560&q=80 blur: sm # sm, \"\", md, xl... see https://tailwindcss.com/docs/backdrop-blur saturate: 50 # 0, 50, 100... see https://tailwindcss.com/docs/backdrop-saturate brightness: 50 # 0, 50, 75... see https://tailwindcss.com/docs/backdrop-brightness opacity: 50 # 0-100# ^^^^ add the above block providers: openweathermap: openweathermapapikey weatherapi: weatherapiapikey Why do this? Isn’t this a lot of work? 1 word, it’s “repeatable”. We can back up our yaml files and even share them if we want. Also works great with Kubernetes since you can pass a ConfigMap file to your deployment thus not needing a volume.ServicesServices are configured in service.yaml and really are button for accessing some of your servicesEdit service.yamlnano config/service.yaml---# For configuration options and examples, please see:# https://gethomepage.dev/latest/configs/services- My First Group: - My First Service: href: http://localhost/ description: Homepage is awesome- My Second Group: - My Second Service: href: http://localhost/ description: Homepage is the best- My Third Group: - My Third Service: href: http://localhost/ description: Homepage is 😎- Top Services: - Proxmox: icon: proxmox.png # icons found here https://github.com/walkxcode/dashboard-icons href: https://192.168.0.15:8006 description: Proxmox VE - PiHole: icon: pi-hole.svg # icons found here https://github.com/walkxcode/dashboard-icons href: http://192.168.60.10/admin description: Server 1 - Cowboy: icon: mdi-account-cowboy-hat-#FF0000 # icons found here https://pictogrammers.com/library/mdi/ href: https://localhost/ description: giddyup service - McDonald’s: icon: si-mcdonalds-#FFD700 # icons found here https://simpleicons.org/ href: https://www.mcdonalds.com/ description: homepage # ^^^ add this blockAs you can see we configured 4 services: one that use png images one that used svg images one that use Material Design icons one that used Simple Icons Note: If you’re using Material Design Icons or Simple Icons you can change the color of the icon by appending the hex values to the icon name as shown above.Service WidgetsThese extend the functionality of service buttons. Optional but cool.Edit service.yamlnano config/service.yaml---# For configuration options and examples, please see:# https://gethomepage.dev/latest/configs/services- My First Group: - My First Service: href: http://localhost/ description: Homepage is awesome- My Second Group: - My Second Service: href: http://localhost/ description: Homepage is the best- My Third Group: - My Third Service: href: http://localhost/ description: Homepage is 😎- Top Services: - Proxmox: icon: proxmox.png # icons found here https://github.com/walkxcode/dashboard-icons href: https://192.168.0.15:8006 description: Proxmox VE - PiHole: icon: pi-hole.svg # icons found here https://github.com/walkxcode/dashboard-icons href: http://192.168.60.10/admin description: Server 1 widget: type: pihole url: http://192.168.60.10 key: \"{{HOMEPAGE_VAR_PIHOLE_API_KEY}}\" # <--- updated with API key from PiHole - Cowboy: icon: mdi-account-cowboy-hat-#FF0000 # icons found here https://pictogrammers.com/library/mdi/ href: https://localhost/ description: giddyup service - McDonald’s: icon: si-mcdonalds-#FFD700 # icons found here https://simpleicons.org/ href: https://www.mcdonalds.com/ description: homepageStop the Docker containerdocker stop homepageStart the Docker containerdocker start homepage Note: I have noticed that sometimes you need to recreate the container in order for the variables from your .env to be replaced. Not sure if this is a feature or a bug, but docker compose up -d --force-recreate will stop the old container, remove it, and create a new oneWe should now see pi hole statisticsWidgetsWidgets are standalone items like the resource and search at the top.If you want to edit these items:nano config/widgets.yaml---# For configuration options and examples, please see:# https://gethomepage.dev/latest/configs/service-widgets- resources: cpu: true memory: true disk: /- search: provider: google # <--- updated with google target: _blank- datetime: text_size: xl format: timeStyle: short # ^^^ add this blockNow we can see that search has been changed to Google and we’ve added a date widget.My DashboardHere’s a fully working example of my own Homepage dashboard that I use!As promised, here is both the config for Docker and even Kubernetes!Docker Configdocker-compose.yamlversion: \"3.3\"services: homepage: image: ghcr.io/gethomepage/homepage:latest container_name: homepage restart: unless-stopped ports: - 3000:3000 env_file: .env volumes: - ./config:/app/config # Make sure your local config directory exists - /var/run/docker.sock:/var/run/docker.sock # (optional) For docker integrations, see alternative methods environment: PUID: $PUID PGID: $PGIDconfig/bookmarks.yaml---config/services.yaml---# For configuration options and examples, please see:# https://gethomepage.dev/latest/configs/services# icons found here https://github.com/walkxcode/dashboard-icons- Hypervisor: - Proxmox: icon: proxmox.svg href: \"{{HOMEPAGE_VAR_PROXMOX_URL}}\" description: pve1 widget: type: proxmox url: \"{{HOMEPAGE_VAR_PROXMOX_URL}}\" username: \"{{HOMEPAGE_VAR_PROXMOX_USER}}\" password: \"{{HOMEPAGE_VAR_PROXMOX_API_KEY}}\" node: xing-01 - Proxmox: icon: proxmox.svg href: \"{{HOMEPAGE_VAR_PROXMOX_URL}}\" description: pve2 widget: type: proxmox url: \"{{HOMEPAGE_VAR_PROXMOX_URL}}\" username: \"{{HOMEPAGE_VAR_PROXMOX_USER}}\" password: \"{{HOMEPAGE_VAR_PROXMOX_API_KEY}}\" node: xing-02 - Proxmox: icon: proxmox.svg href: \"{{HOMEPAGE_VAR_PROXMOX_URL}}\" description: pve2 widget: type: proxmox url: \"{{HOMEPAGE_VAR_PROXMOX_URL}}\" username: \"{{HOMEPAGE_VAR_PROXMOX_USER}}\" password: \"{{HOMEPAGE_VAR_PROXMOX_API_KEY}}\" node: xing-03 - Proxmox: icon: proxmox.svg href: \"{{HOMEPAGE_VAR_PROXMOX_URL}}\" description: pve4 widget: type: proxmox url: \"{{HOMEPAGE_VAR_PROXMOX_URL}}\" username: \"{{HOMEPAGE_VAR_PROXMOX_USER}}\" password: \"{{HOMEPAGE_VAR_PROXMOX_API_KEY}}\" node: storinator- Containers: - Rancher: icon: rancher.svg href: \"{{HOMEPAGE_VAR_RACNHER_URL}}\" description: k8s - Longhorn: icon: longhorn.svg href: \"{{HOMEPAGE_VAR_LONGHORN_URL}}\" description: k8s storage - Portainer: icon: portainer.svg href: \"{{HOMEPAGE_VAR_PORTAINER_URL}}\" description: docker widget: type: portainer url: \"{{HOMEPAGE_VAR_PORTAINER_URL}}\" env: 2 key: \"{{HOMEPAGE_VAR_PORTAINER_API_KEY}}\"- DNS: - Pi-Hole1: icon: pi-hole.svg href: \"{{HOMEPAGE_VAR_PIHOLE_URL_1}}\" description: quasar widget: type: pihole url: \"{{HOMEPAGE_VAR_PIHOLE_URL_1}}\" key: \"{{HOMEPAGE_VAR_PIHOLE_API_KEY_1}}\" - Pi-Hole2: icon: pi-hole.svg href: \"{{HOMEPAGE_VAR_PIHOLE_URL_2}}\" description: blazar widget: type: pihole url: \"{{HOMEPAGE_VAR_PIHOLE_URL_2}}\" key: \"{{HOMEPAGE_VAR_PIHOLE_API_KEY_2}}\" - Pi-Hole3: icon: pi-hole.svg href: \"{{HOMEPAGE_VAR_PIHOLE_URL_3}}\" description: electron widget: type: pihole url: \"{{HOMEPAGE_VAR_PIHOLE_URL_3}}\" key: \"{{HOMEPAGE_VAR_PIHOLE_API_KEY_3}}\"- Network: - UniFi: icon: unifi.svg href: \"{{HOMEPAGE_VAR_UNIFI_NETWORK_URL}}\" description: network widget: type: unifi url: \"{{HOMEPAGE_VAR_UNIFI_NETWORK_URL}}\" username: \"{{HOMEPAGE_VAR_UNIFI_NETWORK_USERNAME}}\" password: \"{{HOMEPAGE_VAR_UNIFI_NETWORK_PASSWORD}}\" - Uptime Kuma: icon: uptime-kuma.svg href: \"{{HOMEPAGE_VAR_UPTIME_KUMA_URL}}\" description: internal widget: type: uptimekuma url: \"{{HOMEPAGE_VAR_UPTIME_KUMA_URL}}\" slug: home - Uptime Robot: icon: https://play-lh.googleusercontent.com/cUrv0t00FYQ1GKLuOTvv8qjo1lSDjqZC16IOp3Fb6ijew6Br5m4o16HhDp0GBu_Bw8Y=w240-h480-rw href: https://uptimerobot.com/dashboard description: external widget: type: uptimerobot url: https://api.uptimerobot.com key: \"{{HOMEPAGE_VAR_UPTIME_ROBOT_API_KEY}}\"- Storage: - TrueNAS: icon: truenas.svg href: \"{{HOMEPAGE_VAR_TRUENAS_URL}}\" description: scale widget: type: truenas url: \"{{HOMEPAGE_VAR_TRUENAS_URL}}\" key: \"{{HOMEPAGE_VAR_TRUENAS_API_KEY}}\" - MinIO: icon: minio.svg href: \"{{HOMEPAGE_VAR_MINIO_URL}}\" description: object storage- Media: - Plex: icon: plex.svg href: \"{{HOMEPAGE_VAR_PLEX_URL}}\" description: media server widget: type: plex url: \"{{HOMEPAGE_VAR_PLEX_URL}}\" key: \"{{HOMEPAGE_VAR_PLEX_API_TOKEN}}\" - Tautulli: icon: tautulli.svg href: \"{{HOMEPAGE_VAR_TAUTULLI_URL}}\" description: plex stats widget: type: tautulli url: \"{{HOMEPAGE_VAR_TAUTULLI_URL}}\" key: \"{{HOMEPAGE_VAR_TAUTULLI_API_KEY}}\" - HDHomerun: icon: hdhomerun.png href: \"{{HOMEPAGE_VAR_HDHOMERUN_URL}}\" description: flex 4k widget: type: hdhomerun url: \"{{HOMEPAGE_VAR_HDHOMERUN_URL}}\"- Remote Access: - PiKVM: icon: https://avatars.githubusercontent.com/u/41749659?s=200&v=4 href: \"{{HOMEPAGE_VAR_PIKVM_URL}}\" description: remote kvm - IPMI: icon: https://upload.wikimedia.org/wikipedia/commons/1/1d/Super_Micro_Computer_Logo.svg href: \"{{HOMEPAGE_VAR_IPMI_1_URL}}\" description: storinator - IPMI: icon: https://upload.wikimedia.org/wikipedia/commons/1/1d/Super_Micro_Computer_Logo.svg href: \"{{HOMEPAGE_VAR_IPMI_2_URL}}\" description: hl15 - Netboot: icon: https://netboot.xyz/img/nbxyz-laptop.gif href: \"{{HOMEPAGE_VAR_NETBOOT_URL}}\" description: network boot utility - Tripp Lite: icon: https://upload.wikimedia.org/wikipedia/commons/f/f9/Tripp_Lite_logo.svg href: \"{{HOMEPAGE_VAR_UPS_1_URL}}\" description: 1500 - Eaton: icon: https://cdn11.bigcommerce.com/s-fg272t4iw0/images/stencil/1280x1280/products/2549/2802/C-12556__63907.1557814942.jpg?c=2 href: \"{{HOMEPAGE_VAR_UPS_2_URL}}\" description: 5p- Home Automation: - Home Assistant: icon: home-assistant.svg href: \"{{HOMEPAGE_VAR_HOME_ASSISTANT_URL}}\" description: home widget: type: homeassistant url: \"{{HOMEPAGE_VAR_HOME_ASSISTANT_URL}}\" key: \"{{HOMEPAGE_VAR_HOME_ASSISTANT_API_KEY}}\" - UniFi: icon: https://play-lh.googleusercontent.com/DmgQvSdocOrGr0D0rxSBE9sqh23Fw3ck3BgKRN788cZnOKgcZlcEAFRYwmUbp6vMTVI href: \"{{HOMEPAGE_VAR_UNIFI_PROTECT_URL}}\" description: protect - Scryped: icon: https://www.scrypted.app/images/web_hi_res_512.png href: \"{{HOMEPAGE_VAR_SCRYPTED_URL}}\" description: mgmt console - Broadlink Control: icon: https://nwzimg.wezhan.net/contents/sitefiles3606/18030899/images/5430245.png href: \"{{HOMEPAGE_VAR_BROADLINK_CONTROL_URL}}\" description: light control- Other: - GitLab: icon: gitlab.svg href: https://gitlab.com description: source code - GitHub: icon: github.svg href: https://github.com description: source code - Shlink: icon: https://shlink.io/images/shlink-logo-blue.svg href: \"{{HOMEPAGE_VAR_SHLINK_URL}}\" description: dashboardconfig/settings.yaml---# For configuration options and examples, please see:# https://gethomepage.dev/latest/configs/settingstitle: Techno Tim Homepagebackground: image: https://cdnb.artstation.com/p/assets/images/images/006/897/659/large/mikael-gustafsson-wallpaper-mikael-gustafsson.jpg blur: sm # sm, md, xl... see https://tailwindcss.com/docs/backdrop-blur saturate: 100 # 0, 50, 100... see https://tailwindcss.com/docs/backdrop-saturate brightness: 50 # 0, 50, 75... see https://tailwindcss.com/docs/backdrop-brightness opacity: 100 # 0-100theme: darkcolor: slateuseEqualHeights: truelayout: Hypervisor: header: true style: row columns: 4 Containers: header: true style: row columns: 4 DNS: header: true style: row columns: 4 Network: header: true style: row columns: 4 Remote Access: header: true style: row columns: 4 Storage: header: true style: row columns: 4 Media: header: true style: row columns: 4 Home Automation: header: true style: row columns: 4 Other: header: true style: row columns: 4config/widgets.yaml---# For configuration options and examples, please see:# https://gethomepage.dev/latest/configs/service-widgets- resources: cpu: true memory: true disk: /- datetime: text_size: xl format: timeStyle: short.env Note: These variables will be replace in the configuration above. You will need to supply your own values here in your file.PUID=1000PGID=1000HOMEPAGE_VAR_PIHOLE_API_KEY_1=HOMEPAGE_VAR_PIHOLE_API_KEY_2=HOMEPAGE_VAR_PIHOLE_API_KEY_3=HOMEPAGE_VAR_PIHOLE_URL_1=HOMEPAGE_VAR_PIHOLE_URL_2=HOMEPAGE_VAR_PIHOLE_URL_3=HOMEPAGE_VAR_PLEX_URL=HOMEPAGE_VAR_PLEX_API_TOKEN=HOMEPAGE_VAR_TAUTULLI_URL=HOMEPAGE_VAR_TAUTULLI_API_KEY=HOMEPAGE_VAR_HDHOMERUN_URL=HOMEPAGE_VAR_HOME_ASSISTANT_URL=HOMEPAGE_VAR_HOME_ASSISTANT_API_KEY=HOMEPAGE_VAR_TRUENAS_URL=HOMEPAGE_VAR_TRUENAS_API_KEY=HOMEPAGE_VAR_UNIFI_NETWORK_URL=HOMEPAGE_VAR_UNIFI_NETWORK_USERNAME=HOMEPAGE_VAR_UNIFI_NETWORK_PASSWORD=HOMEPAGE_VAR_UNIFI_PROTECT_URL=HOMEPAGE_VAR_UPTIME_KUMA_URL=HOMEPAGE_VAR_MINIO_URL=HOMEPAGE_VAR_RACNHER_URL=HOMEPAGE_VAR_LONGHORN_URL=HOMEPAGE_VAR_PORTAINER_URL=HOMEPAGE_VAR_PORTAINER_API_KEY=HOMEPAGE_VAR_PROXMOX_URL=HOMEPAGE_VAR_PROXMOX_USER=HOMEPAGE_VAR_PROXMOX_API_KEY=HOMEPAGE_VAR_UPTIME_ROBOT_API_KEY=HOMEPAGE_VAR_SCRYPTED_URL=HOMEPAGE_VAR_PIKVM_URL=HOMEPAGE_VAR_NETBOOT_URL=HOMEPAGE_VAR_BROADLINK_CONTROL_URL=HOMEPAGE_VAR_IPMI_1_URL=HOMEPAGE_VAR_IPMI_2_URL=HOMEPAGE_VAR_UPS_1_URL=HOMEPAGE_VAR_UPS_2_URL=HOMEPAGE_VAR_SHLINK_URL=Kubernetes ConfigHere’s my Kubernetes config!deployment.yaml---apiVersion: apps/v1kind: Deploymentmetadata: name: homepage namespace: default labels: app: homepage annotations: reloader.stakater.com/auto: \"true\"spec: selector: matchLabels: app: homepage replicas: 3 progressDeadlineSeconds: 600 revisionHistoryLimit: 1 strategy: type: RollingUpdate rollingUpdate: maxUnavailable: 25% maxSurge: 1 template: metadata: labels: app: homepage annotations: deploy-date: \"deploy-date-value\" spec: containers: - name: homepage image: ghcr.io/gethomepage/homepage:v0.8.4 resources: requests: memory: 128Mi cpu: 200m envFrom: - secretRef: name: homepage-secret ports: - containerPort: 3000 name: http readinessProbe: httpGet: path: / port: http initialDelaySeconds: 60 periodSeconds: 10 failureThreshold: 5 timeoutSeconds: 5 livenessProbe: httpGet: path: / port: http initialDelaySeconds: 10 periodSeconds: 10 timeoutSeconds: 5 volumeMounts: - mountPath: /app/config/custom.js name: homepage-config subPath: custom.js - mountPath: /app/config/custom.css name: homepage-config subPath: custom.css - mountPath: /app/config/bookmarks.yaml name: homepage-config subPath: bookmarks.yaml - mountPath: /app/config/docker.yaml name: homepage-config subPath: docker.yaml - mountPath: /app/config/kubernetes.yaml name: homepage-config subPath: kubernetes.yaml - mountPath: /app/config/services.yaml name: homepage-config subPath: services.yaml - mountPath: /app/config/settings.yaml name: homepage-config subPath: settings.yaml - mountPath: /app/config/widgets.yaml name: homepage-config subPath: widgets.yaml - mountPath: /app/config/logs name: logs volumes: - name: homepage-config configMap: name: homepage - name: logs emptyDir: {} topologySpreadConstraints: - maxSkew: 1 topologyKey: topology.kubernetes.io/zone whenUnsatisfiable: DoNotSchedule labelSelector: matchLabels: app: homepageconfig.yamlapiVersion: v1kind: ConfigMapmetadata: name: homepage namespace: default labels: app: homepagedata: kubernetes.yaml: | mode: cluster settings.yaml: | title: Techno Tim Homepage background: image: https://cdnb.artstation.com/p/assets/images/images/006/897/659/large/mikael-gustafsson-wallpaper-mikael-gustafsson.jpg blur: sm # sm, md, xl... see https://tailwindcss.com/docs/backdrop-blur saturate: 100 # 0, 50, 100... see https://tailwindcss.com/docs/backdrop-saturate brightness: 50 # 0, 50, 75... see https://tailwindcss.com/docs/backdrop-brightness opacity: 100 # 0-100 theme: dark color: slate useEqualHeights: true layout: Hypervisor: header: true style: row columns: 4 Containers: header: true style: row columns: 4 DNS: header: true style: row columns: 4 Network: header: true style: row columns: 4 Remote Access: header: true style: row columns: 4 Storage: header: true style: row columns: 4 Media: header: true style: row columns: 4 Home Automation: header: true style: row columns: 4 Other: header: true style: row columns: 4 custom.css: \"\" custom.js: \"\" bookmarks.yaml: \"\" services.yaml: | - Hypervisor: - Proxmox: icon: proxmox.svg href: \"{{HOMEPAGE_VAR_PROXMOX_URL}}\" description: pve1 widget: type: proxmox url: \"{{HOMEPAGE_VAR_PROXMOX_URL}}\" username: \"{{HOMEPAGE_VAR_PROXMOX_USER}}\" password: \"{{HOMEPAGE_VAR_PROXMOX_API_KEY}}\" node: xing-01 - Proxmox: icon: proxmox.svg href: \"{{HOMEPAGE_VAR_PROXMOX_URL}}\" description: pve2 widget: type: proxmox url: \"{{HOMEPAGE_VAR_PROXMOX_URL}}\" username: \"{{HOMEPAGE_VAR_PROXMOX_USER}}\" password: \"{{HOMEPAGE_VAR_PROXMOX_API_KEY}}\" node: xing-02 - Proxmox: icon: proxmox.svg href: \"{{HOMEPAGE_VAR_PROXMOX_URL}}\" description: pve2 widget: type: proxmox url: \"{{HOMEPAGE_VAR_PROXMOX_URL}}\" username: \"{{HOMEPAGE_VAR_PROXMOX_USER}}\" password: \"{{HOMEPAGE_VAR_PROXMOX_API_KEY}}\" node: xing-03 - Proxmox: icon: proxmox.svg href: \"{{HOMEPAGE_VAR_PROXMOX_URL}}\" description: pve4 widget: type: proxmox url: \"{{HOMEPAGE_VAR_PROXMOX_URL}}\" username: \"{{HOMEPAGE_VAR_PROXMOX_USER}}\" password: \"{{HOMEPAGE_VAR_PROXMOX_API_KEY}}\" node: storinator - Containers: - Rancher: icon: rancher.svg href: \"{{HOMEPAGE_VAR_RACNHER_URL}}\" description: k8s - Longhorn: icon: longhorn.svg href: \"{{HOMEPAGE_VAR_LONGHORN_URL}}\" description: k8s storage - Portainer: icon: portainer.svg href: \"{{HOMEPAGE_VAR_PORTAINER_URL}}\" description: docker widget: type: portainer url: \"{{HOMEPAGE_VAR_PORTAINER_URL}}\" env: 2 key: \"{{HOMEPAGE_VAR_PORTAINER_API_KEY}}\" - DNS: - Pi-Hole1: icon: pi-hole.svg href: \"{{HOMEPAGE_VAR_PIHOLE_URL_1}}\" description: quasar widget: type: pihole url: \"{{HOMEPAGE_VAR_PIHOLE_URL_1}}\" key: \"{{HOMEPAGE_VAR_PIHOLE_API_KEY_1}}\" - Pi-Hole2: icon: pi-hole.svg href: \"{{HOMEPAGE_VAR_PIHOLE_URL_2}}\" description: blazar widget: type: pihole url: \"{{HOMEPAGE_VAR_PIHOLE_URL_2}}\" key: \"{{HOMEPAGE_VAR_PIHOLE_API_KEY_2}}\" - Pi-Hole3: icon: pi-hole.svg href: \"{{HOMEPAGE_VAR_PIHOLE_URL_3}}\" description: electron widget: type: pihole url: \"{{HOMEPAGE_VAR_PIHOLE_URL_3}}\" key: \"{{HOMEPAGE_VAR_PIHOLE_API_KEY_3}}\" - Network: - UniFi: icon: unifi.svg href: \"{{HOMEPAGE_VAR_UNIFI_NETWORK_URL}}\" description: network widget: type: unifi url: \"{{HOMEPAGE_VAR_UNIFI_NETWORK_URL}}\" username: \"{{HOMEPAGE_VAR_UNIFI_NETWORK_USERNAME}}\" password: \"{{HOMEPAGE_VAR_UNIFI_NETWORK_PASSWORD}}\" - Uptime Kuma: icon: uptime-kuma.svg href: \"{{HOMEPAGE_VAR_UPTIME_KUMA_URL}}\" description: internal widget: type: uptimekuma url: \"{{HOMEPAGE_VAR_UPTIME_KUMA_URL}}\" slug: home - Uptime Robot: icon: https://play-lh.googleusercontent.com/cUrv0t00FYQ1GKLuOTvv8qjo1lSDjqZC16IOp3Fb6ijew6Br5m4o16HhDp0GBu_Bw8Y=w240-h480-rw href: https://uptimerobot.com/dashboard description: external widget: type: uptimerobot url: https://api.uptimerobot.com key: \"{{HOMEPAGE_VAR_UPTIME_ROBOT_API_KEY}}\" - Storage: - TrueNAS: icon: truenas.svg href: \"{{HOMEPAGE_VAR_TRUENAS_URL}}\" description: scale widget: type: truenas url: \"{{HOMEPAGE_VAR_TRUENAS_URL}}\" key: \"{{HOMEPAGE_VAR_TRUENAS_API_KEY}}\" - MinIO: icon: minio.svg href: \"{{HOMEPAGE_VAR_MINIO_URL}}\" description: object storage - Media: - Plex: icon: plex.svg href: \"{{HOMEPAGE_VAR_PLEX_URL}}\" description: media server widget: type: plex url: \"{{HOMEPAGE_VAR_PLEX_URL}}\" key: \"{{HOMEPAGE_VAR_PLEX_API_TOKEN}}\" - Tautulla: icon: tautulli.svg href: \"{{HOMEPAGE_VAR_TAUTULLI_URL}}\" description: plex stats widget: type: tautulli url: \"{{HOMEPAGE_VAR_TAUTULLI_URL}}\" key: \"{{HOMEPAGE_VAR_TAUTULLI_API_KEY}}\" - HDHomerun: icon: hdhomerun.png href: \"{{HOMEPAGE_VAR_HDHOMERUN_URL}}\" description: flex 4k widget: type: hdhomerun url: \"{{HOMEPAGE_VAR_HDHOMERUN_URL}}\" - Remote Access: - PiKVM: icon: https://avatars.githubusercontent.com/u/41749659?s=200&v=4 href: \"{{HOMEPAGE_VAR_PIKVM_URL}}\" description: remote kvm - IPMI: icon: https://upload.wikimedia.org/wikipedia/commons/1/1d/Super_Micro_Computer_Logo.svg href: \"{{HOMEPAGE_VAR_IPMI_1_URL}}\" description: storinator - IPMI: icon: https://upload.wikimedia.org/wikipedia/commons/1/1d/Super_Micro_Computer_Logo.svg href: \"{{HOMEPAGE_VAR_IPMI_2_URL}}\" description: hl15 - Netboot: icon: https://netboot.xyz/img/nbxyz-laptop.gif href: \"{{HOMEPAGE_VAR_NETBOOT_URL}}\" description: network boot utility - Tripp Lite: icon: https://upload.wikimedia.org/wikipedia/commons/f/f9/Tripp_Lite_logo.svg href: \"{{HOMEPAGE_VAR_UPS_1_URL}}\" description: 1500 - Eaton: icon: https://cdn11.bigcommerce.com/s-fg272t4iw0/images/stencil/1280x1280/products/2549/2802/C-12556__63907.1557814942.jpg?c=2 href: \"{{HOMEPAGE_VAR_UPS_2_URL}}\" description: 5p - Home Automation: - Home Assistant: icon: home-assistant.svg href: \"{{HOMEPAGE_VAR_HOME_ASSISTANT_URL}}\" description: home widget: type: homeassistant url: \"{{HOMEPAGE_VAR_HOME_ASSISTANT_URL}}\" key: \"{{HOMEPAGE_VAR_HOME_ASSISTANT_API_KEY}}\" - UniFi: icon: https://play-lh.googleusercontent.com/DmgQvSdocOrGr0D0rxSBE9sqh23Fw3ck3BgKRN788cZnOKgcZlcEAFRYwmUbp6vMTVI href: \"{{HOMEPAGE_VAR_UNIFI_PROTECT_URL}}\" description: protect - Scryped: icon: https://www.scrypted.app/images/web_hi_res_512.png href: \"{{HOMEPAGE_VAR_SCRYPTED_URL}}\" description: mgmt console - Broadlink Control: icon: https://nwzimg.wezhan.net/contents/sitefiles3606/18030899/images/5430245.png href: \"{{HOMEPAGE_VAR_BROADLINK_CONTROL_URL}}\" description: light control - Other: - GitLab: icon: gitlab.svg href: https://gitlab.com description: source code - GitHub: icon: github.svg href: https://github.com description: source code - Shlink: icon: https://shlink.io/images/shlink-logo-blue.svg href: \"{{HOMEPAGE_VAR_SHLINK_URL}}\" description: dashboard widgets.yaml: | - resources: cpu: true memory: true disk: / - datetime: text_size: xl format: timeStyle: short docker.yaml: \"\"secret.yamlkind: SecretapiVersion: v1type: Opaquemetadata: name: homepage-secret namespace: defaultstringData: HOMEPAGE_VAR_PIHOLE_API_KEY_1: \"\" HOMEPAGE_VAR_PIHOLE_API_KEY_2: \"\" HOMEPAGE_VAR_PIHOLE_API_KEY_3: \"\" HOMEPAGE_VAR_PIHOLE_URL_1: \"\" HOMEPAGE_VAR_PIHOLE_URL_2: \"\" HOMEPAGE_VAR_PIHOLE_URL_3: \"\" HOMEPAGE_VAR_PLEX_url: \"\" HOMEPAGE_VAR_PLEX_API_TOKEN: \"\" HOMEPAGE_VAR_TAUTULLI_url: \"\" HOMEPAGE_VAR_TAUTULLI_API_key: \"\" HOMEPAGE_VAR_HDHOMERUN_url: \"\" HOMEPAGE_VAR_HOME_ASSISTANT_url: \"\" HOMEPAGE_VAR_HOME_ASSISTANT_API_key: \"\" HOMEPAGE_VAR_TRUENAS_url: \"\" HOMEPAGE_VAR_TRUENAS_API_key: \"\" HOMEPAGE_VAR_UNIFI_NETWORK_url: \"\" HOMEPAGE_VAR_UNIFI_NETWORK_username: \"\" HOMEPAGE_VAR_UNIFI_NETWORK_password: \"\" HOMEPAGE_VAR_UNIFI_PROTECT_url: \"\" HOMEPAGE_VAR_UPTIME_KUMA_url: \"\" HOMEPAGE_VAR_MINIO_url: \"\" HOMEPAGE_VAR_RACNHER_url: \"\" HOMEPAGE_VAR_LONGHORN_url: \"\" HOMEPAGE_VAR_PORTAINER_url: \"\" HOMEPAGE_VAR_PORTAINER_API_key: \"\" HOMEPAGE_VAR_PROXMOX_url: \"\" HOMEPAGE_VAR_PROXMOX_USER: \"\" HOMEPAGE_VAR_PROXMOX_API_key: \"\" HOMEPAGE_VAR_UPTIME_ROBOT_API_key: \"\" HOMEPAGE_VAR_SCRYPTED_url: \"\" HOMEPAGE_VAR_PIKVM_url: \"\" HOMEPAGE_VAR_NETBOOT_url: \"\" HOMEPAGE_VAR_BROADLINK_CONTROL_url: \"\" HOMEPAGE_VAR_IPMI_1_url: \"\" HOMEPAGE_VAR_IPMI_2_url: \"\" HOMEPAGE_VAR_UPS_1_url: \"\" HOMEPAGE_VAR_UPS_2_url: \"\" HOMEPAGE_VAR_SHLINK_url: \"\"Join the conversationI finally replaced my homepage Dashboard!https://t.co/e571uMSQ89 pic.twitter.com/eN5sFrsVyN— Techno Tim (@TechnoTimLive) January 15, 2024Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "HomeLab Services Tour 2024 - What Am I Self Hosting?", "url": "/posts/homelab-services-tour-2024/", "categories": "homelab", "tags": "homelab, hardware, network, server, self-hosted, kubernetes, k3s, linux", "date": "2024-01-04 07:00:00 -0600", "snippet": "What a year of self-hosting! Join me as we walk though my entire infrastructure and services that I have running in my HomeLab! This time I also include network diagrams and dive deep into which ...", "content": "What a year of self-hosting! Join me as we walk though my entire infrastructure and services that I have running in my HomeLab! This time I also include network diagrams and dive deep into which services I have running, where they are running, and why I chose them!📺 Watch VideoIn case you missed it, check out my HomeLab Hardware Tour (late 2023)!Logical Network DiagramHere is the diagram for my network!A logical Network Diagram of my HomeLab including VLANs and serversSince many have asked, I use Figma to design my network diagrams. (affiliate link but they have a free plan)Services I useHere’s a breakdown of all the services I useDashboardSites: HeimdallTutorials: Meet Heimdall, Your Homelab Application DashboardHypervisorSites: ProxmoxTutorials: Before I do anything on Proxmox, I do this first…StorageSites: TrueNAS SCALE MinIOTutorials: TrueNAS Scale Apps - Official, Unofficial, Docker, and Kubernetes The EASIEST way to Expand Your ZFS Pool in TrueNAS (But is it the Best?)DNSSites: PiHole Cloudflare Tutorials: Automate Cloudflare with Terraform and GitHub Actions! - Terraform Tutorial for Beginners High Availability Pi-Hole? Yes please! Is adding 3 MILLION domains to your Pi-Hole Block List a good thing?Network ManagementSites: UniFi Network Controller (affiliate link)Tutorials: Setting up your UniFi Express Configuring VLANs, Firewall Rules, and WiFi Networks - UniFi Network ApplicationHome SecuritySites: UniFi Protect (affiliate link)Tutorials: My HUGE Home Security UpgradeContainerizationSites: k3s Portainer RancherTutorials: Fully Automated K3S etcd High Availability Install High Availability Rancher on Kubernetes How to Update Portainer Fast, Simple, and Easy GuideGitOpsSites: Flux RenovateTutorials: The FASTEST way to deploy apps to Kubernetes - GitOps with FLUX Meet Renovate - Your Update Automation Bot for Kubernetes and More! Encrypt Your Sensitive Information Before Storing It - Encrypting with Mozilla SOPS and AGEReverse Proxy (and Ingress Controller)Sites: Traefik cert-managerTutorials: Wildcard Certificates with Traefik + cert-manager + Let’s Encrypt in Kubernetes Tutorial Put Wildcard Certificates and SSL on EVERYTHINGMonitoring & LoggingSites: Uptime Kuma Uptime Robot (affiliate link)Tutorials: Meet Uptime Kuma, a Fancy Open Source Uptime Monitor for all your HomeLab Monitoring NeedsData VisualizationSites: Loki Grafana Prometheus Alert managerTutorials: Meet Grafana LOKI, a Log Aggregation System for Everything Installing Grafana Loki with Helm on Kubernetes Beautiful Dashboards with Grafana and Prometheus - Monitoring Kubernetes Tutorial Monitoring Your Kubernetes Cluster with Grafana, Prometheus, and Alertmanager (Rancher Monitoring)Home AutomationSites: Home Assistant Scrypted Broadlink ControlTutorials: Home Assistant on Docker and Kubernetes (Open Source Home Automation) Meet Scrypted - Stream ANY Camera to ANY Home Hub I Built Something for Your Homelab… (Broadlink Control)Data SynchronizationSites: SyncThingLinks PageSites: littlelink-serverTutorials: Self-Hosted, DIY, Open Source Alternative to LinktreeLink ShortenerSites: ShlinkMedia ServerSites: PlexTutorials: Turn Plex into a Powerful DVRPower ManagementSites: NUT Server Automated NUT installTutorials: Network UPS Tools (NUT) Ultimate Guide Automated NUT Server InstallContent Management Systems (CMS)Sites: Wordpress Ghost Blog WikiJSStatic Site Generators (SSG)Sites: Jekyll HugoTutorials: Meet Jekyll - The Static Site GeneratorContinuous Integration / Continuous Delivery (CI /CD)Sites: GitLab GitHubTutorials: Build & Deploy Your Own Code in Your Homelab!Everything else…Sites: Longhorn Netboot.xyz much, much more!Tutorials: Cloud Native Distributed Storage in Kubernetes with Longhorn Meet netboot xyz - Network Boot Any Operating System much, much more!Join the conversationWhat a year of self-hosting! Join me as we walk though my entire infrastructure and services that I have running in my HomeLab! https://t.co/9b2hGFzoPz pic.twitter.com/zqEVKy8rhy— Techno Tim (@TechnoTimLive) January 4, 2024(Affiliate links may be included in this description. I may receive a small commission at no cost to you.)Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "UniFi Pro Max Switches & Etherlighting™ Patch Cables!", "url": "/posts/unifi-pro-max/", "categories": "network", "tags": "hardware, unifi, network", "date": "2023-12-15 07:00:00 -0600", "snippet": "Introducing the UniFi Pro Max 24 PoE and UniFi Etherlighting™ Patch Cables from Ubiquiti! We’ll discuss what makes this switch unique, how they are different from the existing pro line, and even t...", "content": "Introducing the UniFi Pro Max 24 PoE and UniFi Etherlighting™ Patch Cables from Ubiquiti! We’ll discuss what makes this switch unique, how they are different from the existing pro line, and even take a close look at their new cables that are meant for this switch. Is it useful or just a gimmick?📺 Watch VideoDisclosures: I was sent a UniFi Pro Max PoE and cables for evaluation I was not paidJoin the conversationThis past week I got to test out a Switch with RGB from Ubiquiti, yes RGB. They call it Etherlighting and have even made their own patch cables to emphasis the effect.Are they any good?👉https://t.co/DhOY0XBtz6 pic.twitter.com/7yOXZSK5a3— Techno Tim (@TechnoTimLive) December 15, 2023Where to Buy UniFi Pro Max Switches https://l.technotim.live/ubiquiti(Affiliate links may be included in this description. I may receive a small commission at no cost to you.)Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "HomeLab Hardware Tour! (Late 2023)", "url": "/posts/homelab-hardware-tour-2023/", "categories": "homelab", "tags": "homelab, hardware, network, server, server-rack", "date": "2023-12-08 07:00:00 -0600", "snippet": "Well, here it is! My Late 2023 Server Rack and HomeLab tour! I’ve upgraded, replaced, added, and consolidated quite a bit since my last tour! New servers, new networking, UPS, cabling, power man...", "content": "Well, here it is! My Late 2023 Server Rack and HomeLab tour! I’ve upgraded, replaced, added, and consolidated quite a bit since my last tour! New servers, new networking, UPS, cabling, power management, and more new tech on the wall!📺 Watch VideoIn case you missed it, check out my HomeLab Services Tour (2024)!Join the conversationIt's time of year again! Time for my Server Rack and HomeLab tour! If you've ever wondered what servers, networking, and even low power PCs I am running in my setup, check it out!👉https://t.co/IolyDljMuq pic.twitter.com/jo1qzchS8S— Techno Tim (@TechnoTimLive) December 8, 2023Where to BuyRack & Accessories 32u Rack https://amzn.to/3TlhdXb D Ring Hooks https://amzn.to/3FSxk5Y 1u Brush Panels https://amzn.to/3hKNiaf 1u Rack Mount Full Depth Shelf https://amzn.to/3jrm5Kp Right Angle Extension Cord https://amzn.to/3Wl7gay Black Outlet Covers https://amzn.to/3jrf7Vu UniFi SmartPower PDU Pro https://l.technotim.live/ubiquitiNetwork Patch Panel https://amzn.to/3YIKtHq Wall Mount Patch Panel https://amzn.to/3WyvnCk Slim Network Cables https://amzn.to/3kbYV85 SFP+ Dust Covers https://amzn.to/3TmGfou SFP+ DAC https://amzn.to/3TajUut UniFi Flex https://l.technotim.live/ubiquiti UDM SE https://l.technotim.live/ubiquiti UDM Pro https://l.technotim.live/ubiquiti UniFi 48 Port Enterprise https://l.technotim.live/ubiquitiServers & Accessories SuperMicro 1u Servers https://amzn.to/3YBQy8u SuperMicro 1u Servers (Used) https://www.ebay.com/sch/i.html?_nkw=SuperMicro+813M-3+SYS-5018R-M+Server+NO+HDD%2FOS+Boots&mkcid=1&mkrid=711-53200-19255-0&siteid=0&campid=5338780159&customid=&toolid=10001&mkevt=1 1 TB Samsung SSDs https://amzn.to/41gNbWu 14 TB Exos Seagate Drives https://amzn.to/3GbtXsk 14 TB Exos Seagate Drives (Used) https://www.ebay.com/itm/115776895931?mkcid=1&mkrid=711-53200-19255-0&siteid=0&campid=5338780159&customid=&toolid=10001&mkevt=1 PC Conversion Case https://amzn.to/3YGXx03 Smart ZigBee LED Controller https://amzn.to/3jtCpKI Cooler Master SickleFlow 120mm RGB Fans https://amzn.to/3I68AtA DDR-4 for AV15 & HL15 (used) https://www.ebay.com/sch/i.html?_from=R40&_trksid=R40&_nkw=MTA18ASF2G72PDZ-3G2R1&_sacat=0&mkcid=1&mkrid=711-53200-19255-0&siteid=0&campid=5338780159&customid=&toolid=10001&mkevt=1Accessories Axxtra Power Strip https://amzn.to/3qbzIhT Eaton 5P1500R UPS https://amzn.to/3OC2D90 Tripp Lite 2200VA 1920W UPS Smart 2U Rackmount https://amzn.to/3XrnC2q Tripp Lite BP36V15-2U Smart UPS 36V 2U Rackmount External Battery Pack https://amzn.to/3XxwBzd APC 1500VA UPS https://amzn.to/3GXLJh6 APC 600 VA UPS https://amzn.to/3mMxsM1 Wall Control Galvanized Steel Pegboard https://amzn.to/3bJ8R4s Elgato Key Light Mini https://amzn.to/41d9Fre Hue Light Strip https://amzn.to/3I124o3 Hue Motion & Temp https://amzn.to/3qb1FXf Hue v2 Dimmer Switch https://amzn.to/3hH6pCh Hue Smart Bulb Starter Kit https://amzn.to/3jljCRA Nest Protect https://amzn.to/3hMZcR8 Cloud Lamp https://amzn.to/3GZji24 Fire Extinguisher https://amzn.to/3GeB2s4Over the Air TV Gear (Plex or JellyFin) TV Tuner that supports 4K and up to 4 streams!: https://amzn.to/3r1v3SL TV Tuner that supports 2 streams: https://amzn.to/3EKeGx5 Flat Indoor Antenna: https://amzn.to/3Z5AQmR Indoor Outdoor Antenna with 60+ mile range!: https://amzn.to/3sHLST3 Adjustable Gain TV Antenna Preamplifier with LTE Filter: https://amzn.to/3LgwB26 LTE / 5G Filter: https://amzn.to/3Pax72J Antenna Splitter with Power Passthrough: https://amzn.to/3sLTZy4 Solid Copper Coax Cable (NOT copper clad): https://amzn.to/3r3fhqk LTE / 5G Filter Alternative: https://amzn.to/489SHvZIntel NUC Mini Cluster Intel NUC 11 https://amzn.to/43TK8nS Intel NUC 12 https://amzn.to/3MZjC6C SAMSUNG 980 PRO SSD 2TB PCIe NVMe https://amzn.to/41vUOrk SAMSUNG 870 EVO SATA https://amzn.to/3KQMriU G.Skill RipJaws DDR4 SO-DIMM Series 64GB https://amzn.to/3AlstI8 Rackmount Kit Mk1 Manufacturing - https://www.mk1manufacturing.com/cart.php(Affiliate links may be included in this description. I may receive a small commission at no cost to you.)Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "Setting up your UniFi Express", "url": "/posts/unifi-express/", "categories": "network", "tags": "hardware, unifi, network", "date": "2023-11-29 07:00:00 -0600", "snippet": "The UniFi Express from Ubiquiti is here and it’s going to shake up how we connect small and home networks. It’s a gateway that has WiFi 6 that runs the UniFi network application and can transform ...", "content": "The UniFi Express from Ubiquiti is here and it’s going to shake up how we connect small and home networks. It’s a gateway that has WiFi 6 that runs the UniFi network application and can transform into an access point or mesh when your network grows. We’ll be taking a look at this device, its features, how to configure and manage it, and discuss all the uses cases for this versatile device.📺 Watch VideoDisclosures: I was not paid I was sent UniFi Express devices for reviewWhat is the UniFi Express?Introducing the UniFi ExpressThis newly released UniFi Express device is here and it’s here to shake up small networks. It’s a device that’s flexible enough to be used in just about any situation and comes in a small compact form factor with a small footprint. It’s a compact device that can act as a gateway and provide WiFI 6 to power your entire network, or can transform into a mesh device to expand your wireless network, or you can add it to an existing network and run it in access point only mode. Yes, it’s that flexible.If you’ve not yet experienced UniFi’s network app and wireless access points, this might be the best entry point for you, and if you’re already using devices in their ecosystem, this can fight seamlessly with your existing network deployments.SpecsIt has a nice little LCM screen that can display useful informationIt’s a small compact device that’s all white. It measures about 3 ½ inches long and wide, and sits only about an inch high. It’s made of plastic but has an aluminum bottom, I assume to help dissipate heat. It’s powered by USB C Has 2 network interfaces, a gigabit LAN port and a gigabit WAN port. It has 2x2 2.4 GHz MIMO support and 2x2 5 GHz MIMO support which has a max throughput rate of 573 Mb/s for 2.4 Ghz and 2.4 Gb/s for 5 Ghz. It supports most WiFi standards including WiFi6, and supports the typical WiFi security WPA standards from enterprise all the way up to WPA3. It supports up to 8 unique SSIDS and can service over 60 clients at once, all from this little device. It also has this awesome LCM screen that displays the network status reported by the UniFi network application.Setting up this device is easy too.Setting up / Network AppAfter powering it on you’ll want to adopt this device. It has bluetooth built in so you can adopt it if you have an existing unifi device on your network that also has bluetooth, or even easier from the UniFi network app on your phone.Then you have the choice of setting up a new system, which is what we’ll choose, but you can also add this to an existing system which we’ll talk about later.You’ll name your device and set up WiFi, and then it will set up this device for you automatically.It will prepare the system for a few minutes and after that you’ll be able to connect to your newly created wifi network.Once you’re connected, you can choose to manage the UniFi network via mobile app, or even the web.If you want to manage this from the cloud you can do this easily in the UniFi site manager. Once you land there you should see your UniFi Express ad clicking on that will bring you to the Network manager app.If you’re familiar with the UniFi network app, you’ll feel right at home because it’s the same network application you’re used to with other UniFi products. But if you’re not, we’ll walk through some of the highlights of the application so you can understand how you can use your UniFi express.DashboardIt comes with the UniFi DashboardThis is going to give you a heads up display of your network health and statistics. First we’ll need to turn on dark mode, there that’s better. The dashboard is great for seeing how your network is doing at a glance. From here you can drill into the different aspects of your network or for example if you wanted to see why this device is the most active, you can drill into it, see details and insights about the device, and even test the latency right from here.You can also discover these features using the navigation on the left.TopologyTopology shows how data flows through your networkTopology will show you your network typology and how each device connects to your network. It also has this cool visualization of how traffic flows through your network, I would watch that all day.UniFi DevicesThis section shows all of your UniFi devicesThe unifi devices will just show your unifi devices on the network. This will look pretty bare with only a unifi express but if you have a more complicated network like I do at home, you can visually see how each device is connected. We’ll make this light up a little later with another device, and even create a mesh network with that additional device just waiting to be adopted.Client DevicesThis section shows all of your client devices, non-UniFi devicesIn the client devices section you will see all of your client devices, your non unifi devices that are connected to the network. You’ll also see some more details about each device and you can always drill into each to see more information about them.For example we can see that this device here is connected to the unifi express, using WiFI 6, and the connection is excellent. And here, again, you see insights, settings, and even test the latency for the device.PortsThis section shows the port manager. The UniFi express only has 2.In the ports section you see the port manager for each device. This is where you can manage the ports on your device. With the unifi express, we only have 2 ports. 1 LAN and One LAN. As far as port management goes on the WAN device, we can only manage the negotiation, but on the LAN side we can manage all aspects of the port.We can rename it, disable it or enable it, we can change the VLAN (if we had more set up, which we’ll do in a bit) Allow or block tagged VLANs, and even some advanced configurations/RadiosThis section shows the radio manager.The radios section is where you will get lots of wireless insights. You can see which network you are managing and other information. But if you look at the top this is where you will see some really interesting insights. Coverage is going to show you how dense your network is compared to the clients that are connecting. This is helpful because it will let you know if clients are too far away and if adding another AP is recommended. Connectivity is going to show you if any clients have connectivity issues which is super helpful if some of your clients have issues connecting.This section shows other SSIDs in the areaEnvironment is going to show you all of the other networks in your area. This is really helpful for choosing your network channels for WiFi, something that UniFi can do for you automatically that we’ll see later. And speed tests are where all of your client speed tests are. This is a hidden gem and yet another reason I love UniFi products.WiFiMan is a great app that works with UniFi network application to test your network and save the resultsThey have great mobile apps like WiFi man. WiFI man will help you test your network speeds from the client to the internet, check your WiFI signal, and even help you connect your device to VPN. Once you run a speed test on your device, the results will be stored in the Speed Tests section so you can compare results later.GatewayGateway shows which clients are using which services across your entire networkThe gateway section is going to show some of the metrics from your gateway. This includes classification of services being used across your network. You can see which apps, services, and protocols along with the amount of data they are using.System LogIn the system log section you can see different types of alerts and logs for your device and even manage push notifications for alerts.SettingsIn the settings section is where you can find all of the configuration options for your network.WiFiIn the wifi section you can create new networks, like a guest network in just a couple of clicks. You have a whole host of options for configuring wireless networks here.One of the other options you might have seen in the WiFi section is the option to optimize now. This option scans for wireless networks and tries to find the best wifi channel for you to use. I would recommend doing this right away, and then again on a schedule which we’ll cover in a bit.NetworksIn the network sections this is where you will configure some advanced options like VLANs. I won’t cover this here because I’ve already covered this in depth in a video, but this is where you would do it.InternetThe internet section is for configuring some of your WAN options, things like static IP addresses, dynamic DNS, and others can be configured here.VPNThe next section is for VPN and that’s where this device really gets awesome, not that it wasn’t already, but you can set up Teleport, which is UniFi’s 0 configuration VPN we talked about earlier with the WiFi Man app which will allow you to create a VPN connection just by sending a link. It’s super handy. If you don’t want to go that route you have your more traditional methods for doing that, with WireGuard, OpenVPN, and L2TP. You can also configure this to be a VPN client of another network, or set up a site to site VPN connecting this network to another network. Again, these are the same options you see across all unifi devices that support the UniFi network app.SecurityIn the security section you do see a slight difference between this device and some of their other devices. This device does have IDS and IPS so you’re going to see any configuration options there. IDS and IPS will help detect and block different security volitions based on rules and heuristics. You do see this option on devices like the UDM pro but it’s missing on this device.I think the reason for this is: cost performance make it more modularIt seems they are breaking this up a bit but we’ll cover this a little later. But here we can configure general security including ad blocking and country blocking, traffic rules that can apply to different categories, port forwarding, probably the most important thing in this section, firewall rules for your VLANs and your WAN.RoutingWe also have routing which is for creating static routesProfilesProfiles where you get to create groups and settings that can be applied to ports, speed limits, RADIUS users, and IPs.SystemAnd lastly in System we can change UI settings, schedule automatic updates, schedule automatic backups, and turn on some additional services in the advanced section.Who is this for MeshingUse CasesAfter looking at all of the features that are supported in the UniFi network application and those that aren’t, you might be wondering who this device is for. The more I thought about this the more use cases I came up with!Small Business / Small NetworksFirst of all, it’s obvious that this is for any small business that wants a low cost but powerful network management with WiFi 6. It lets you create and manage a new site with vpn capabilities for a fraction of the cost of a typical deployment and on top of that it gives you WiFi 6. It then allows you to expand the network by adding additional switches and other UniFi access points.And if that site expands in the future, you can add additional UniFi Express devices that can act as an access point only and even mesh mode. That’s right, if you adopt this device to a network that already has a network controller running it will run in access point mode allowing you to extend your wifi range.Existing NetworksThis also works for existing UniFi networks. Say for instance you have a network set up already and want to add a simple, small access point, you can plug this in, adapt it to your existing network, and have a wifi range extender in minutes.Remote WorkersThis is great for remote workers too, since it can connect back to your corporate network with a VPN connection.Home NetworkUniFi express is an easy recommendation for home useThis could also be used at home for the home user. It’s more device than most will even need at home but provides a simple way to create a mesh network at home. You can start with one and expand as you need. And a majority of home users only use wireless anyway so the fact that it only has one network port is fine for most people.Mesh Network for ExpansionThis also applies to anyone that has a Dream Router that wants to add some more coverage to their network without running ethernet cables and worrying about Power over ethernet. With an express you just plug one of these in, mesh it, and you’ve expanded your network. This is really helpful if you also have UniFi Protect Wireless cameras or DoorBells that aren’t near your router.Remote Tech SupportAnd a few personal use cases that I’ve thought about are installing one of these at my family’s house for the occasional remote support that comes up every now and then. This makes troubleshooting their networks remotely so much easier than walking them through it.Travel RouterThis might replace my travel router… time will tellAnd lastly something that I plan to use this for is for my travel router. I’ve always wanted a UniFi device that’s small enough to travel with that provides secure access back to my home. Now I know that’s super specialized but it’s something that I’ve been trying to build on my own for quite some time.UniFi Express is VersatileUniFi express is a great way to expand your networkThe more I think about this device the more use cases I come up with, from the first time home user that wants reliable WiFi at home, to the “pro-sumer” at home that wants to dip their toes in the UnFi ecosystem at a budget, to the company that wants to give a small remote site wifi access and the ability to expand while still managing their network, to the remote user that wants access back to their corporate LAN without a bunch of network gear in their home, to me, the odd ball, who just wants to bring a device with them when the travel so that all devices can securely connect back to home. I am sure there are plenty more use cases I missed, so let me know your thoughts in the comments below.Well I learned a ton about the net UniFi Express, how to mesh wireless networks, and I hope you learned something too, and remember if you found anything in this post helpful, don’t forget share with a friend!Join the conversationThe past week I have been testing out a new device from Ubiquiti. It's the UniFi Express and it's here to shake up small networks! 👉https://t.co/E1CNDH5uNw pic.twitter.com/svs44LnsqW— Techno Tim (@TechnoTimLive) November 29, 2023Where to BuyUniFi Express: https://l.technotim.live/ubiquitiOther items in this video (because I know you will ask) Slim Patch Cables: https://amzn.to/3SXNGm0 Cozy Digital Fireplace LED Light: https://amzn.to/3SVJQKf Flickering Fireplace Lights : https://amzn.to/3uvqcud(Affiliate links may be included in this description. I may receive a small commission at no cost to you.)Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "EVERYTHING You Should Know About the HL15", "url": "/posts/hl15-review/", "categories": "homelab", "tags": "homelab, hardware, hl15, 45drives, 45, homelab", "date": "2023-11-22 07:00:00 -0600", "snippet": "The HL15 from 45Drives is here. It brings a lot of unique features and was built and designed with the HomeLab community in mind. In this in-depth review we’ll cover everything you want to know a...", "content": "The HL15 from 45Drives is here. It brings a lot of unique features and was built and designed with the HomeLab community in mind. In this in-depth review we’ll cover everything you want to know about this new storage server.📺 Watch VideoDisclosures: I was not paid I was sent an HL15 for reviewIntroHL15 from 45HomeLabThis is the newly released HL15 from 45 Homelab division of 45 Drives. It’s a server meant to meet the needs of the HomeLab community while bringing the build quality and design from their enterprise offerings. It’s a 15 bay server that can be used for just about whatever you want to use it for but it goes without saying that you’re most likely thinking about buying this to be your next storage server.There’s a lot to unpack with this new server so this will be an in-depth look at the H15 HomeLab Storage Server. We’ll cover everything from the chassis, the backplane, the motherboard, the CPU, the power supply and power consumption, cooling, software selection, and even the price and value proposition, because at the end of the day if you don’t think it’s worth it, you’re probably not going to buy it. So, is it any good? Let’s find out.Purchasing OptionsWhen purchasing this machine you have a few options. Now you might have sticker shock when seeing these prices, but we’ll talk about that later in the video. But your options are: Chassis & backplane only Chassis, backplane, PSU, Data Cables, and PSU or fully loaded and tested which is the machine that they sent to me for testing.You have your choice of color, power cable, and additional add ons if you like. They sent a white for me, which is what I was hoping for.First let’s dive into the chassis and the case.Chassis / CaseSteel chassis with screws. I really dig the white and blueThis chassis is made of steel and it’s solid. Like really solid. If you’ve only had aluminum cases in the past you’ll notice the difference right away.It has a powder coat finish that comes in white or black, mine is obviously in white. This design is really nice, it has sort of this Star Wars Hoth vibe to it, which I am a fan of. Now looking at this case you can see that it’s almost entirely metal metal and screws, which I think is a good thing. Why does that matter? We’ll, if you’ve ever had a rivet pop off of one of your cases it’s near impossible to fix, at least for me, I’ve never used rivets and wouldn’t know where to start.You can open this case up using these thumb screws and the first thing you see is the top loading drive cage.Holds 15 drives that can easily slide in and out, easy to see serial numbers (no more labels) and has these nice little springs to keep the drives in place. You’ll also notice No caddies, which is something 45 Drives does not like and after loading quite a few drives in other systems I think it’s starting to rub off on me. Caddies just add more parts, more screws, and ultimately more time and complexity when servicing drives. It’s something that I can now appreciate after dealing with the status quo for so many years.The back of the chassis is pretty basic, I do wish it used PCIe blanks vs breakawaysOne of the downsides is that the PCIe slots have breakaways. Great if you never need to add an item (less parts, less screws, less things banging around) but awkward if you do shuffle around hardware. This is a carry over from their enterprise servers, something I also have in my AV15.The other nice thing about this case is that it can lay flat or even stack up like a desktop with the included feet. If you’re choosing to rack mount this, you’ll just need to attach the included rack ears and then also pick up a pair of rack rails, which do not come with the server. If you don’t want the official rack rails, one of the universal rack shelves will work just fine.Motherboard & ConnectivityLots of this connectivity options on this motherboardWe’ll go a little more in depth on the backplane and some of its features a little bit later but let’s first focus on the motherboard and connectivity to help you understand how it all works.This motherboard is the SuperMicro X11SPH-nCTPF. It comes in 2 flavors, one with SFP+ networking and the other with 10Gbe networking.X11SPH-nCTF https://www.supermicro.com/en/products/motherboard/x11sph-nctpfCPU & RAMThis is an intro level Xeon, great for PCIe lane, storage services, and a few containers or VMs but not too much after that Single Socket LGA-3647 Motherboard Up to 28 cores we’ll cover the specific CPU a little bit later Up to 2 TB of RAM across the 8 DIMM slots DDR4-3200 Dual Rank ECC Registered RAMI opted for 32 GB of 2x16 and picked up more RAM from eBay and now have 128GB. It’s priced pretty fairly there if you’re thinking about buying some.I made sure that I tested it and it all passedIf you do decide to do this, be sure to populate your DIMs in dual rank mode according to the motherboard manual.SATA / SAS If you’re looking at the specs and read 10 SATA, that’s because it has 8 SATA ports and 2 SATA DOM. 7 SAS wired up to backplane, along with 8 SATA. 2 SATA DOM for OS or something else. NVMe on onboard. Mine came with a Kingston drive. Can support 2 more via OCuLink (u.2 spec) which I am not sure where you would put the drives but it’s possible. https://store.supermicro.com/supermicro-55cm-oculink-to-u-2-pcie-with-power-cable-cbl-sast-0956.html You can also look for SuperMicro NVMe add-on cards if you need more NVMe. (Where to Buy section)PCIe 4 PCIe 3.0 slots: 16x, 8x, 8x, 4x in 8x slot They are 3.0 3.0 is 1 GB/s and 4.0 is 2 GB/s but real world not sure if you’re notice This gives you plenty of room for expandabilityBackplaneCustom backplane created by 45 drives. It can address up to 15 drives. They’ve wired up 8 to SATA and 7 to SAS The 8 SATA run though the C622 onboard controller 6 GB ports 7 SAS run through the Intel 3008 controller 12 GB/s ports Can push up to 2,000 MB /s? You can saturate a 10g link easily with this much storage Basically NVMe speeds over the network This backplane has some custom features. It’s the same backplane that they put in their enterprise Storinators they just developed Universal Hot Swap Power limiting features so that when plugging in drives it won’t affect its neighbors voltage Staggered spin up Staggers the spin up of the hard drives Starting all at the same time can create a surge I think this is why one of my old JBOD servers trips my power supply when I power it on. Power SupplyThe HL15 has a modest power supply. Great for 15 drives but might need some additional wattage if you’re going to add more components Rm750e from Corsair ATX, Fully Modular make sure that you only use the cables you need reducing clutter in the case. This is welcomed because when swapping out the power supply in my AV15 there were lots of cables and it was a specialized power supply. Great to see they are using a standard ATX now. Low noise because of its 120mm fan, and can even spin down to 0 RPMs on low loads. It also has an 80 plus gold certified rating meaning that it’s up to 90% efficient at steady loads. Could you get a more efficient one, sure, but it’s going to cost a lot more. Overall solid power supply but 750w might not leave too much headroom if you’re planning on adding all 15 drives and some additional components.Networking Dual 10g SFP+ ports I went this route because I feel like it’s a little more flexible than going 10g ethernet I ended up buying a few 10g RJ45 transceivers to connect to 10g ethernet on my switch (Where to Buy section)IPMI IPMI onboard typical ASPEED IPMI you need on SuperMicro boards Works great for getting into your machine when it’s powered down or before it has an OS. I used it to flash the BMC and firmware shortly after getting it powered on. I did buy the remote license update from SuperMicro, which I typically do with all my boards that allows you to flash bios through the UI. It costs about 27 bucks and while it stinks to pay for this license, there’s no easy way around it if you do want to flash your BIOS remotely or want access to some of the other features.MiscThere are lots of additional headers on the board if you need, like TPM, USB, and even additional serial.IO VGA, which honestly doesn’t matter since you have IPMI, but this is pretty typical with servers USB 2 and 3.0 ports, network again, and serial.Overall, I think this is a solid server board for this configuration.CPUIntel(R) Xeon(R) Bronze 3204 CPU @ 1.90GHzhttps://ark.intel.com/content/www/us/en/ark/products/193381/intel-xeon-bronze-3204-processor-8-25m-cache-1-90-ghz.html 2nd gen Intel Xeon Scalable processors Cascade Lake 6 Cores, no Hyper-threading Max clock 1.9, low for single thread performance but fine for me Can address up to 48 PCIe lanes which is great for the board we have TDP 85w VTx, VtD, AES-NI and more of the typical tech you see in Xeon CPUsReal world, is the CPU enough? It is for me. I will be doing very little compute on this server. If you plan on using this as a hypervisor like Proxmox, you might want to look into another CPU. I checked other CPU options on the used market and it’s actually not to bad if you want to upgrade this CPU later on down the road.Power Consumption & Efficiency Turning it on without anything plugged in it’s going to pull about 80 watts of power while doing system tests and if you plug in a few additional USB devices, the monitor, a couple of GBICs it’s going to pull an additional 10. When fully booted into Ubuntu 22.04 LTS without anything plugged in it’s going to pull about 70 watts. The only drives I had free to test with here these 8TB Seagate Ironwolf 7200 RPM NAS drives After inserting each drive and letting them spin up and normalizing, each drive added about an additional 8-9 watts of power. After inserting 6 without anything else plugged in, we’re sitting at about 114 watts After pulling in the 2 10g transceivers and the IPMI nic, we’re sitting at right around 125 watts. Not too bad all things considered. I disconnected the fans just to see and it looks like they are using about 4 watts a a pieceCooling 6 x 120mm CoolerGuys fans 1700 RPM 32.5dBA 73CFM - cubic feet per minute 2.47mm H2O - static pressure (measures in inches of water) 6 of these total 3 in the front to take in cool air and cool the drives and another 3 to push air across the motherboard and keep components cool.These fans move a lot of air and you don’t need to worry about your components ever overheating. They do this at the cost of noise though. How loud are the fans? I am not sure how to put this but they are quiet for enterprise servers and loud for a home server. They are much quieter than its enterprise counterpart, the AV15, but still not something you want to put in your living room. I am thinking about replacing them with Zigbee controller RGB fans like I did with my AV15 customization video but haven’t had the time to rip it apart yet.If you do decide to replace the fans, just be sure that you’re getting something on par with these and specifically ones with enough static pressure.The CPU cooler is passive and I think that has a lot to do with why they’re using these fans. On my AV15 I did swap this out for a noctua cpu cooler that kept it just as cool, if not more, which then allowed me to replace the fans with quieter fans. You can find the fans I used in the AV15 in the Where to Buy section.OS & SoftwareThe HL15 ships with Rocky Linux but I assume that’s there just to run their QA tests. Since this is an open system x86 you can install anything you like on it from Proxmox, to TrueNAS, VMware or any operating system. If you’re buying this as a storage server, most likely it’s going to be something that handles storage nicely.I took a slightly different approach with this system and decided to not install a hypervisor and install Ubuntu LTS. This time I am going to go bare metal and see how manageable Ubuntu is with services like SMB, NFS, ZFS, some docker containers, and possibly some KVM if I want virtualization.I am also going to give Cockpit a shot, or the Houston UI as 45Drives calls it. This gives me a friendly UI to manage some of these services which are otherwise pretty complex.That’s when I found out that they don’t yet support 22.04, only 20.04 which is the previous LTS from 3 years ago. With all of that being said, I am going to install Cockpit without the 45Drives special sauce.This was super simple with a command…Or so I thought…And that had its own issues so for the sake of showing off what Cockpit / Houston can do I decided to install Ubuntu 20.04, which is still supported. Hopefully 22.04 will be supported, or even 24.04 in the spring.Installing is as easy as downloading a script and then executing it. It will install many different modules to help you manage your server. After setup is complete you’ll reboot.Once installed you can see Houston or Cockpit running on your server IP https 9090At the time of testing Houston for this video, it seems like some of these modules are not working properly with the HL15, for example the 45Drives Disks and the 45Drives Motherboard do not load, and the 45Drives System area is partially loaded and there are some services that fail to load like ZnapZend. These few things aside, the rest of the UI seems to be working.I can create ZFS pools, create SMB and NFS Shares, and even create some virtual machines if I like, although the UI is pretty basic for this. Creating users, Charts, metrics, benchmarks, and even accessing the terminal all seem fine. You can also install additional applications by using the cli and finding an application on their project page however most of them are already installed. For example I installed and open LDAP server on my machine and that worked just fine, however beta applications like Tailscale and cloudflare tunnels aren’t available on this version of cockpit so you won’t be able to install them, arguably that’s probably better suited for something like Docker and containers, and if you’re going to install manage containers, you’ll want to install Portainer to manage them.If I do end up going this route, I would leave Cockpit for managing hardware type services and configuration and leave the rest to Docker and I will manage Docker with Portainer since it’s only a few clicks away. All that being said, I know that this is a new line for 45 drives, but it would be nice if this were working so that I wouldn’t be forced to use proxmox because I don’t need virtualization, and TrueNAS because I don’t want to run their apps. I might just go bare metal without any gui, but managing configs for smb, zfs, zfs, etc is such a pain.So more to come on the OS for this server, I still have time to make my decision and the nice thing is it’s flexible!Hardware & Network Stress TestThe HL15 with a standard config can easily push 20 G/bsYou’ll have to see the video for this section. Spoiler alert, I can push 20 Gb/s with this configuration, no problem at all.Price & ValueOne of the first products that is targeting the HomeLab communitySo let’s talk about some of the configuration options you saw earlier along with the value you’re getting.You can choose: Chassis + Backplane for $799 which is going to get you the chassis with the direct wire backplane. Everything else is up to you to supply and connect. The next option at $910.00 is the Chassis + Backplane & PSU which is going to get you the chassis, the direct wire backplane, data cables, and the 750w ATX power supply. The final option for $1999.99 is the fully built and tested system.Let’s not beat around the bush, all of these options are priced pretty high. No matter which way you look at it, $800, $900, $2,000 dollars is a lot of money no matter what you are spending it on and I think you have to determine if there’s enough value here for you. Is getting a steel, repairable case with a backplane that can hold 15 caddie-less drives and give you NVMe speeds over the network important to you? If it is, you have few options out there. This isn’t a chassis you buy that comes with a proprietary motherboard and components, it’s a chassis that is open enough to accommodate any motherboard / CPU combination you throw at it, now and in the future. If you’re comparing it to other storage vendors, like synology, it’s on par for price, but if you’re comparing it to old used gear you’re going to think it’s expensive.That being said, I would love to see cheaper options for those that are in the market for a homelab chassis like this one. And if not, maybe they will see these on the second hand market later in life.If you can get past the price, I think you’ll find a case that has everything you’re going to want for a storage server, now and in the future. It looks like 45Drives addressed everything I mentioned in the AV15 with the HL15, well, except RGB, unless you’re counting the power switch. Also, I have to give them credit because they took a huge risk at bringing something to market that is as niche as HomeLab, because to my knowledge, they are one of the first to do it and brand it with the “HomeLab” Title.Well I learned a lot about the HL15, storage servers, and network throughput testing and I hope you learned something too. And remember if you found anything in this video helpful, don’t forget share this post!Join the conversationAfter a week of using and testing the HL15, I finally released my in-depth review of this new storage server. Does it meet the HomeLab community needs?👉https://t.co/qCutlEbYYs pic.twitter.com/xGGOHodgaq— Techno Tim (@TechnoTimLive) November 22, 2023Where to BuyHL15: https://45homelab.com/HL15 Accessories: Universal Rack Shelves: https://amzn.to/3usoh9Q Blank PCIe Covers (Black): https://amzn.to/3sK8ZwE Blank PCIe Covers (White): https://amzn.to/3sLTSCY RGB Case Fans: https://amzn.to/3SURBAc Heavy Duty Noctua Fans: https://amzn.to/3QT2M9E 8 TB NAS Drives: https://amzn.to/3sUCz2x SATA DOM: https://amzn.to/3QT30h0 Samsung NVMe: https://amzn.to/46o6v4R SuperMicro 2 NVMe PCIe Card: https://amzn.to/47ENblz SuperMicro 4 NVMe PCIe Card: https://amzn.to/3sNIdni 10g SFP+ to RJ45 Transceiver: https://amzn.to/3GbKonB Noctua CPU Cooler: https://amzn.to/46qHKFh 16 GB DDR4-3200 RDIMM RAM: https://www.ebay.com/itm/204230531994?mkcid=1&mkrid=711-53200-19255-0&siteid=0&campid=5338780159&customid=&toolid=10001&mkevt=1(Affiliate links may be included in this description. I may receive a small commission at no cost to you.)Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Meet netboot xyz - Network Boot Any Operating System", "url": "/posts/netbootxyz-tutorial/", "categories": "self-hosted", "tags": "netbootxyz, pxe, docker, open-source, homelab", "date": "2023-11-11 07:00:00 -0600", "snippet": "Imagine all of your favorite operating systems in one place, available anywhere on your network, and you’ll never need to use your flash drive again. That’s the promise of netboot.xyz, a network b...", "content": "Imagine all of your favorite operating systems in one place, available anywhere on your network, and you’ll never need to use your flash drive again. That’s the promise of netboot.xyz, a network boot service that lets you install or boot to any operating system simply by booting to the network.📺 Watch VideoDisclosures: Nothing in this video was sponsoredDon’t forget to ⭐ netboot.xyz on GitHub!Requirements docker (and compose) docker machine has a static IP dhcp server & access to settings (or install your own)Docker SetupSee this post on how to install docker and docker composeInstallcreate folders netboot_xyz, netboot_xyz/assets, netboot_xyz/configmkdir netboot_xyzcd netboot_xyzmkdir assetsmkdir configCopy yaml to server or portainer, etcContainer Imageslinuxserver.io container imageParameter Docs---version: \"2.1\"services: netbootxyz: image: lscr.io/linuxserver/netbootxyz:latest container_name: netbootxyz environment: - PUID=1000 #current user - PGID=1000 #current group - TZ=Etc/UTC # - MENU_VERSION=1.9.9 #optional, sets menus version, unset uses latest - PORT_RANGE=30000:30010 #optional - SUBFOLDER=/ #optional volumes: - ./config:/config - ./assets:/assets #optional ports: - 3000:3000 - 69:69/udp - 8080:80 #optional restart: unless-stoppedOfficial container imageParameter Docs---version: \"2.1\"services: netbootxyz: image: ghcr.io/netbootxyz/netbootxyz container_name: netbootxyz environment: # - MENU_VERSION=2.0.47 # optional, sets menus version, unset uses latest volumes: - ./config:/config # optional - ./assets:/assets # optional ports: - 3000:3000 - 69:69/udp - 8080:80 #optional restart: unless-stoppedRunningbring up stackdocker compose up -dcheck to be sure it’s running➜ netboot_xyz docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES83e6c5192156 lscr.io/linuxserver/netbootxyz:latest \"/init\" 14 seconds ago Up 12 seconds 0.0.0.0:69->69/udp, :::69->69/udp, 0.0.0.0:3000->3000/tcp, :::3000->3000/tcp, 0.0.0.0:8080->80/tcp, :::8080->80/tcp netbootxyzshould see something like:Check the logs➜ netboot_xyz docker logs netbootxyz[migrations] started[migrations] no migrations found─────────────────────────────────────── ██╗ ███████╗██╗ ██████╗ ██║ ██╔════╝██║██╔═══██╗ ██║ ███████╗██║██║ ██║ ██║ ╚════██║██║██║ ██║ ███████╗███████║██║╚██████╔╝ ╚══════╝╚══════╝╚═╝ ╚═════╝ Brought to you by linuxserver.io───────────────────────────────────────To support the app dev(s) visit:netboot.xyz: https://opencollective.com/netbootxyz/donateTo support LSIO projects visit:https://www.linuxserver.io/donate/───────────────────────────────────────GID/UID───────────────────────────────────────User UID: 1000User GID: 1000───────────────────────────────────────[netbootxyz-init] Downloading Netboot.xyz at 2.0.73[custom-init] No custom files found, skipping...crontab: can't open 'abc': No such file or directorylistening on *:3000[ls.io-init] done.4Lg88gNm_wqDORftAAAB connected time=1699460581160ConfiguringYou can now browse to the container’s homepagehttp://192.168.10:3000/You should see a list of pxe boot menu items and the option to cache the pre boot environment locallyLocal MirrorIf you want to serve the files from a local mirror, you can edit the boot.cfg file from the boot menuschange:set live_endpoint https://github.com/netbootxyzto:set live_endpoint http://192.168.10.125:8080Keep in mind that you will not be able to boot from any environments you haven’t downloaded.DHCP ConfigurationSince I cannot cover configuring every DHCP service out there, I will cover the basics. Fortunately linuxserver.io has many routers covered as well as the official netboot.xyz docs.UniFi UDM Pro / SESettings > Network > Choose Network > DHCP Service Management > Show OptionsHere you’ll want to check “Network Boot” and fill in the server IP and the file nameFor me, it’s:Server IP: 192.168.10.125Filename: netboot.xyz.kpxe (this is the default BIOS option)Save.Preferably we would like to offer a PXE boot per architecture, and UDM supports it however not in the UI. Follow these instructions to do it via CLIIf you’re up to it, here’s my config:## Generated automatically by ## Configuration of PXE boot for '# The boot filename, Server name, Server Ip Addressdhcp-boot=netboot.xyz.kpxe,netboot.xyz,192.168.10.125# inspect the vendor class string and match the text to set the tagdhcp-vendorclass=BIOS,PXEClient:Arch:00000dhcp-vendorclass=UEFI32,PXEClient:Arch:00006dhcp-vendorclass=UEFI,PXEClient:Arch:00007dhcp-vendorclass=UEFI64,PXEClient:Arch:00009# Set the boot file name based on the matching tag from the vendor class (above)dhcp-boot=net:UEFI32,netboot.xyz.efi,netboot.xyz,192.168.10.125dhcp-boot=net:BIOS,netboot.xyz.kpxe,netboot.xyz,192.168.10.125dhcp-boot=net:UEFI64,netboot.xyz.efi,netboot.xyz,192.168.10.125dhcp-boot=net:UEFI,netboot.xyz.efi,netboot.xyz,192.168.10.125Verifycat /run/dnsmasq.conf.d/PXE.confCopy file to /run/dnsmasq.conf.d/PXE.conf on UDMrunkill `cat /run/dnsmasq.pid`You’ll have to do this on each rebootIf you don’t want to do this, you’ll have to change the image file each time.Booting to networkTo boot to the network you’ll need a BIOS and NIC that supports it enable in BIOS enable EFI PXE Boot enable Legacy (BIOS) PXE Boot Figure out boot override or network boot key Power on and boot to network (BIOS of EFI)See the boot menu, choose OS and go! Word of caution, there might be some that do not work. This is a moving target.e.g. Ubuntu 23.10 isn’t working for me now, but could soon. Other OS are fine. You may need to try different NICs if you are using virtualizationWhat about Windows?Requirements Windows 10/11 machine Windows ISO Windows ADK for Windows 10/11 Windows PE add-on for the Windows ADKWindows 11 ADK downloads hereInstall Windows ADK for Windows 10/11.Install Windows PE add-on for the Windows ADK.Run Deployment and Imaging Tools Environment as administrator from the start menu.Navigate to foldercd \"..\\Windows Preinstallation Environment\\amd64\"Mount the Windows PE boot image.md C:\\WinPE_amd64\\mountDism /Mount-Image /ImageFile:\"en-us\\winpe.wim\" /index:1 /MountDir:\"C:\\WinPE_amd64\\mount\"Copy filesXcopy \"C:\\WinPE_amd64\\mount\\Windows\\Boot\\EFI\\bootmgr.efi\" \"Media\\bootmgr.efi\" /YXcopy \"C:\\WinPE_amd64\\mount\\Windows\\Boot\\EFI\\bootmgfw.efi\" \"Media\\EFI\\Boot\\bootx64.efi\" /YUnmount the WinPE image, committing changes.Dism /Unmount-Image /MountDir:\"C:\\WinPE_amd64\\mount\" /commitDelete the temp folder that was created earlier (so we don’t get an error when copying)rmdir /s C:\\WinPE_amd64Create working filescopype amd64 C:\\WinPE_amd64Create a bootable WinPE ISOMakeWinPEMedia /ISO C:\\WinPE_amd64 C:\\WinPE_amd64\\WinPE_amd64.isoThen copy the contents of WinPE_amd64.iso to netboot.xyz container’s /assets/WinPE/x64/ folder (need to create folders first)Then you’ll want to create an SMB share named Windows in your environment. You can create or download a Windows ISO by visiting Microsoft’s siteOnce you have created your Windows ISO, you can then extract the files to the root of the Windows share you just created above.Now we need to configure netboot.xyzIn netboot.xyz UI, update boot.cfg to set win_base_url http://192.168.10.125:8080/WinPE and save.Now you can PXE boot to the network (be sure you are using the EFI boot image and your device supports UEFI) and then choose Windows from the netboot.xyz menu.This should boot to a DOS prompt in the Windows Pre-boot EnvironmentTypewpeinitthen typenet use F: \\\\<server-ip-address>\\<share-name> /user:<server-ip-address>\\<username-if-needed> <password-if-needed>If you want it to prompt for a username and password, remove the user argumentnet use F: \\\\<server-ip-address>\\<share-name>This will map the F: drive to your Windows share that the Windows ISO extractedthen typeF:\\setup.exeThen hit enter and Windows installer should launch!I’d love to also automate the mounting of the share however I haven’t found a clean way to do it yet. If you know, let me know in the comments below and I can add it!Join the conversationBack in my tech support days I thought that if I had PXE network boot at home, that I "made it". We'll, that day has come! This past week I learned all about netboot xyz! I can now boot and install any operating system over the network!Check it out! https://t.co/PzPmYzKWLH pic.twitter.com/FQr4W4TPtp— Techno Tim (@TechnoTimLive) November 11, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Introducing the ZimaBlade! - An affordable Low Power Single Board Computer!", "url": "/posts/zimablade-review/", "categories": "homelab", "tags": "zimablade, hardware, casaos, linux, windows", "date": "2023-10-30 08:00:00 -0500", "snippet": "Introducing the ZimaBlade, an affordable, low power, single board computer that’s great for a home server, homelabs, tinkering, NAS, retro gaming, or even a dual boot desktop system like me.📺 Watch...", "content": "Introducing the ZimaBlade, an affordable, low power, single board computer that’s great for a home server, homelabs, tinkering, NAS, retro gaming, or even a dual boot desktop system like me.📺 Watch VideoDisclosures: I was not paid Ice Whale provided ZimaBlades and accessories for testing I bought everything else with my own moneyIntroZimaBlade stands outEvery so often a device comes into focus that’s a little different than the rest. It looks familiar yet different. It stands out among the others in the sea of familiar devices and once you use it and hold it in your hands you understand why it’s different and why that matters. This is the ZimaBlade, a single board computer from Ice Whale. It’s the second device we’ve seen from them and it’s much different from their first device, the ZimaBoard. There are a few features that make you think that this might be a successor to the ZimBoard, but there are many others which show that the ZimaBlade can stand on its own as a new product in their lineup. Today I am taking a look at the ZimaBlade and discussing some of my thoughts around this device, how it compares to the ZimaBoard, and some of the interesting quirks I found that you might be interested in.Unbox ExperienceZimaBlade looks like a Walkman from the 80s, and that’s a good thingUpon opening you can’t help but notice the cyber punk theme on the packaging and the device. I am a fan of this design and it fits right in with the renegade, self-hosting, cyber native vibe they are going for. Next, they chose to make the case transparent, which again plays well with the theme they have going and gives this device some character. And last, how much it looks like a Walkman from the 80s. Now that’s not a bad thing, Walkmans had a ton of style, came in all shapes and sizes, and was an icon in 80s culture. But I digress.Hardware SpecsZiaBlade without its caseThe ZimaBlade comes with either an Intel Celeron J3455 Quad core Apollo Lake processor or an Intel Celeron Dual core processor depending on which model you choose.This CPU supports AES NI for encryption, VT-x for virtualization, and VT-d for directed I/O or hardware passthrough.This processor is paired with the Intel integrated HD 500 graphics processor which is clocked at around 700 Mhz. This chip also supports QuickSync and a handful of other features that help ensure that video playback is smooth as well as enough processing power to do some lightweight retro gaming. You output the video with this mini display port that supports up to 4k at 60Hz.It has a SODIMM slot that supports up to 16 GB of DDR3 RAM which is removable and not soldered on. As far as storage goes it has 32GB eMMC for storage and dual SATA 3.0 ports for connecting additional drives if you choose to do so.It has a 1 Gb ethernet port and as far as USB goes it has one USB A 3.0 port and one USB C port that supports power, data, and display.The back of this case is also aluminum alloy that is fused to the heatsink which will help dissipate heat without a fan,Last but not least is this bump you see here and that’s the PCIe 2.0 x4 slot. This slot is what made the ZimaBoard unique, was not only creating an x86 single board computer but also including a PCI slot to connect devices that you can’t use on other mini PCs, laptops, or similar devices without using a Thunderbolt enclosure. And as you can see the ZimaBlade also gets this slot.This slot can be used for almost any PCIe device you can think of that can fit into a 4x slot and doesn’t require external power. This includes things like 10g network adapters, 2.5g network adapters, additional USB ports, WiFi 6 adapters, additional SATA ports, NVMe adapters, cards and for AI and ML.First Boot experienceZimaBlade with its case, showing off some of its portsAfter installing the RAM and plugging in the device you will boot into Debian Linux which comes preinstalled. You can sign in using the username and password of casaos. You’ll want to change this as soon as possible and update your system.You might want to grab the IP too because you’ll need it to get into the CasaOS web UI that also comes preinstalled. CasaOS is an open source management interface to help you install over 50 docker apps with a single click along with supporting any other docker image you can find. It makes setting up a NAS with Docker apps a snap and great for a beginner although if you’re already familiar with other open source NAS solutions you might be missing some features when evaluating CasaOS.If you’re interested in a deeper dive into what CasaOS is, I’ve done a video on 20 different projects you can run on your ZimaBoard and now ZimaBlade, including CasaOS.One thing that was mentioned in the instructions, yes I read them, if you go out to you can easily find your Zima device by clicking this button. Now this didn’t work for me even though my devices were on the same network but that might be because this feature isn’t ready yet.You’ll also see that they have released Windows and Mac clients too. After downloading and installing these clients you’ll notice that it also installs ZeroTier. Again, there isn’t documentation on this stuff yet because it’s pretty new but it looks like they might allow you to connect to your Zima device easily over the internet no matter where you are and if you have an edge connection or not. This might be for the upcoming ZimaOS that I peeped on their Github. Oh and if you’re worried about the code or client that’s running, all of this is open source and on GitHub so you’re free to check it out if you don’t trust it.My Workbench Testing SystemPCIe connectivity is often not found on mini PCsThe nice thing about this hardware being open is that you are not locked into how the vendor wants to use it. If you don’t like Debian or CasaOS, fine, just wipe it and install whatever you like. Want to build your own NAS using OpenMediaVault or TrueNAS, go for it. Just get a bootable flash drive, install it, connect a couple of drives and you’re good to go. If you do go this route I would recommend picking up the NAS kit that includes this dual 3.5” storage drive stand and a special Y SATA cable that helps you connect and power 2 additional drives. And just like that you have a NAS…. or do what I did and create a dual boot Windows and Linux system!I use both Windows and Linux a ton on my workbench and I always find myself toggling back and forth when testing hardware. Plugging in When I saw the ZimaBlade had a case for 2 additional drives I knew right away that this is how I was going to use it. I grabbed a few old SSDs out of my drawer, picked up a couple of cheap 3.5 to 2.5” drive adapters, installed the drives, and then connected them all with this Y SATA splitter and it was ready to go.Installing a dual boot system on this was relatively easy however I’ve had some experience with this in past and I even did a video on it, but if you’re interested on how to do this I will have a link to my documentation that will explain exactly how to do dual boot with a ZimaBlade.Now when booting I can choose Windows or Linux when booting up. You can see that this little quad core processor is working its tail off during the boot process but it tapers off after a few seconds. The integrated intel video card works decent enough for watching videos and I assume it works fine too for retro games but this is just enough for what I need to test out hardware and flash and wipe drives.This device can boot into Windows 11 and play videos, no problem!On the Windows side it’s using anywhere from 6-10 watts of power after signing in and letting the machine sit for about 5 minutes to ensure that most sign in tasks were complete. This variance we see here is due to a lot of the background tasks that run on Windows and a little bit for the task manager.When launching the default browser of Edge and playing a video on YouTube we can see the power usage jump from 10–18 watts. The other thing when looking at the task manager is that the integrated graphics have kicked in to decode the video. If we look at the stats for nerds there were only a few dropped frames and most of them were when starting the video and resizing the window to full screen.It’s no surprise that this also works with Linux! (Ubuntu 23.10 shown in picture)The same goes for Linux, when booting this Ubuntu 23.10 machine the machine I can choose Linux from the GRUB menu and boot into Ubuntu Desktop and as you can see the CPU and resources taper off after a few seconds and everything runs smoothly. Power usage after letting the machine sit for about 5 minutes is anywhere between 5 - 7 watts, again the variance is due to background tasks and System Monitor. Playing a YouTube video with the default browser of Firefox we can see the power usage jump from 11 - 17 watts. System monitor doesn’t report GPU status so I installed intel gpu utilities and was able to see the intel video card decoding the video.One of the things I use this for most often is flashing SSDs and wiping and formatting drives. These two things are pretty cumbersome to do without physically plugging them into a system via SATA, PCIe, or Thunderbolt. Each of these solutions take up a lot of space or require additional hardware requirements. I found that having an “open air” PCIe slot on this machine makes it super simple to test complete any of these tasks, and with a small footprint. And this is just one of many possibilities with the ZimaBlade because at the end of the day, it’s really just a mini desktop.My Thoughts About the ZimaBladeThe engineering sample came with a white PCB, let’s hope it sticks aroundI do have some thoughts after using this for a couple of days. Overall it’s great and hard to complain about something when there’s so much to like.I think my biggest gripe has been power. I went into this thinking that I can use any USB C power adapter since it supports Power Delivery 3.0. Turns out that this is a 12v Power Delivery 3.0 power supply and I couldn’t find any power adapters here at home that supported it, not my Macbook charger, an Anker charger, or even this no-name charger. This really isn’t a big deal however if I used one of my existing adapters, it seemed to also do something weird to the device to where I had to reset the CMOS a few times. I reached out to IceWhale and they pointed out that I needed to use a Power Delivery 3.0 12v/3a power adapter like the one that is included. I 100% agree that the provided adapter works but USB C Power Delivery 3.0 with 12v/3a is less common in North America with a lot of power adapters, at least the ones I have access to. IceWhale did say that they were going to try to make it compatible with more adapters before production so we’ll see. Moral of the story is just use the adapter they ship and you’ll be fine, which means you might want to buy their power adapter to be sure. When using the correct power adapter with a USB C hub, everything worked fine including USB, HDMI, and power delivery.Another small gripe is that you can’t see the power LED when you have it in the case. The only reason I am bringing this up is because I had to check the LED over and over when figuring out the previous issue related to power. Not a big deal but one little hole or clear cutout in the case would go a long way.While we’re on the topic of LEDs it would be nice to have a pair of lights for the NIC for status and activity and also I noticed that the HD activity light doesn’t flash for eMMC. Again, not deal breakers, just nice to haves.Also a small power button would have been awesome. I still feel odd pulling out the power to reset or power down this machine. I did check for pins and I could only make out the reset switch. It would be great to add these pins to the documentation, I am sure others will ask about this if they haven’t already, and everything else is documented nicely in the booklet that shipped with the device.Oh, and they sent me 2 devices, one was an engineering sample with a white PCB and one that is closer to the final product which has a black PCB. Honestly I love the white PCB model even though I am a huge fan of dark mode! This white PCB just makes it feel more SciFi and futuristic and really makes all of the componentry pop. I dunno, what do you think? Light Mode PCB or Dark Mode?Hopefully some printed caddies or the like make their way into the ecosystemAlso, it would be cool if there were some sort of printable adapter to prop up your PCIe devices when they are plugged in. When you aren’t using the 2 drive base stand it’s easy to prop something under it, but when it’s dangling about 6 inches up it’s kind of scary. A printable tray or stand that could hook into the existing stand would go a long way. You could even sprinkle in some of the Cyber Punk designs from the device.OK it sounds like I am nitpicking now but these are just small things that I think would really put some polish on this device.It’s hard to complain when there’s so much to like about this $64 board. I know that it has an older CPU in it, along with DDR3, and the PCI is only 2.0, but considering the cost and what I will use it for I would rather keep the cost down than pay for features I personally won’t use.And I think that’s the goal of this device as stated by IceWhale: “The ZimaBoard was built on top of a relatively expensive ($120-$200) x86 single-board computer compared with the popular Raspberry Pi. Since most people can’t afford such expensive hardware without knowing what exactly it can do, we decided to create something better suited for the broader cyber native – something that is cheaper, smaller, and easier to use and carry around.”If this is something you want to support, check out the links for more information: ZimaBlade on CrowdSupply: https://bit.ly/3PeSpxv ZimaBlade Official Site: https://bit.ly/3tOlpUxWell I learned a lot about the new ZimaBlade, Power Delivery over USB C, Dual Booting Windows and Linux and I hope you learned something too. And remember if you found anything in this post helpful, don’t forget to share!Join the conversationThe past week I got to play with and configure the ZimaBlade, a new single board computer. Super fun device with some quirks. Did it replace my ZimaBoard? 👉https://t.co/GfuWbkqXMJ(Also I couldn't pass up doing a Halloween themed thumbnail!) pic.twitter.com/HzW7mxE35n— Techno Tim (@TechnoTimLive) October 31, 2023Where to BuyZimaBlade: https://bit.ly/3PeSpxvZimaBlade Accessories: 10g NIC: https://amzn.to/47aLJXl Quad 2.5g NIC: https://amzn.to/3sl2Bf1 4 Port USB Card: https://amzn.to/3FFIzPr WiFi 6 PCIe: https://amzn.to/3sfwLQY PCIe SATA Expansion: https://amzn.to/3sbNdlj SAMSUNG SSDs: https://amzn.to/3Sf5bxU 8GB SODIMM RAM: https://amzn.to/40iXUiw Anker USB C Hub: https://amzn.to/49tQCwL Slim Cat6 Cables: https://amzn.to/45NVj1e 2.5 to 3.5 Bracket: https://amzn.to/3s6q7fZLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "My NEW Ultimate Desk & Setup Tour 2023!", "url": "/posts/desk-tour-2023/", "categories": "vlog", "tags": "desk, tour, windows, mac, linux, studio, hardware, ultrawide", "date": "2023-10-21 08:00:00 -0500", "snippet": "Ever wonder what my home office and studio looks like and which tools I use? Check out my NEW ultimate desk & setup Tour for 2023! (My setup, my desk, my workbench, and even my studio rack for ...", "content": "Ever wonder what my home office and studio looks like and which tools I use? Check out my NEW ultimate desk & setup Tour for 2023! (My setup, my desk, my workbench, and even my studio rack for 2023!)Disclosures: I was not paid Elgato provided some items for free, the rest I chose and bought with my own money over the years Grovemade provided desk shelf and desk pad for free I bought everything else with my own moneyThanks to Grovemade for helping me organize my desk! Use code TECHNOTIM for 10% off! https://l.technotim.live/grovemadeHuge shout out to Elgato for helping me get my stream in check! https://www.elgato.com📺 Watch VideoNotesHere are my notes from the video in case you wanted a little more context than I was able to provide in the video! This was such a fun project but yet I am glad I am done! Let me know if you have any questions in the comments below! All parts are linked in the Where to Buy section below!MonitorsSamsung 57” Ultrawide and my Dell 4k monitor!Samsung Odyssey Neo G9 57” Dual 4k UHD Dual 4k means they put 2 4k panels together 240Hz refresh rate and 1ms response time I don’t need this at all, 120Hz is great but what I really wanted was a specific ratio. Ratio is Important to me because I wanted to have a 16:9 ratio so that I could put 2 windows side by side and have them each be 4k, or one large one for editing One other cool thing is that it has a 1000R curve, which for me I think is one of the best curves, although I haven’t used any other. This makes it feel more natural where the monitor is almost equidistant as I move my head when looking left and right. So how do you hold up a 40 lbs monitor? Very carefully. Took a while to find the right arm, since most monitor arms max out at about 30-40 lbs. Ended up finding one that supports 44 lbs and it’s working great. I did this so I can adjust and and because the legs are gigantic It has RGB, kind of pointless unless someone is sitting behind you and you want to annoy them. I only have it on for this video. Also, this arm has RGB too, which I promise is not the reason I bought it. It can be toggled off too.Dell U2720Q 27” 4k IPS Panel You might be wondering why I have this when I have a gigantic monitor below? This is great when sharing my screen on zoom calls or when I do screen recordings for my videos so that I don’t have to share a super wide desktop that no one can see or have to only share a section of my screen. I typically have it off until I need to do one of those things.Desk OrganizationGrovemadeHaving a desk system like this one from Grovemade freed up a lot of space on my desk Designed and made in Portland, Oregon Simple materials - wood, aluminum, cork 46 inches wide, 9 inches deep Solid maple - warm, natural look Desk Shelf - Large Maple Also opted for a tray to store some things. This gives me 3 layers to store things that need to be out of the way but still have quick access to. I also went with this light gray desk pad. This is my first real desk pad and I have to say, I think this one is perfect. It has a great modem look, it’s just wide and deep enough, and it’s super smooth with some cushion. My mouse slides so easily on it with the perfect amount of friction, it’s hard to explain but I really feel like this material helps me be more precise when using my mouse at the crazy high DPI I have it set at. Huge shout out to Grovemade for sending this desk set to help get my digital life in order! If you’re interested, there are links in the Where to Buy section. You can get 10% off by using the code TechnoTim` I am also using this on my workbench.Audio & VideoElgato GearStreaming has never been easier with my Elgato gear! Elgato Stream Deck + and Wave Link control audio live streaming and even my music. - I have a Wave XLR for my microphones and I control all of the audio levels using the stream deck plus. Huge shout out to Elgato for sending these after struggling so much with other audio setups. Then I have the first stream deck which I’ve had for years which mostly controls OBS and smart lights in the room.AttachmentsLights, Cameras, Action?You might be noticing all of these things attached to my desk, up here I have a pair of Elgato Key Lights that help control my lighting when streaming and recording, then a bunch of arms. These arms help move my gear into the best place possibleCable ManagementThis consists of velcro, the right power strips, an under desk basket, and a few systems underneath to hold cables and cords. USB Hubs and switchers help tidy this up too and allow me to switch between Windows and Mac.WorkbenchAlthough my workbench is small, organizing it is key to getting projects done on time! Behind me is my workbench This is where I build and test most of the things you see on my channel You can see a ZimaBoard and ZimaBlade here that I am testing and working on As you can see I also have the Grovemade desk shelf I can hide lots of things in the shelf I use this primarily for charging Wish there were a better way to to charge all usb devices, but tucking them under here is the best I’ve found. If you know of a better way let me know in the comments!Where to BuyProducts in this video:Here are the items in the video, let me know if I missed anything! (some are affiliate links)On my desk: SAMSUNG 57” Odyssey Neo G9: https://amzn.to/3M9J9su Ultrawide Monitor Arm: https://amzn.to/46JQh79 Dell 4k Monitor: https://amzn.to/406AXz1 Tall Monitor Arm: https://amzn.to/45CEQNb Grovemade Shelf: https://l.technotim.live/grovemade-shelf Grovemade Desk Pad: https://l.technotim.live/grovemade-deskpad Elgato Stream Deck +: https://amzn.to/46Wm8Be Elgato Stream Deck: https://amzn.to/3tCMw4F Elgato Wave XLR: https://amzn.to/3Qrq4o7 Elgato Wave Mic Arm LP: https://amzn.to/470DyfU Elgato Key Light: https://amzn.to/3McCKwO Keychron Q3 Keyboard: https://amzn.to/46D3ZbL Razer Mouse: https://amzn.to/3tP7Xj1 Rode PodMic: https://amzn.to/46FDNxt RODE PSA1 Arm: https://amzn.to/3QrKYUj Sony A6400 Camera: https://amzn.to/3tIxH0E DJI Mic: https://amzn.to/3Q9aLzj Camera Arm: https://amzn.to/45IQJkC Hue Play Lights: https://amzn.to/46TKFa2 USB Switch: https://amzn.to/3S9npB0 Powered USB Hub: https://amzn.to/496cMF8 HDMI Switch: https://amzn.to/3QozssL Desk Legs: https://amzn.to/3SeBOffCable management: Under Desk Trays: https://amzn.to/45AK1NP Power Strips: https://amzn.to/405nuHA Velcro: https://amzn.to/405gFWt Long Display Port: https://amzn.to/3Q4HCoI Long USB: https://amzn.to/3MbaCtR Long HDM: https://amzn.to/46Yfs5x Long PC Power: https://amzn.to/3s12y89 Long Active USB C: https://amzn.to/45IgMbV Long Cat 6 Ethernet: https://amzn.to/4968w8C Label Maker: https://amzn.to/3tDPjuxStudio Rack: 12u Server Rack: https://amzn.to/46HlUOIWorkbench: Grovemade Shelf: https://l.technotim.live/grovemade-shelf Desk Mat: https://amzn.to/405hHSl Slim Network Cables: https://amzn.to/3tIUERr UniFi 16 Port Switch with POE+: https://l.technotim.live/ubiquiti ZimaBoard: https://amzn.to/3Ft7iXo Desk Legs: https://amzn.to/4709rpe Elgato Key Light: https://amzn.to/3McCKwO Elgato Multi Mount: https://amzn.to/3MahaJe Anker Charger: https://amzn.to/46CrpOHMobile Workbench / Storage: Mobile Workbench: https://www.homedepot.com/p/Husky-46-in-W-x-24-5-in-D-Standard-Duty-9-Drawer-Mobile-Workbench-Cabinet-with-Solid-Wood-Top-in-Gloss-White-H46MWC9GWV2/313615422 Best USB C Dongle: https://amzn.to/471IKjV🛍️ See the whole kithttps://kit.co/TechnoTim/techno-tim-desk-studio-2023(Affiliate links are included in this description. I may receive a small commission at no cost to you.)Join the conversationEver wonder what my home office and studio looks like and which tools I use? Check out my NEW ultimate desk & setup Tour for 2023! (My setup, my desk, my workbench, and even my studio rack for 2023!)Check it out!👉https://t.co/j9W5LMZPNi pic.twitter.com/7bTlAmiER7— Techno Tim (@TechnoTimLive) October 21, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "More than a Rackmount Case for a Mac", "url": "/posts/mac-studio-rack/", "categories": "homelab", "tags": "mac, apple, thunderbolt, mac-studio, nvme, xmac-studio, sonnet", "date": "2023-10-05 08:00:00 -0500", "snippet": "I debated buying a new Mac due to its limited options for expandability. This all changed when I found a way to not only rackmount my Mac, but add PCIe slots to add additional components like NVMe ...", "content": "I debated buying a new Mac due to its limited options for expandability. This all changed when I found a way to not only rackmount my Mac, but add PCIe slots to add additional components like NVMe SSDs, video capture cards, dual 10 gig networking, and even testing a video card.Thank you to Sonnet for sending this xMac Studio / Echo III / M.2 8x4 Silent Gen4 PCIe Card to help complete my video editing / software development Machine!Disclosures: I was not paid I chose Sonnet and contacted them after researching alternatives SSDs are on loan and will be sent backThinking about expanding your Mac/Windows/Linux Machines? Check out Sonnet!📺 Watch VideoMore than a Rackmount CaseI racked my Mac Studio using this rackmount case and it gives me so many connectivity options. It not only serves as a rackmount but it also expands its capabilities by adding a Thunderbolt enclosure that can fit 3 full length PCIe cards and connects over Thunderbolt 3 or 4. This unlocks the Mac’s full potential by allowing you to connect PCIe cards like network adapters, video capture cards, or even add super fast storage using this 16x PCIe card that can fit up to 8 NVMe SSD drives. the xMac Studio rackmount case also has a built-in USB hub, cut outs that still let you access the IO ports, an easy to reach out button, and even an area to keep USB or Thunderbolt drives if you’ve decided to connect those.Sonnet xMac Studio enclosure with the Echo III expansion systemToday we’re going to take a look at the xMac Studio Pro Rackmount System from Sonnet, with the Echo III expansion system, and even one of their m.2 8x4 silent gen4 PCIe cards to add some additional storage. We’re going through all of this today, including the rackmount case, the enclosure, testing different cards that work with a Mac, and even do some speed tests using the included PCIe NVMe card. This kind of expandability makes it hard to know why the Mac pro even exists.I tested lots of PCIe cardsWhy a Mac Studio over a Mac Mini?I bet you’re wondering, why a Mac Studio, and why not a Mac Mini? I debated this for quite some time and even started configuring a Mac Mini and after I started comparing the specs of what I wanted out of a Mac Mini m2 and a Mac Studio m2, I found that for only 100 dollars more I was able to get twice the GPU cores (38 in total), twice the RAM (64 in total), 2 additional USB C ports, a media card reader, faster on board SSDs and even faster memory. I did have to reduce the storage down to 1 TB but that’s a sacrifice I was willing to make and knew I could supplement storage with a system like this from Sonnet. Don’t get me wrong, the Mac Mini is a great Machine but once you start getting into the upper end of the specs, you’re better off going with a Mac Studio. Oh, also sonnet makes a Mac Mini rack too, which I’d love to test out in the future as a Mac build / render server.If you’re going to increase the specs of the Mac Mini, at some point you’re better off getting a Mac StudioWhy Rack a Mac?The next question you’re probably asking is why rack a Mac system at all, I mean, aren’t they meant to be looked at? Joking. Kind of. I chose to rackmount my Mac Studio, not because it’s on brand (ding), but because I wanted better cable management. Wait, cable management? Yeah, cable management. Being a content creator, streamer, and developer, I have lots of cables and cords to connect lots of devices, like this 4kHDMI capture card that I connect cameras and devices to capture their output. The same goes for audio equipment, USB devices, XLR cables, and on and on. While building my server rack in my basement, I found that having everything in one cabinet, like a server rack, makes wire management much easier, or at least easier to hide. So recently I picked up a smaller server rack to rack both my Mac and my upcoming Windows / Linux build in a Sliger water cooled case.But there are many audio and video creative professionals who do rack their equipment and I am adapting it to fit my needs. Will it work? Let’s find out.xMac Studio Rack CaseThe xMac Studio rack mount case isn’t just a case to keep it safe, but a way to expand the capabilities of your Mac Studio.xMac Studio rakcmount case by SonnetFeatures: 3u rackmount Rack mountable with rails (we’ll mount it later) Rugged Easy to access, front panel is removable Power button 4 USB-A 3.0 Hub PCIe expansion Module SSD Storage Space for up to 2 Thunderbolt or USB SSDs Great for extra storage or even time Machine backups on the go Front to back airflow so nothing is recirculatedEcho III PCIe EnclosureThe enclosure that comes with the xMac Studio / Echo III combo is actually a desktop enclosure that converts to a rack mount enclosure. It’s the same internals but without the outer case from the desktop module. This is a professional level enclosure for creative pros and can be connected to any device that has a Thunderbolt connection, but I opted for the rack mounted version without the desktop case. Let’s take a look at it.Echo III PCIe EnclosureFeatures: 3 PCIe Slots One is 16x and the other 2 are 8x These slots can be filled with any cards you can think of with the exception of video cards due to Apple’s limitation, but we’ll populate some here in a few, even a video card for fun All 3 are PCIe 3 Power supply is a 400w power supply easily power everything connected 75w auxiliary power connector for cards that require extra power Automatically power on and off based on your Machine’s power 2 Noctua fans that are temperature controlled and variable speed Thunderbolt 3 (which is better than Thunderbolt for for this use case. See Sonnet’s video explaining the differences)So what am I going to put in the slots? Well one of them for sure is the Sonnet M.2 8x4 silent Gen4 PCIe CardM.2 8x4 Silent Gen4 PCIe Card (NVMe SSD)This is the Sonnet M.2 8x4 Silent Gen4 PCIe Card and it’s a professional level card. That’s blazing fast! It’s a 16x card, and the bandwidth is available to all of the connected NVMe SSD which help facilitate maximum speeds.It works with Windows, Mac, or Linux computers that have an x16 slot and is compatible with a variety of m.2 NVMe Gen4 and Gen3 SSDs, but you’ll want Gen 4 if you’re going for speed.This card is blazing fast!Here’s the cool thing about this card too, is that it doesn’t require a specific motherboard for raid or any other features, and it does not require PCIe bifurcation. PCIe bifurcation is just a fancy word that means taking something and dividing it into parts. If the card didn’t support this, we would only see one device or need a special motherboard, but because this card does support bifurcation the card presents multiple devices to the computer so we can see each individual drive. That makes this card very flexible. I did install 8 NVMe SSDs into this card, installed the thermal transfer pad to transfer the heat from the ssd drives to the cooler. This helps keep the drive cool and avoid any kind of thermal throttling.Loaded it up with 8 NVMe drives!Features: Eight M.2 NVMe SSD Slots on a PCIe 4.0 x16 Card Works with Windows / Mac / Linux Up to 64 GB Silent, no fans Though the case does have super quiet noctua fans This Sonnet card doesn’t require a specific motherboard to operate or specific SSDs to support RAID features – no PCIe bifurcation requiredThis allows me to connect 8 NVMe SSDs via Thunderbolt port using Echo III PCIe expansion enclosure which pops right into the xMac Studio.So let’s put all of this together, add some PCIe cards, and test various speeds and compatibility.Testing PCIe cards on a MacFirst of all, it’s worth mentioning that this card is really intended for a high performance server or desktop that is connected to a PCIe 4.0 device and can take advantage of all 16 lanes of PCIe. This is not the case with my Mac Studio since it is limited by Thunderbolt and the enclosure only supports PCIe 3.0. This because Thunderbolt does not support PCIe 4.0. I know this all sounds complicated, because it is 😀.When testing in this enclosure over Thunderbolt, here are the speeds I was able to achieve: ~2800 MB/s Read / Write.This speed test maxed out Thunderbolt speeds!This is roughly 22 Gbs, which is no slouch, but that’s a far cry from the 40 Gbs that Thunderbolt supports?This is actually the theoretical max of Thunderbolt, it reserves half for downstream devices like monitors so that card, enclosure, and even Thunderbolt is performing as it should. This isn’t a limitation of the card or the enclosure, it’s a limitation of Thunderbolt.I will test this some more in my next rackmount project which is building my new Windows/Linux workstation in a Sliger case that’s water cooled.As a side note, I tested many other cards which aren’t covered here but can be seen in the video!More than a Rackmount for a MacThis speed test maxed out Thunderbolt speeds!Overall, I am very happy with my Sonnet xMac Studio and Echo III module. If you’re looking to rack your Mac Studio, there are few mounting options, but xMac Studio offers the additional Thunderbolt expansion system that really takes this to the next level. The combination of these two give me the flexibility I need to use my Mac how I want to use it. Thunderbolt connectivity ensures that I can connect this to any system I want, a new, a Windows Machine, or Linux, and even if they are a laptop. Overall it’s a great system even if Thunderbolt has some limitations. Well, I learned a lot about Thunderbolt 3 and 4, the Mac Studio, the xMac Studio system and I hope you learned something too. And remember if you found anything in this post helpful, don’t forget share! Thanks for reading!Join the conversationI found a way to rackmount a Mac, add PCIe devices, and even add 8 NVMe SSDs! Spoiler alert, I tested a GPU and it did not work.https://t.co/btbnQ5SlKw pic.twitter.com/9per30lu5a— Techno Tim (@TechnoTimLive) October 5, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Turn Plex into a Powerful DVR", "url": "/posts/ota-tv-with-plex/", "categories": "homelab", "tags": "plex, tv, ota, epg, dvr", "date": "2023-09-18 08:00:00 -0500", "snippet": "Cut the cord and get free over the air TV with Plex! Today we’ll dive deep into selecting a TV tuner, an antenna, dialing in your TV signal, and configuring Plex to help you get the most out of Li...", "content": "Cut the cord and get free over the air TV with Plex! Today we’ll dive deep into selecting a TV tuner, an antenna, dialing in your TV signal, and configuring Plex to help you get the most out of Live TV and DVR!A huge THANK YOU to Plex for sponsoring this video during Plex Pro Week!Get started with Plex today! https://www.plex.tv/📺 Watch VideoTurn Plex into a Powerful DVRThere’s this great free resource out there that many people aren’t taking advantage of. It’s something that most homes can access absolutely free and that’s over the air TV. Now I know what you’re thinking, what year is this?? I know, it sounds odd talking about over the air TV in this day and age but I found a way to modernize it and make it more accessible with a little bit of hardware and a little bit of software from Plex.I have been using Plex for almost 10 years and one of the features that isn’t talked about that much and is one of my favorites is Live TV & DVR. I’m not talking about the free TV channels that Plex offers, although I will be talking about that a little bit later, I am talking about over the air channels like ABC, NBC, PBS, and many others to watch Sports, Local News, and more. And with ATSC 3.0 or NextGen TV rolling out in some areas, you can be sure that you’re getting the clearest broadcast possible with up to 4k resolution and uncompressed when over the air vs. 1080p and compressed from most providers. You’ll need a few simple things that I will cover in this video so you can start watching and recording Live TV today. So, full disclosure Plex is the sponsor of the original video and I want to thank them for asking me to share my deep dive on Live TV & DVR with Plex.Plex can be a powerful DVR to record or watch your favorite TV showsPlex TV & DVRWith a TV Tuner, an antenna, and a Plex Pass you can turn your media server into a powerful DVR to record your favorite shows or watch them live, even on the go. You can record any show in your area, whether that be sports, local news, or your favorite TV series and watch it from any device. Plex has apps for mobile devices, SmartTVs, gaming consoles, Apple TV, on the web and more. It’s hard to find a device that doesn’t have Plex.Watching Live TV is as simple as launching the app and picking a channel. This will stream the channel from your Plex Media Server to your device. After the Live TV stream starts, you can pause or even rewind Live TV. But if you start watching something that’s currently being recorded, you have the option to watch from the beginning or watch live. If you choose to watch from the start you can skip through commercials and get caught up to the live broadcast. This is a little life hack I use to watch something that’s live without the commercials. For something you’ve already recorded, there’s also this awesome feature that will allow you to skip commercials or remove them altogether. This is a great time saver and we’ll get this set up today too a little bit later.One of the best parts of Plex Live TV is you get the best EPG out there. EPG stands for electronic programming guide and it lists all shows for all channels along with some additional data like episode information and more. It’s how I know that Jeopardy! is on NBC at 4:30 local time, or that the episode of Nature is a rerun. It’s also what helps populate their powerful search in the Live TV section. I can’t stress enough how important it is to have a solid EPG when using a DVR, without accurate data you could schedule the wrong show to record or miss your show altogether. The EPG is even interactive on some clients, giving you a picture-in-picture guide while you browse the guide looking for the next thing to watch. And if you only watch a handful of local channels you can add channels to your favorites so you can quickly access them. Plex Live TV lets you prioritize your recordings so that I don’t get in trouble recording a rerun of Nature instead of the latest episode of The Bachelor. We’ll talk more about the EPG, recording priority, how not to miss your favorite shows when scheduling recordings a little bit later.Plex’s EPG is the best Electronic Programming Guide out there!Setting Up Live TV & DVRSo, what do we need in order to have our very own DVR? I know all of this sounds complicated but it’s much easier than you think. You’ll need a couple of things, all of which I use in my own home and have been recording TV for years, so you can be sure that this setup will also work for you.TV TunersFirst, you’re going to need a Plex server and a Plex pass. Next you’ll need a TV Tuner and an antenna. I’ve used a lot of TV Tuners in the past but the best tuner by far is one from SiliconDust, it’s the HDHomeRun Flex 4k. This nice little device sits on your network and converts a TV signal into a video stream so that your Plex Media Server can consume it and even change the channels when requested. This one in particular has 4 tuners inside that allows you to watch or record up to 4 channels at once. This one also supports the new ATSC 3.0 NextGen TV that we talked about earlier - so it’s future proof!Silicon Dust’s HDHomerun TV Tuner will get you up and running in no time!AntennasAnother important thing you’ll want to have is an antenna that connects to our tuner. Antennas come in all shapes and sizes and depending on where you live, you might be able to get by with a small indoor antenna. If you’re in the US, there’s a great site to help you determine your distance from TV towers which might help you choose the right antenna. You can visit the site, enter your location, and see how far away you are from TV towers, their location, and get an estimate of the signal strength to your location. Based on this legend you can make a better decision about the antenna you choose.Selecting an antenna is key to getting the right reception!Here are my recommendation for choosing an antenna: If you’re close to the TV towers and want something low profile, or you live in an apartment or condo and can’t put an antenna outside, go with a flat antenna which is thin, low profile, and can be placed in a window or on the wall. This flat antenna from Channel Master (affiliate link) should work great if most TV towers are in the green or yellow. It’s slim, low profile, and can be attached to a window or wall. If you’re further away from the TV tower or you just want the best reception, I recommend picking up something like this Antennas Direct antenna (affiliate link) that can be used indoors or outdoors. It’s not the best looking antenna but it has a great range and will work better than the flat antenna if you can hide it or aren’t concerned about aesthetics. Either way, you’ll want to mount it somewhere in your home, the higher the better, outdoors or an attic will work best. I got lucky when I moved into my house because the previous owner installed a massive long range antenna in the attic and ran a coax cable to the basement. Having one in the attic above the trees and other houses is one of the best places for an antenna.Hooking Up Your Antenna & TunerOnce you have your antenna and tuner, go ahead and connect your tuner to the network and connect your antenna to the coaxial terminal and then finally, connect the power to the tuner.A word of caution, you might be tempted to buy an amplifier but I would recommend against it until you truly know that you have a weak signal, you run the risk of introducing noise and interference. We’ll see this later on and from there you can determine if you need a signal amplifier (affiliate link) or not.Once your tuner is on the network, visit tuner’s web page by typing in the IP address in a browser. Here you will see the landing page for your device. If you see a message to update your firmware I would update it before continuing, it will only take a minute, plus, who doesn’t love updating firmware 😀Once it’s updated you can see the tuner status and more information about your tuner. Next we want to see which channels our tuner can detect. We can do this by going into the channel lineup and clicking “Detect Channels”.This will scan for all of the channels you can pick up using your antenna. Now your mileage may vary depending on your area and how close you are to the TV towers, but it’s a good idea to compare the results to what you expect. If you aren’t seeing the channels you expect, you might need to adjust your antenna or think about getting a signal amplifier, however I’ll show you how to check the signal strength in a little bit.One thing you might have noticed is that little plug that I have connected to my HDHomeRun. This is a signal filter (affiliate link) that will filter out LTE and 5G signals from the line. I’ve noticed that as more cell phone towers go up, the more they can interfere with my antenna, so I popped this little filter on to filter out those frequencies. If you’re wondering what interference looks like, it’s that weird pixelated blocking that you see sometimes when watching TV. This isn’t going to magically make channels appear out of nowhere or boost the signal, it’s just there to take away the noise created by cell phone towers.Once we’ve got our tuner all set up, make note of the IP address because we’ll need this for configuring Plex.You might need to pick up an LTE filter to filter out 5G noise!Setting up Plex for Live TVNow that we have our TV Tuner and antenna set up, we can now configure this in Plex! You’ll need to sign in to your Plex Media Server and then go to settings. In the Manage section you should see Live TV & DVR. Here you’ll want to configure a new tuner. When you try to add a new tuner, it will try to search for your tuner and in most cases it will find your device. If it doesn’t you can manually add your device by typing in the IP address of our tuner. Once it’s added you’ll need to set a few settings for Plex. You should choose an antenna, your home country, and your Postal Code. The postal code is needed to download the EPG. Once you’ve set this, you will then see a list of all the channels we found earlier. You can scan again or even remove channels however I wouldn’t remove channels here, I would just create favorites later. If you’re happy with the list, click continue. Plex will start to download the latest guide and after a few minutes we should see all of the TV shows that are available!Recording Live TVThe channel guide can be found in the Live TV section. Here we can see a list of all of the shows we can watch or record. This will look different on different clients but the experience is mostly the same. The live TV feature is pretty self explanatory, we can scroll through channels and when we see something we want to watch, we just click on it. This will start a live stream. You can even pause or rewind a Live TV show, pretty cool.So you can see that I have a pretty good signal and quality but what do you do if you don’t have the greatest picture quality? Well, earlier I mentioned that we could check our signal strength for a broadcast to determine if we need to adjust our antenna or think about a signal booster. This might work differently depending on your tuner, but if you’re using a SiliconDust tuner like the one I am using, the easiest way I have found to do this is to start a live show and then go to your tuner’s homepage while the show is playing. Once here go into Tuner Status and choose the tuner that’s being used, which you can see in the Summary. Click on the tuner that is in use and here you can see the status. The most important stat here is Signal Quality. The higher the better. If you notice that this is noticeably low and your TV stream isn’t the greatest you can try adding a signal booster or a line filter to try and clean it up. I will have links to this and all of the other hardware we talked about today in the video description. So, back to recording from the channel guide… After selecting a show, if you want to record a show all you have to do is click the record button. From here you can choose whether you want to record new airings only, new and repeat, and which library you want to save it to. I have multiple libraries, TV Shows and Recorded TV. That’s because I wanted to separate the two but that’s totally up to you. It’s as simple as creating a new library and setting the type to TV Shows. You will then see this option when scheduling recordings.Scheduling to shows to record couldn’t be easier with their great EPG!You also have some additional settings in “Show Advanced” but we won’t change them here, we’ll apply these to all recorded TV a little bit later. After clicking record we can now see that we have a record icon on the show, letting us know that it’s currently being recorded. You also have lots of quick actions when hovering or clicking on shows where you can schedule recordings or even cancel recordings, it’s pretty handy.One thing you might have noticed is the categories across the top. Most of these are self-explanatory, however there’s one named Plex Channels that is different from the rest of the TV channels. These are FAST channels or Free Ad-Supported Streaming Television. It’s streaming TV that can be watched at any time. They aren’t channels that you can find over the air from your local TV stations, but channels that stream content 24/7, like for instance if you wanted to binge watch Top Gear or the Price is Right classics, there’s a channel for that. But, back to recorded TV.Watching Recorded TVOnce a show has recorded it will be in your Library you set for recorded TV, the default is TV Shows. Once here you’ll see a similar experience that we see for Movies, you’ll have a “Recommended” section, a “Library” section, and a “Category” section, and view controls for your media. Clicking on your show will bring you to that show and from there you can see all of the recorded seasons for that show and if you want to get to your show you click into the season to get to your episodes. Once you are on your episode you can see more details about it like the date it aired, how long the recording is, the rating, and even details about this episode. You can also switch the track to another language and choose your subtitles if the broadcast supports it. After clicking play the video will start and you can watch it as you normally would!Watching recorded TV is just like watching other media, complete with all of the artwork and metadata you’re use to seeing with other content!AutoSkip Intro, Commercials, CreditsOne of the best features that comes with Live TV & DVR is Intro Skip and Commercial Skip. If enabled Plex can detect intros, commercials, and even credits to help you watch more TV without interruptions. When playing a show where an intro is detected, you will see a skip intro button in the bottom right corner that you can click on and it will skip right to the show. This also works for commercials too! When a commercial break starts you will see a button to skip Ads which will skip right to where the show picks back up! Now it’s not perfect but I’d say it’s pretty close for the shows that I watch. It’s not enabled by default so let’s enable it!We can do this in our library settings which you can find in the Manage section. If we edit our Recorded TV library and go to “Advanced“ we should see a few settings in here that help us skip unwanted content. Be sure that “Enable Intro detection” and “Enable Credits detection” is turned on and then for the “Ads detection” setting you’ll want to choose “For recorded items” . This enables ad detection for new recordings. If you’ve already recorded TV with Plex or from another TV you can turn on “For all items” to force a scan of all items in this folder.Great, once that’s turned on it should now add these markers so we can skip unwanted content. This detection does take a few minutes and only starts after a show is done recording. Also, you won’t see new recordings in your Library until it is done doing the detection. Now we can skip all of that unwanted content and watch TV like a pro. Like this show right here, if we start playing you can see it detects the intro that we can skip through if we like, and then once we get to a commercial break it will prompt us to skip it we like, and if it detects credits it will do the same.Skipping commercials, intros, and credits makes watching OTA a breeze. No more wasting time!DVR SettingsNow there are some additional settings you can choose for skipping commercials like removing them altogether. This is in the DVR settings where we can set our default settings for new recordings. In the “Detect Commercials” setting you can choose from “Disabled”, “Detect”, “Mark for Skip”, or “Delete”. “I would recommend setting this to “Detect and Mark for skip” rather than setting it to “Detect and Delete” because deleting is a destructive action and while Plex commercial skip is really good at detecting commercials, it’s a lot safer to just add markers than accidentally delete part of your show. As for the rest of the settings in here, I have only adjusted a few. I set the resolution to Prefer HD. I don’t replace lower resolution items, I do allow partial airings, and I don’t adjust the minutes before and after a recording. Shows are pretty good at starting and ending on time, but if you find that you want to record a minute or two before and after, adjust the setting here. Live broadcasts that go over the scheduled time like sports might be a good good reason to add some padding at the end of the recording so you don’t miss overtime! Also I enable a refresh of the guide data during the maintenance window and for me that’s 2am.Adjusting Recording PrioritySo now that we have scheduled some recordings, how do we make sure that my reruns of Nature and NOVA don’t get scheduled instead of my wife’s show The Bachelor? (You’ll only make that mistake once). We can do this easily by adjusting our recording priority. If we go back into the Live TV area and choose the DVR Schedule we can see everything that’s scheduled to record and on the far right we can see our Recording Priority. This is where we can drag and drop to reorder our shows with the highest priority being at the top. This helps when there are scheduling conflicts due to the tuners being in use when recording or watching live TV. I have 4 tuners so I rarely have a conflict but if I did this is how it will choose to prioritize one recording over the other. Let’s say for instance I wanted to get in trouble again and prioritize Nature over The Bachelor, Survivor, and even Big Brother, I would just drag Nature all above all of those shows like. This would ensure that if there was ever a conflict or not enough free tuners, Nature would record instead of all of these shows. OK, let’s move this back before I get in trouble again.Be sure to adjust your recording priority so that you can be sure your tops shows record over others if you run out of tuners!Channel FavoritesNow that we have everything set, there’s also this small feature to make your life a little easier when channel surfing and that’s Favorites. As you can see from my list of local channels, I have a lot of channels that I almost never watch but at the same time I don’t want to remove them from my channel lined up. This is where favorites come in. I like to add all of my favorite channels to my favorites list so that I can easily browse them when I am looking for something to watch. You can even add some of the Plex FAST channels to your favorites too! I really like the BBC Earth channel, PBS Nature, and the Modern Marvels channel and I have added those to my favorites too. They have over 600 to choose from, so there’s no shortage of content there. Now, if I switch and go to my favorites, I can see a quick list of my favorite channels without skipping around through all of the channels I rarely watch.MobileNow just because I did all of this from a browser doesn’t mean you have to do it here too. Plex’s mobile app works great for watching live TV, previously recorded TV, and even scheduling recordings. There have been many times where my wife and I are out and about and hear about a new show that’s airing soon and it’s now second nature to immediately schedule it to record. I just open up the app, go to Live TV, Search for the show, and schedule the recording. It’s super simple and convenient to do.The mobile app is not only great for watching shows, but also scheduling a recording while you are on the go!ConclusionSo that’s everything you need to get started today to record live TV like a pro. I’ve been using this setup with Plex for years and it’s everything I could want in a DVR system, from high quality over the air uncompressed video and audio, to an accurate EPG, to how easy it is to schedule recordings anywhere on any device, to commercial skipping and so much more. I want to thank Plex again for sponsoring this video and thank you for watching. Well, I learned a ton about live TV, antennas, network tuners, and Plex, and I hope you learned something too. And remember if you found anything in this post helpful, don’t forget to share!Join the conversationSTOP Paying for TV and cut the Cord for good. I haven't paid for OTA TV in over a decade, and neither should you. I made a guide on how to build your own DVR with @plex for their Pro Week!Check it out 👉https://t.co/3dZ7Ca9ru3 pic.twitter.com/bmAoSOEl8t— Techno Tim (@TechnoTimLive) September 18, 2023Where to Buy📦 Products in this videoTV Tuner that supports 4K and up to 4 streams!https://amzn.to/3r1v3SLFlat Indoor Antennahttps://amzn.to/3Z5AQmRIndoor Outdoor Antenna with 60+ mile range!https://amzn.to/3sHLST3Adjustable Gain TV Antenna Preamplifier with LTE Filterhttps://amzn.to/3LgwB26LTE / 5G Filterhttps://amzn.to/3Pax72JAntenna Splitter with Power Passthroughhttps://amzn.to/3sLTZy4Solid Copper Coax Cable (NOT copper clad)https://amzn.to/3r3fhqkLTE / 5G Filter Alternativehttps://amzn.to/3PtSV9VSee the whole kit!https://kit.co/TechnoTim/build-you-own-dvrLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "45 HomeLab HL15 and more at the Creator Summit", "url": "/posts/45homelab-hl15-creator-summit/", "categories": "homelab", "tags": "hardware, 45drives, hl15, 45homelab", "date": "2023-09-14 08:00:00 -0500", "snippet": "I took a trip with 3 other Tech YouTubers to 45 Drives Headquarters to see the new 45 HomeLab HL15 and other devices during their first ever Creator Summit to discuss storage! We take a look at lo...", "content": "I took a trip with 3 other Tech YouTubers to 45 Drives Headquarters to see the new 45 HomeLab HL15 and other devices during their first ever Creator Summit to discuss storage! We take a look at lots of Storinators, the HL15 HomeLab, all flash Stornados, and even the Storinator Jr.!📺 Watch VideoInfoIf you’re looking for details on the Creator Summit, you can read all about it in a previous post!Thank you so much to 45Drives for paying for this trip to the Creator Summit!Thank you to Jeff Geerling, Wendell, Jeff from Craft Computing, Tom Lawrence, Alan Nagl, and Dave Dickerson for teaching me so much during this trip!Where to BuyPre-sales for the 45HomeLab here: https://presale.45homelab.comYou can check out the 45HomeLab here: https://45homelab.comJoin the conversationI took a trip with other Tech YouTubers to 45 Drives Headquarters to see the new 45 HomeLab HL15 and other devices during their first ever Creator Summit to discuss storage!@45Drives @Level1Techs @geerlingguy @CraftComputing @TomLawrenceTechhttps://t.co/0oOd22mHB7 pic.twitter.com/U1VO6IlQb0— Techno Tim (@TechnoTimLive) September 14, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "45Drives Creators Summit on Data Storage - Day 1", "url": "/posts/45drives-creator-summit-day-1/", "categories": "conferences", "tags": "45drives, storage, ceph", "date": "2023-08-20 08:00:00 -0500", "snippet": "45Drives HQ Located in Sydney, Nova Scotia, CanadaI was invited to 45Drives Headquarters in Sydney Nova Scotia Canada for a Creator Summit on Data Storage. 45Drives invited Tech YouTubers like Jef...", "content": "45Drives HQ Located in Sydney, Nova Scotia, CanadaI was invited to 45Drives Headquarters in Sydney Nova Scotia Canada for a Creator Summit on Data Storage. 45Drives invited Tech YouTubers like Jeff Geerling, Wendell Wilson, Jeff from Craft Computing, Tom Lawrence, and myself for a 3 day event to meet the 45Drives team and other experts in the storage space and discuss the future of storage.If you want to see the video of this tour, you can check it out here!The TourWe got a tour of the labs where they are cooking up some new storage systemsDay 1 started out with a tour of the 45Drives HQ. The office is new, fully of natural light, and very modern. One of the last stops was to visit the labs area where they were testing hardware, cluster configurations, and even had some prototype devices.A Storinator that includes both 2.5” drives and 3.5” drivesStorage SolutionsThe first stop was the Storiantor Hybrid F8 x1. This is an interesting configuration because it combines both 3.5” slots of high density drives and 2.5” slots for SSDs. THis something I have been particularly interested in because I’ve modified my Storinator to do just that. This one solution would allow me to keep my workloads that need fast storage, like virtual machines, on up to 8 SSDs, while still giving me 12 bays for HDDs that could store all of my “slow” data like videos, images, and documents.All flash Storinator!The next stop was the Stornado Gen II 2U SATA. This machine is specifically designed for speed and offers 32 slots for all flash storage. This is also something that I am interested in, not only because it would allow me to move to an all flash solution, but also because it comes in a 2U factor and would help reduce energy costs. THis does mean however that I will have to spend more on SSDs so not sure if there’s a real cost benefit for my specific application. (Still want all flash storage though! 😂)The Storinator Homelab H15 (prototype)The next stop was one of the most anticipated devices for me (being part of the HomeLab community) that was the 45 Homelab HL15. This device is meant to meet the needs of Homelab enthusiasts. This machine has the same build quality you would expect from a 45Drives system and has very similar parts and storage as their enterprise versions. One of the cool things about this version is that it can be rack mounted or stand alone as a desktop. One thing you’ll notice too is that it uses a standard ATX power supply which is a welcome addition for something that will be primarily used by consumers which will allow them to use commodity hardware. 45Drives have said that they will sell this devices in a few configurations, per their website:The current server under development is a 15-bay, 4U chassis that will be offered in three options: Fully built system – including CPU, RAM, etc. Chassis with backplanes and PSU Chassis with only backplanesIf you’re interested I would highly recommend signing up for their newsletterThe Storinator Jr., a Raspberry Pi based storage server (prototype)The next stop was the Storinator Jr. This device is only a prototype but was inspired by Jeff Geerling’s Petabyte Pi project. The idea is simple, create a “mini” Storinator that is backed by a Raspberry Pi, but the technical limitations of the Pu were almost insurmountable. You’ll have to check out Jeff’s video for all of the challenges he had to overcome. To be clear, this was only a R&D Project and this product may never come to market, cool nonetheless.Mitch Hall discussing Ceph at 45 Drives_Creator Led DiscussionsWith the tour out of the way it was time to hop into our tech discussions. 45Drives kicked it off with talks from their CO-founder, architects, sales, and more. The topics ranged from the history of 45Drives, Ceph Clustering and “Cluster for Everyone”, to even ransomware protection using Snapshield which can quickly terminate connections from a suspected infected device.Me (Timothy Stewart) discussing 45Drives at Home(Lab)After that, it was my turn. For context, all creators were asked to share a topic related to storage, and I felt the most valuable thing I could talk about was my experience with a 45Drives Storinator at home. Also, in case you didn’t know, all current Storinators target enterprise customers and so I thought it was a rare opportunity to give them feedback about using and converting one of their storage servers for home use. This might be something that they would incorporate into their Homelab product. And yes, I did throw in the RGB idea. We’ll see how that goes…Jeff Geerling discussing the history of 45Drives & Content CreatorsUp next was a discussion led by Jeff Geerling. This was an interesting talk about the history of 45Drives involvement with content creators raging from Linus, to MKBHD, to iJustine, and even their recent round of creators (all of us). Jeff also analyzed each of the videos and broke them down into why they were successful vs ones that weren’t particularly successful (from a YouTube views perspective). He talked about his process, script writing, and even storytelling and offered some feedback on how they could improve their reach on their own content if they focused more on story storytelling with a hook. This is something that I definitely need to work on too, so I will be trying to apply this more to my future content.Alan Nagl giving a deep dive on hard drive technologyNext was Alan Nagl from HDStor who did a deep dive on hard drives, how they work, and how the “SSD will never replace the HDD”. I learned quite a bit about about hard drives, how they work, HAMR hard drives and as a bonus learned all about helium filled drives at dinner. Alan is a wealth of information when it comes to storage!Tom Lawrence discussing ZFS and Ceph solutionsLast but not least was Tom Lawrence from Lawrence systems. He joined virtual because he couldn’t attend in person but his topic was a discussion on how to position clustering in the market vs single server solutions. Tom had a lot of the same questions I had about Ceph, when to use Ceph, and at what point does Ceph make sense over a large ZFS pool.Outside of lunch, dinner, and lots of snacks, that pretty much summed up the day. Lots of great talked and more to come tomorrow!Join the conversationIf you're curios what we've been up to here at at 45 Drives here's my recap of Day 1https://t.co/qWvzC4XdHd— Techno Tim (@TechnoTimLive) August 25, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Use Windows like a Pro! - PowerToys Tutorial", "url": "/posts/windows-powertoys/", "categories": "utilities", "tags": "windows, powertoys, productivity, microsoft, open-source", "date": "2023-08-20 08:00:00 -0500", "snippet": "Today we’re going to maximize your Productivity on Windows with Microsoft PowerToys. I’ll show you step-by-step how you can use, customize, and be more efficient when using Microsoft PowerToys.📺 Wa...", "content": "Today we’re going to maximize your Productivity on Windows with Microsoft PowerToys. I’ll show you step-by-step how you can use, customize, and be more efficient when using Microsoft PowerToys.📺 Watch VideoWhat are PowerToys for Windows?PowerToys is a set of utilities and apps that help you enhance the functionality of Windows and maximize your productivity. These tools provide a range of features, shortcuts, enhancements, and various ways to make you more efficient when using Windows. It also has some features that you might have seen in other operating systems but can be enabled in Windows too with PowerToys.If you haven’t heard of PowerToys or it’s been a while since you’ve looked at all the features, sit back as we go through every utility in the PowerToys suite and by the end of this video you’ll be be a pro, or at least you’ll look like one while using Windows. PowerToys is open source and is being rapidly developed and they are adding new features with almost every release. So hopefully byu the end of this video I will have convinced you to install PowerToys and hit the like and subscribe button. Once installed you’ll have a little icon in your system tray where you can launch individual applications, toggle features on and off, or see all settings for all applications.To get started, download and install PowerToys.Always On TopKeep a windows on top with Always On TopWe’ll start with Always on Top. This allows you to pin windows on top of all of your other windows. This is helpful for those times when you want a window to always hover above all other windows, regardless of which window is in focus.To activate it you press: ⊞ Win+Ctrl+TThis will play a sound and show a border around the window that will always be on top. Now if you try to drag a window on top of this window it will remain on top. You can adjust the color mode for the border and choose any color you like or just stick with your theme’s default. You can also adjust the thickness of the border and choose whether or not you want to round the corners. Finally, you can also choose to enable or disable the sound when activating. You can also choose to exclude apps from pinning on top by entering the process name here. After adding it here, this process will ignore the shortcut to activate Always on Top.AwakeKeep your computer awake without adjusting your power settings!Awake is a quick way to keep your computer away without having to adjust any of your power & sleep settings. This is helpful when running demos, conferences, or any other task where you want to be sure that your device doesn’t go to sleep or turn off its screen.In the settings for this utility you can choose to keep using the selected power plan, which means it will not affect your power settings at all.If you change it Keep away indefinitely, your computer will stay awake until you explicitly put the machine to sleep or your exit or disable the utility. This also activates the Keep screen on setting, which gives you the option to also keep your screen on too.If you choose to keep away for a time interval you can choose how long you want the utility to stay in this mode before reverting back to the previous state. Once the timer is up, it will revert back to the default setting.The last setting, keep awake until expiration allows you to choose a date and time to end awake mode. This is Like the previous setting, after this expires, it will revert back to your previous setting. This is handy if you have a specific date and time you want to end awake mode.Color PickerPick a color from any running application using Color Picker!Next up is Color Picker and this is one of my favorite utilities in Power Toys. It lets you choose a color from any currently running application and you can copy it in a configurable format to your clipboard. Unlike color pickers for browsers, this works system wide and is great for creatives and developers.To activate the Color Picker press: ⊞ Win+Shift+CThis will activate the color picker window where you can drag your cursor to any item on the screen. You will see a color preview and the color value in a specific format that we can change. To sample the color, just click and it’s on your clipboard ready for you to paste.We have lots of nice options we can change in the settings for this utility, for example, we can choose what happens when we activate the color picker, we can choose to open the editor, pick a color and open the editor, or only pick a color. I set mine to pick a color and open editor because this gives me a popup after choosing my color where I can choose the one of the supported color formats to choose from. I can copy the value to my clipboard to use it. It also has a history feature on the left where I can choose previously sampled colors which is nice if you use this tool often. If you want to fine tune the color you picked, the editor will also show 2 shades darker and 2 shades lighter in the editor window at the top. If you want to go back to the previously selected color it will be in your history. Also, you can choose to customize the color even more by clicking on the color at the top middle and making adjustments using the slider.You can also choose the default color formats to choose from and even add your own if you don’t see one of the 3 that come out of the box. I typically only use HEX and RGB in my day tyo day but it’s nice to know you have the option to add more.Another thing I usually turn on is showing the color name. This is handy if you aren’t great at color recognition and need a way to describe this color to someone else. Just toggle it on, activate the color picker and you will see the name of the color that it matches.FancyZonesCustomize your windows layout using FancyZones!The Windows manager in Windows is ok and is improved in later versions of Windows but FancyZones take this to the next level. FancyZones is a windows manager utility for arranging and snapping windows into custom layouts to help you work the way you want to with your windows and allows you to quickly restore them too. This is one of the most feature rich utilities in the stack so I’ll try to break down the most important parts to get you going fast.If you’re going to FancyZones I would recommend letting FancyZones override the default Windows Snap that’s built in. You can do this in the settings and toggling on the override settingsNext let’s choose a default layout for our zones.You can activate this by pressing: ⊞ Win+Shift+`Here you can choose one of the existing templates or create your own. Let’s choose one of the existing ones for now.After choosing a template you can now drag a window while holding Shift and you will see your zones appear. As you move the window around you will see zones you can snap this window too. If you want to snap zone 3, just drop it in zone 3 and it will fill this area. You can repeat this for any window you have open.If you want to do this without using the mouse, you can press: ⊞ Win+left/rightFor example if you want to move a window into one of the zones, while the window is in focus press ⊞ Win + right multiple times to cycle through the zones. Once you find the zone you want, just let go of the ⊞ Win key and you’re done!Once you start snapping windows in the same zone, you might find that you want to switch between windows that are snapped to the same zone, you can easily do this by selecting a window in that zone and then pressing ⊞ Win+PgUp/PgDn. This will cycle through all windows snapped to this zone.If you want to customize a zone template you can do so by pressing ⊞ Win+Shift+` and then editing your template and adjusting some of the options. You can increase the number of zones, increase the space around zones, and even the distance to highlight adjacent zones which is helpful when trying to merge 2 zones together when dragging a window around.If you’re not happy with existing zone templates you can create your own by using the Zone EditorIf you activate the Zone picker with: ⊞ Win+Shift+` You will see this button at the bottom that says create new layout. If you click, you can create your own custom zones in either a grid layout that snaps windows into place without overlapping, or canvas which is kind of free form and will allow you to overlap windows.Now there are many more customization options in the settings like changed colors, multi monitor supportFile LocksmithUnlock those pesky locked files using File Locksmith!File Locksmith is a nice little utility to help you know which files are in use and by which process. This is really helpful if you are trying to figure out which application is locking a file. For example if I right click on this folder and select “What’s using this file?” it will check to see if any of the files in this folder are being used. We can see here that I have a document opened with Word, Excel, VSCode, and even explorer. I can expand the details of each and see what the specific files are. I can even end the task from here, killing the process and removing the lock. Just be careful if you end the task, it will kill all instances of it.File Explorer Add-onsMake Windows Explorer more useful with these add-ons!This File Explorer add-on utility adds some additional functionality to Windows Explorer. The first setting allows you to preview additional file types in the preview pane on the right. To toggle on the preview pane you can press Alt + P. With this setting toggled on you can now see previews for SVGs, Markdown, Source code files, PDFs, and gcode files. The other setting with this the File Explorer add-on utility allows you to see more thumbnails inside of explorer when browsing your file system. This can be handy if you work with these types of files, letting you easily see a preview of the file before opening.Host File EditorNever make a mistake again editing your host file with Host File Editor!The Host File Editor utility allows you to quickly make changes to your host file. Your host file is the first place Windows looks to resolve IP addresses and although not common unless you are in IT, you might have some non standard items in this list. The host file editor makes it easy to edit this file without making mistakes. You’ll want to be sure that most of the settings are at default in order to get the most out of this utility and that’s “launch as administrator”, “show a warning at startup”, “top being the position of additional content”, and the encoding being “UTF-8”. You can then launch the host file editor and quickly add additional host entries without having to edit them manually. You can add comments, toggle them on and off, reorder entries moving them up and down, run a test ping, and even see the original host file by clicking on this button.Image ResizerBulk resize images with Image Resizer!Another great feature of Power Toys is the image resizer. The image resizer lets you bulk resize images just by right clicking and then choosing “Resize pictures” This will pop up some options where you can choose the output for the resize. There are some presets that you can adjust in the settings but the default options are best. After choosing your size and clicking resize, Windows will batch convert all of them files for you. By default it will make copies so it’s safe to run, but this can be changed easily when resizing your files. There are also more settings you can choose from in the image Resizer settings. Still waiting on that webp option.Keyboard ManagerTake control of your keyboard mapping using Keyboard Manager!The Keyboard Manage is a nice little utility that allows you to remap your keys on your keyboard. This is handy if you have an odd keyboard or want to customize some unused keys. For example if we want to remap a keep that is rarely used, at least form, like the CapsLock key, we can easily do that by opening the utility and then either selecting or pressing our physical key of CapsLock and then selecting or typing the key you want to map it to. I chose to enter. When saving you will see a warning about CapsLock no longer being mapped but that’s ok since I never use it. You’re free to remap this if you like. After saving this, you can now see that my CapsLock key is working just like my Enter key! Well, looks like I can’t yell at anyone on the internet anymore, so let’s un do that. JKYou can also remap shortcuts if you like. If we wanted to remap the control + c shortcut to control +v in chrome only, we can do it like this. This will now override the copy function with the paste function only when in chrome. Confusing, but it works great.Mouse UtilitiesGet some help for your cursor with Mouse Utilities!Mouse Utilities is another one of my favorite Power Toys in this suite. It is a collection of features that enhance the mouse and cursor functions on Windows. It has 4 different features, the first being FInd my Mouse.Find My Mouse highlights the position of the cursor when you press the left Control key twice. This is helpful if you can’t find your mouse or even when giving demos to emphasize an area in your demonstration. I use this quite a bit to help viewers focus on what I am focusing on. You can change many aspects of this spotlight and animation, making it just the way you like. You can even change the activation method so if you don’t like pressing left control twice, you can just shake your mouse until it activates.The next is Mouse Highlighter, this will highlight left and right clicks of your mouse. You can activate it by pressing ⊞ Win+Shift+H. Once activated left clicks will be the default color of yellow and right clicks will be the default color of blue. If you want a different color or experience all of these can be adjusted in the settings.The next is Mouse Jump. You can activate it with ⊞ Win+Shift+D and then it will show you a screenshot of your desktop. If you click on an area in the image, it will jump your cursor to the location that was clicked. This is great for large monitors where you need to travel great distances. Maybe one day I will have a monitor with a resolution this high to where I need something like this.The last one in Mouse Utilities is Mouse Pointer Crosshairs. If you activate this with ⊞ Win+Alt+P it will draw crosshairs centered on your mouse pointer. You can adjust any of the settings for the crosshairs in the Appearance & Behavior section.Mouse Without BordersRemote control up to 4 machines using one mouse and keyboard with Mouse Without Borders!This is by far one of the coolest features of Power Toys and probably the most complicated. Mouse Without Borders allows you to control up to 4 computers from the same machine with only one keyboard and mouse. Think of it like extending your desktop across multiple machines but you can remote control all machines from all machines. This will make more sense in a bit. You’ll need at least one additional machine with Power Toys installed. Once you have Power Toys installed on all machines, be sure that Enable Mouse Without Borders is turned on.On the first computer, select New Key to generate a new security key so you can securely connect. Then on the second machine enter the Security Key that was generated on the first machine and enter the first machine’s name. Then select connect. You will then see both machines appear in the device layout. You can rearrange them here to match their physical layout. Now you can switch between each computer by just moving your mouse cursor to the edge of the screen and it will transition between computers! You can add additional computers by repeating this process! Another cool thing I learned is that you can also go the other way too and control your primary machine from the secondary, just start moving the mouse over the shared edge and it will jump back to your main machine!There are lots of settings and features that you can play with, but some worth mentioning are:sharing the clipboard between machines. This is allows you to copy text from one machine and paste it into another andCopying files between machines. Files less than 100 MB can be transferred too! This is as simple as copying a file and then pasting it. You will see the file transferred using the clipboard. Pretty cool!If you ever want to disconnect from other remote machines, you can simply generate a new key and the others will drop.There are additional settings, keyboard shortcuts, and even a troubleshooting section that I encourage you to explore once you’ve set this up.Paste As Plain TextRemove all formatting when copying and pasting text with Paste As Plain Text!Paste as plain text is just what it sounds like, it will paste text as plain text without the additional formatting. This is super helpful when you are copying something from the web and pasting it into a document. To fix this all you need to do is enable Paste as Plain Text in Power Toys and then when pasting just ⊞ Win+Ctrl+Alt+V and it will paste your text without the formatting.PeekGet a quick preview of your files without switching context with Peek!Peek is a nice little utility that lets you preview a file without opening it up and without scaling up explorer. To use Peek, be sure it’s turned on and then select a file in explorer and press Ctrl+Space. THis will bring up a preview window where you can check out the file and even arrow through files if you have multiple. Then to close just press the same keys Ctrl+Space and it will close the preview.PowerRenameRename multiple files like a pro with PowerRename!PowerRename is another one of my top used Power Toys. It’s a bulk renaming tool that has a ton of flexibility for managing file names in bulk. To use it, be sure it’s enabled and then select a group of files you want to rename and right click. From there you will see the PowerRename option. After clicking it you will see a new interface that will help you rename files along with a preview. You search within a file name for specific text and even use regex if you like. You can then add text to replace the found text. You can apply it to extensions, files, folders, and sub folders. You can also shift the case to lower, upper, title case, or capitalize each word. You can even enumerate each item, basically giving them a numeric suffix. One other cool thing you can do is use variables in the file name. You can see a list of variables by licking the info button. From here you can click variables and it will add them to the text to replace. Once you are satisfied with the text, you can apply it and it will batch rename all of your files!PowerToys RunQuickly launch applications, do calculations, and more using the missing app launcher for Windows, Run!PowerToys Run is one of those features that once you start using it’s hard to go back to the old way of doing things. It saves so much time and you look cool doing it too. PowerToys run is a quick launch utility that when pressed will allow you to launch applications, do calculations, even search the web just by typing and it’s way faster than the start menu.To launch PowerTypes Run press: Alt+SpaceFrom here you can do simple things like launch applications. If you want to launch Chrome just type “chrome” then hit enter. Easy enough. You can also search for files, settings, and even the web. You can also do some advanced searches using plugins. For example if you want to do calculations, you just type in the expression and it will compute it and if you want to copy the value to your clipboard you just hit enter. If you want to base64 encode something you can just type #base64 abcdef and see the value and hit enter to copy it to your clipboard. If you want a guid, just type #guid and it will generate one for you. There are lots of plugins you can explore in the settings or toggle off if you don’t plan on using them. Definitely worth checking out all of the available settings you can change if you’re going to use this feature. Super powerful, super cool.Quick AccentNever misspell jalapeños again with Quick Accent!Quick Accent is a quick way to type accented characters, this is especially useful when using a keyboard layout that doesn’t support the specific accent.For example on a US English keyboard layout there isn’t an easy to type “ñ”. This makes it hard to type jalapeños. But don’t worry, with the Quick Accent power toy it’s super easy to do. After enabling Quick Accent you can activate it by pressing the key you want to accent along with space. Here we’ll hold N while pressing space. Then you can keep pressing the spacebar to cycle through the different characters. Once you find the one you want, just let go of the N and it will insert it. If you want to insert “ö” in German, you hold O, and tap spacebar until you find it, then let go of O. There are many settings you can change, especially the activation key if you want to switch from using the spacebar.Registry PreviewGet a visual preview of Registry files using Registry Preview!Registry preview is a quick little utility to visually preview registry changes. If you’ve ever opened a registry file with a text editor, you know the struggle of trying to validate these files, especially when editing. Registry Preview makes that a little easier. After opening Registry Preview you’ll then want to select a registry file to open. On the right you can see a preview of where this key lives in your registry along with any of the values. If you want to edit this file, you can on the right. Once edited you can save the file and then reload the file and you can then see the changes in the preview window. If you’re satisfied with these changes you can write them to the registry. You can also use the “Open Key” button to open the registry editor directly to your key. A word of caution, only edit the registry if you know what you’re doing.Screen RulerMeasure pixels anywhere with Screen Ruler!Screen Ruler is a PowerToy that’s not only helpful if you’re a designer or developer, but it’s also super fun to use! Screen ruler helps you measure the pixels on your screen based on image edge detection. You can activate it with ⊞ Win+Shift+M and then from here you can choose your measure style.Bounds will create a bounding box where you can click and drag your mouse to measure the pixels in the box you draw. You can also hold Shift to have your boxes persist until you cancel your selections.Spacing Will measure both vertical and horizontal pixels at the same time as you move your cursor around the screen. Horizontal and Vertical measure will do the same but only measuring one at a time. You can cancel any of these at any time by clicking the X or just hitting escape.There are a handful of options you can configure if you want to in settings.Shortcut GuideForget what a Windows keyboard shortcut does? Check it quickly with Shortcut Guide!The shortcut guide is a nice little utility that shows common Windows shortcuts in an overlay. You can activate this by pressing ⊞ Win+Shift+/ or ⊞ Win+Shift+? If you’re looking for the forward slash. From here you can see all of the items you can lunch by pressing the ⊞ Win + the key you see on the screen. For example, it says the emoji panel can be opened with ;, so all we need to do is press ⊞ Win+;. Feel free to explore the other shortcuts on the screen.Text ExtractorExtract text from any image using Text Extractor!Text extractor is a great utility to extract text from any image and copy it to your clipboard. It uses OCR to do this and it actually works pretty good. THis is great when you want to quickly grab text from an image or a screenshot. To activate it all you need to do it press ⊞ Win+Shift+T and then with your crosshair select the area that you want to extra text from. After selecting it will be copied to your clipboard where you can paste it. The text extractor can only extract languages that have the OCR language pack installed, so if you need to install additional languages I’ll have a link in my documentation on how to do that.Video Conference MuteTake control of your microphone and camera during conferences using Video Conference Mute!Now this PowerToy is in legacy mode meaning they won’t release any updates to it but it’s worth mentioning because it’s still available. I wouldn’t be surprised to see this go away since Windows is starting to support this natively without this Power Toy. Anyway…First you’ll need to be sure you run Power Toys as Administrator. You’ll need to close it first, then right-click and run as administrator. After you do this and visit the Video Conference Mute section you will see shortcuts for muting the camera and microphone.To mute both your camera and microphone you can press ⊞ Win+Shift+Q and you will see a little bar appear that shows that both are muted. You can press this combination again to toggle them both on. To toggle just the microphone you press ⊞ Win+Shift+A and to toggle the just the camera it’s ⊞ Win+Shift+O. If you want toi mute your microphone and toggle it only when you want to speak, you can use the push to talk feature by pressing ⊞ Win+Shift+I. This will unmute your microphone when you are holding this combination of keys. Again, this is a legacy feature that I personally don’t use but I want to cover it for completeness.ConclusionI hope you can see how powerful the Windows Power Toys are and how they can help you be more efficient at using Windows. There are so many useful utilities in this suite and more being added with each new release. I learned quite a few new shortcuts, and new ways of working on Windows, and I hope you learned something too! And remember if you found anything in this post helpful, don’t forget to share!Join the conversationOver the last few weeks I dove deep into PowerToys (open source utilities for Windows) and learned how to be more productive using Windows. Finally, a decent app launcher, color pickers, remote controlling multiple machines, and more!Check it out!👉https://t.co/rENRbEM5tB pic.twitter.com/MZLRXQCDAR— Techno Tim (@TechnoTimLive) August 20, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Power Over Ethernet is AWESOME!", "url": "/posts/poe-adapters/", "categories": "homelab", "tags": "hardware, zimaboard, poe", "date": "2023-07-28 08:00:00 -0500", "snippet": "I was unsatisfied with the huge wall adapter that many products ship with, so I replaced it! Want to power a mini PC or a smaller device with Power Over Ethernet (POE)? No problem!📺 Watch VideoHow...", "content": "I was unsatisfied with the huge wall adapter that many products ship with, so I replaced it! Want to power a mini PC or a smaller device with Power Over Ethernet (POE)? No problem!📺 Watch VideoHow I use it Power Disclaimer: Be sure to check your device for the appropriate voltage and wattage. As with all power adapters, using something that isn’t intended for your device can break your device, switch, or both!Power Over Ethernet or POE. It’s awesome!. I have some small low power devices that have barrel plugs and they have these power adapters that take up a lot of space. Also, this ZimaBoard (and even Raspberry Pis) have a power switch to power on and off. To power it on and off I have to unplug it and plug it back in and unplug it and then plug it back in.I wanted to find a better way to power these devices, and that’s when I stumbled on this little POE adapter. This little adapter plugs into my POE switch and delivers power to the device. So it will pass through the network too. So if I plug it into my switch and plug it into the device, the device will power on. My POE Switch is managed too so I can use its console to power the device on and off.Now to power the device, I can just unplug the network cable!This adapter splits power and ether so you can power your low power devicesIt also has Gigabit ethernet!Where to BuyProducts in this video (see power disclaimer above): POE Splitter Gb 2.5mm (featured in video): https://amzn.to/3rNhvKw POE Splitter Gb 2.1mm: (other plug size): https://amzn.to/3KG5g9p POE Splitter Gb USB C: https://amzn.to/3KfvE9G POE Splitter Gb Micro USB: https://amzn.to/3KjMWlU 2.1mm to 2.5mm adapters: https://amzn.to/3OAt6poSee the kit here:https://kit.co/TechnoTim/power-over-ethernet-poe-devices(Affiliate links are included in this description. I may receive a small commission at no cost to you.)Join the conversationPower Over Ethernet is AWESOME! (POE) #homelab pic.twitter.com/HCFhuDyc1z— Techno Tim (@TechnoTimLive) July 28, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "A Mini Rack for Your Home!", "url": "/posts/sysracks-12u/", "categories": "homelab", "tags": "sysracks, rackstuds, hardware, homelab", "date": "2023-07-26 08:00:00 -0500", "snippet": "I decided to go with another rack in my home but this time much smaller! Thanks to Rackstuds for sending a few packs of Rackstuds!📺 Watch VideoWhere to BuyProducts in this video: SYSRACKS 12u Serv...", "content": "I decided to go with another rack in my home but this time much smaller! Thanks to Rackstuds for sending a few packs of Rackstuds!📺 Watch VideoWhere to BuyProducts in this video: SYSRACKS 12u Server Rack (Gray): https://amzn.to/44EREmL SYSRACKS 12u Server Rack (Black): https://amzn.to/3Khv1fP Rackstuds Duo 1RU: https://amzn.to/3Y7BkIG Rackstuds R100: https://amzn.to/3Kf3yLD Rackstuds R100: https://amzn.to/3Kf3yLD Tripp Lite UPS: https://amzn.to/3YbI5Js Casters for Rack: https://amzn.to/45mDeaT(Affiliate links are included in this description. I may receive a small commission at no cost to you.)My New RackOver the years I’ve gone from machines on a shelf, to racking machines in an open rack, to centralizing everything and racking it in an enclosed 36u rack, to what I am building now, and that’s this new 12u closed rack. It’s a smaller version of my 36u rack with a few changes that make this the perfect rack for a small office, home office, or even just at home. But is it right for you? Let’s check it out and see.HardwareIntroducing my 12u Sysracks Server RackThis is the Sysracks 12u 24” Wall mount 19” enclosure server rack. It measures almost 24” wide, almost 24” deep, and almost 25” tall. It’s a standard 19” rack and if you’re wondering why they call it a 19” in rack, 19” refers to the mountable width of servers and equipment. It’s made of steel and has a powder paint finish in either gray or black. It has 2 brush panels with cable managers at the top and bottom to help with cable management and block dust from coming in. All around the case you are going to see lots of perforated edges, especially around the front doors. This is to help passively cool the entire enclosure. It also includes active cooling with this top 120mm fan module that connects to any standard outlet. There are models, especially the larger units like my 36u rack that come with temperature control units, but I opted to keep this one simple and will probably add temp sensors and smart switches to control this fan if it ever gets to that point. Wait, I thought I said I was keeping it simple???Speaking of power it also comes with a PDU where you can plug in up to 8 devices and has a a secure on/off switch covered in a detachable cap.I finally realized why they call these 19” racksIn the back we can see wall mounting hooks which makes this easy to wall mount if you choose to do so but I am choosing to attach some casters so I can move it around freely in my office if needed. The back panel is attached with screws but can be easily removed if needed.On each side we have locking removable panels that can help you secure your enclosure and prevent anyone from getting in while still giving you access to get inside and make adjustments to your equipment.Coming around to the front we have this nice glass door that has perforated edges on the side and a handle that can also be locked if needed. I like having a glass panel door because it lets me easily see inside to check on my equipment plus it looks cool with all the blinky lights.Inside the rack has 4 posts to rack up to 12u of equipment making it great for small servers, networking equipment, DVRs, AV equipment, and anything else that can fit in a 19” short depth rack. It also comes with this shelf for equipment however I am not sure if I am going to use it or not yet.AssemblingPutting it together was so much easier than my 36u rack. You can do it alone but it might help to have someone for the very first step and that’s putting together the frame. Don’t worry though, I was able to manage it alone. After securing the fame, you’ll then need to mount all of the posts so you can rack your equipment. Before you go too far like I did, if you’re going to use the supplied shelf be sure you adjust the posts so that you can mount the shelf later if needed.The back panel can be attached with a few screws. While I would have loved to see a door like on the 36u model, it makes sense for this to be a panel since it’s also wall mountable.The sides are removable and can easily pop in and out with these clips. It also comes with a lock and key to secure it if you like.Assembling the rack was pretty easy, you can do it with one personThis model supports both legs and casters however it only ships with the legs. If you’re going to use casters too you’ll need to pick some up or buy them separately. I did choose to go with casters because I want to move it around the room when needed. The casters lock in place and are very secure, so secure that I didn’t worry one bit about assembling this on my workbench.Attaching the front door is pretty easy, but is a little challenging using the shims to get the door to hang just right. I love the look of the rack and I think the perforated edges and glass give it that premium feel. The door has a handle to keep the door shut and can also be locked with the included keys.AssembledAs I mentioned the back is removable via screws, I do wish it was a door but it’s easy enough to take off and most people are going to wall mount this anyway. Once it’s all put together, It’s pretty easy to work on and get inside of the rack when it’s empty, plenty of room to work on everything I plan on installing.You can see the vents on the top for cables as well as the fan for cooling. I am glad I have a fan however it doesn’t have a switch to easily toggle on and off so I will end up wiring this up to a smart switch and put a temperature control inside if I ever really need to turn this fan on.Installing ThingsI started out by installing my UniFi 24 port POE switch. This was a switch that I replaced in my other rack but decided to hang on to it for this rack. I don’t think I will be using all 24 ports here in my office but it’s better than buying another switch.RackstudsAs you can see I am using RackStuds for this install. RackStuds reached out and sent me a few packs of studs including their new 1ru rack studs. These are awesome and so simple to use. You just squeeze them, pop them in, and then hook up your devices. These new 1ru RackStuds are great for 1u devices like my switch and PDU I put in back. Simple solution. But then I decided to put them to the test. I wanted to rack mount my UPS and that thing weighs 22 lbs and only has rack ears in the front rather than the front and back. I tightened all 4 using their combo pack studs and so far so good. RackStuds are able to hold them without issue and without sagging. Oh, and I wasn’t paying attention when racking my UPS and I racked it upside down, which I then quickly flipped around after noticing, but it was super simple with RackStuds. If you’re interested in the ones I used I’ll have some links below.This was my first time using Rackstuds, they were really easy to use.My ThoughtsAfter installing the UPS, the network switch, and my PDU I took a look at the rack. It’s a really nice rack for short depth items, not to mention that you can use shelves for anything that can’t be rack mounted natively. I am really impressed by the build quality and attention to detail, glass door, and all of the other features - especially for the price. At just 210 dollars I was expecting a lot less but what I got was a perfect rack for my office. This is going to house a few projects coming up so be sure you’re subscribed to see what else I am going to put in it. Well I learned a ton about racking smaller components, building a mini rack, and I hope you learned something too. And remember if you found anything in this post helpful, don’t forget share!All in all, I am super happy with this new rack!Join the conversationI decided to go with another server rack in my home but this time much smaller!Check it out! 👉https://t.co/CncKenusZx pic.twitter.com/mwbkO1fA4c— Techno Tim (@TechnoTimLive) July 26, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "20 Home Server Projects You Can Start TODAY - CasaOS + ZimaBoard", "url": "/posts/zimaboard-projects/", "categories": "homelab", "tags": "zimaboard, hardware, casaos, linux, windows", "date": "2023-07-14 08:00:00 -0500", "snippet": "I’ve had a ton of fun setting up and configuring a ZimaBoard and CasaOS over the last few weeks! While CasaOS is a great fit for your Home Server projects, I also decided to walk through over 20 o...", "content": "I’ve had a ton of fun setting up and configuring a ZimaBoard and CasaOS over the last few weeks! While CasaOS is a great fit for your Home Server projects, I also decided to walk through over 20 other home server projects you can start today. These projects are for everyone, from the beginner, to the tinkerer, to the hardcore enthusiast! Thanks to ZimaBoard for sending this device!📺 Watch VideoWhere to BuyCheck out ZimaBoard today! ZimaBoard Official: https://bit.ly/3K9WZu7 ZimaBoard Official Shop: https://bit.ly/3DlTm0l ZimaBoard on Amazon: https://bit.ly/4478n1bSee the whole kit here! - See the entire Kit https://kit.co/TechnoTim/zimaboard-project-kit(Affiliate links are included in this description. I may receive a small commission at no cost to you.)What is a ZimaBoardThe ZimaBoard has been out for a little while now but I thought it would be a great time to check in and see how it’s doing, along with the open source project CasaOS which ships with every ZimaBoard. I also wanted to share with you lots of projects you can start today with a ZimaBoard in case you need some inspiration for your tech projects. I’ll cover some of the easy or “beginner” projects that don’t take a lot of work to get going, then we’ll cover some of the projects for the Tinkerer, and then those projects for the hardcore weekend warrior tech types. But first, what is a ZimaBoard?HardwareThe ZimaBoard is a self proclaimed “World’s First Hackable Single Board Server” Which means that it’s a complete functioning computer built on a single board circuit and while most don’t have expansion slots, this one actually does. The ZimaBoard comes in 3 varieties, the 232 has an Intel Celeron N3350 Dual core CPU, 2G of RAM, the 432 which has quad core Intel Celeron N3450 CPU with 4G of RAM, and the 832 which has the same Quad core Intel Celeron N3450 but has twice the RAM of the 432 for a total of 8GB of RAM.Introducing the ZimaBoard!Outside of those differences each ZimBoard comes with 32 GB eMMC storage, 2 SATA ports for disk drives, 2 Gigabit LAN ports, 2 USB 3.0 ports, and what makes this different than most kits you see out there is the PCIe slot that you can connect PCIe devices to, but more on that later.It also has a mini display port that can output up to 4k 60 and has a TDP of only 6 watts.It has a mini Display Port, (2) 1 Gbs NICs, (2) USB 3.0 Ports, and 12v powerA few other things you might be interested in if you are a geek like me is that the CPU supports Intel VT-x for virtualization, VT-d for hardware passthrough, AES-NI for encryption, and video transcoding, all which will come in handy with some of the projects we’re going to talking about today.BeginnerSo first, we’re going to start with the “beginner” projects, but don’t be fooled by the name, this doesn’t mean that these projects aren’t technical, it just means that they take very little to get started. We’re going to start with one of the best uses for your ZimaBoard and that’s CasaOS.CasaOSCasasOS comes preinstalled with your ZimaBoard. CasaOS is an open source service, I’ll say and not necessarily an OS, it’s installed on top of Debian and many other Linux distributions but I still think that name is fitting. It’s software that focuses on delivering simple personal cloud experiences around the Docker ecosystem, and I think they’ve done a great job on delivering on that promise. You can launch it from the desktop on your ZimaBoard or you can simply connect to it from a web browser on your network.You’ll be greeted with a dashboard and a few widgets. We can see the time and date, our system status including CPU and RAM usage, our storage along with any additional connected drives, and our network status where we can toggle between our two network adapters. We also get a built-in search bar where we can search using our favorite search engine.There are two things you’ll be using this dashboard for: Installing and managing apps Managing the file system including shares.AppsIf we launch the app store and take a look, we can see lots of applications that we can choose to install. The nice thing about CasaOS, is that every app you see here can be installed and configured with a single click. That means no messing with ports, account names, volumes, or any of the other typical things you have to do when installing Docker containers. Also, you don’t even need to know what a Docker container is. You can almost treat this as an app store without knowing any of the implementation details. Some of the apps included in the app store are: PiHole for network-wide ad blocking Plex or Jellyfin a media server Home Assistant for home automation - Nextcloud for a Google Workspaces like experienceand many others that will help you build up your own little personal cloud in no time!CasaOS is a nice little open source service to run on your ZimaBoard and more!And if you can’t find the application you want in their app store, you can also run any Docker container you like by using the custom install feature in the app store and then either filling out a form, or using the import feature to paste the docker commands, Docker compose file, or appfile (which is an export you create to share with friends from your own apps). Importing configs will fill out the form for you. It’s kind of hit or miss if all the settings will be imported properly so it’s worth a look to make sure they are right.Once these apps are installed, if they have a web management page we can simply click on the app to launch it and configure it from there.Files AppThe other place where you’ll probably spend a lot of time is in the Files “app”. This app is a super elegant way to manage files and share and I think it’s one of the cleanest web file management UIs out there, not only because it looks good and is fast, but also because it makes sharing files super easy, let’s take a look…The Files app is a nice way to manage your files!After launching the files app we can see a default storage location for our media and documents and from here we can upload, download, and manage files if we like and it even has a built-in file previewer for different file types. If you want to share a file from here, you can simply share the folder from the menu, and then open it from any machine on your local network. That has to be one of the simplest ways of sharing files I’ve seen. If you want to see all your shares you can simply click on this share icon at the bottom and it will list all of your shares.Since we’re talking about sharing and we’re down here in the bottom left, we should talk about the FilesDrop feature. This is a cool feature similar to AirDrop for Apple devices, except it works on the web and with any device that has a browser.Let’s say for instance we are on our Windows machine and want to share a file with our phone. Instead of transferring the files through Google Drive and uploading and then downloading them on our phone we can simply do it all through CasaOS. If we click on the FilesDrop button it will launch a new experience where it shows my machine (the Windows Chrome machine) and then any other device that connects to CasaOS and visits this page will also show up here. When I connect my phone you should see another icon pop up. (It says macOS Chrome but should say iOS Chrome but that’s not important.) From my Windows machine I can click on my phone icon and then choose files I want to send to it. If I want to send this photo right here, I choose it, and then on my phone I will get a prompt to save it, I can then save it to my phone! I can also go the other way and upload files from my phone back to my machine, all without the cloud and from any device that has a web browser!FilesDrop is like AirDrop, but for any machine with a browser and only uses your local network connection!One other feature that you might be interested in when using the Files app is the availability to connect cloud storage. If we click on the plus we can add a Dropbox account, Google Drive, or even another network share on our local network. This feature is really cool for connecting and transferring things from your Google Drive to your own cloud or vice versa. This is also helpful for migrating to or from the cloud and could be even more useful if one day you can back up your data from CasaOS to one of these locations.Another thing you might be interested in is the storage feature. This feature is limited but allows you to add additional drives to your ZimaBoard in a snap. You just open the storage manager, and click create storage. You’ll get a prompt asking you if you want to add this device and that it will erase all contents from the device. Once it’s created you will see the device in the files app and you can use it for additional storage. There’s also this new merge storage option that will merge all of your storage into one, which seems like a simple way of expanding your storage but this also means that if one drive dies you might lose all of your data. I did enable it and it does exactly what it says, it merges multiple drives into one using mergefs. It’s also pretty easy to undo this too.You can add and wipe additional drives, and even merge them if you want!Now don’t let the simplicity of this UI fool you, you can still do some advanced things from the web dashboard like access to logs, access to a terminal, as well as the logs from each individual docker container and the ability to exec into them. All in all, I think CasaOS is probably one of the best projects for this ZimaBoard.Operating SystemsThe next project I can see people using this for is installing and running operating systems. Windows and Linux run fine on a ZimaBoard and I’ve tested it with Windows 10, Ubuntu Desktop, and Ubuntu server and I am sure many other distributions will run on this board because at the end of the day it’s a x86 intel based system. You won’t have any issues getting or installing drivers because it’s running on Intel hardware. Most things will be plug and plug and play and if you are going to go this route I would recommend picking up a USB hub and a solid state drive for additional storage. Then, you can run or test your software on this tiny little package. It does output to 4k 60Hz so it will look great on your display though it will start to push the limits on what you can do with this little board. Office apps, web browsing, watching video are all fine, anything outside of that and you might need a little more power. You could even dual boot Windows and Linux with 2 drives either by connecting 2 drives or by swapping them each time you want to boot but that’s starting to get into some of the more advanced use cases, and more for the Tinkerer.I’ve tested on Windows 10, Ubuntu Desktop, and Ubuntu Server and all run great!TinkerersThis next group of things you can do with your ZimaBoard is dedicated to the Tinkerers. These are folks who aren’t afraid of running Linux headless, know their way around a terminal, know how to exit VIM (first make sure you are not in edit mode and that you are in command mode and then press :quit, but if you’ve made changes… nevermind, you get the picture)The first thing I would recommend running on a ZimaBoard for this group is Portainer. Portainer is a great UI to run all of your containerized applications, some of the same applications we talked about earlier like Plex, Jellyfin, Nextcloud, and many others. This gives you a lot more control over which OS you run and which applications you run and you can keep it as minimal as you want, saving on resources. But with that comes a little complexity. But you’re a tinkerer, right?Emulation StationAnother quick project that sounds like a ton of fun is Emulation Station which is the same software that Retro Pi is based on. Just install your OS, Windows or Linux, and then install Emulation Station and your emulators, connect to a few controllers and you are good to go. The ZimaBoard has all of the rest of the hardware you need to play retro games and is compact enough to bring with you on a road trip.You can easily build out an Emulation Station with a couple of USB powered controllers!Other uses for a ZimaBoard include some projects that I will definitely use this for and these are diagnostic and troubleshooting projects.Diagnostic & TroubleshootingFirst is a disk wiping station. Having a dedicated little machine to securely wipe disks that I am no longer using is welcomed because my current solution is using an old janky PC. Having something this small and dedicated to wiping disks just makes sense after you use it. I can just boot to killdisk, start a wipe and walk away.You can easily connect HDDs and SSDs for a disk wiping station and more!Another thing I use that old janky PC for is updating firmware on devices, especially SSDs. This is usually the case when building new systems or replacing drives in existing systems. I can even do the same for NVMe drives with this PCIe adapter.You can also connect NVMe drives with this adapterAnother thing I do with that old janky PC (sorry old PC) is clone disks. I use CloneZilla every now and then to backup or clone hard drives from one to another. CloneZilla has been my go to for years either backing up and restoring images over the network or doing a disk to disk clone. If you’re doing a disk to disk clone you will need to pick up this special Y adapter that lets you connect 2 drives at once, but it’s like 4 dollars in their store. One of the other use cases is simple data recovery. It’s nice to have a small simple machine that I can plug a drive into and run and try to recover files if the drive is no longer bootable. And all of this is easy and accessible using a ZimaBoard.What about a NAS?Now you may have noticed I didn’t mention NAS, that’s because I honestly think the best NAS you can use on this tiny little machine is using CasaOS, sure TrueNAS and OpenMediaVault should work but CasaOS already does this beautifully. And since you are a Tinkerer, you might as well install Debian headless then CasaOS to save resources!Hard CoreThe last group of projects is geared towards the hardcore. It’s for those folks who like to push hardware to the limits or experiment with something that they’ve never tried before. This is where I think the PCIe slot really comes into play. This PCIe slot can be used to connect any PCIe device as long as it can run in a x4 slot, which should be most because the slot is open here at the end.Most PCIe devices will fit into this slot since they end is slotted (Power but has limited power)While I know it’s technically possible to attach a video card to this device, I am not sure that a majority of the people who pick up this device will be doing so. I could be wrong, but I think more people will be attaching smaller devices like extra NICs, wireless adapters, and possibly more sata drives.While GPUs will fit, your mileage may vary on whether they work or not.Network Firewall, Hypervisor, and More!This opens the door for turning this device into a router or firewall. Having 4 cores, 2 gigabit NICs, AES-NI, and up to 8 GB of RAM make this a solid choice for pfSense or OPNSense, it’s small, compact, has enough compute and RAM, has dual NICs, and is completely silent. And if you want to turn this into an access point, all you need to do is add a wireless NIC and you a nice little OpenWRT system!Yup, you can even turn this into a Firewall / Router with a few extra NICs!But even if you’re not into creating a router or firewall and you’re the hardcore type there are plenty of projects for you. If you know RaidOwl, he created a high availability cluster with 3 using Proxmox. Which is another use case, and that’s installing a hypervisor. Because the ZimaBoard supports both VT-x and VT-d it can be used to test out the latest HyperVisor.And if creating and testing virtualization isn’t your thing, there’s the use case that I think that this is great for and it’s for developing and testing hardware. Most developers I know have laptops and don’t have access to a PCIe slot and that can be painful if you are working on a project that requires it, for example machine learning and AI. The Coral TPU from Google is a great example of how you can add a small PCIe device that is capable of doing AI in a small package, and if you can get your hands on one it could fit right in this slot. Having access to AI on a small board like this could let you do local detections from your video feeds so you can detect things like people, cars, and more. There are so many use cases for the hardcore that I could go on all day!If I could get my hands on a Google Coral TPU, it would fit right here (Hey Google, call me!)What do I think?ZimaBoards are super flexible and can be applied to many projects, whether you are a beginner, a tinkerer, or a hardcore enthusiast there’s bound to be a project for you. I am sure that I didn’t cover all of the projects you can do with a ZimaBoard and if I missed one let me know what you’d use it for in the comments below. Well, I learned a lot about ZimaBoards, lots of cool projects, and I hope you learned something too. And remember if you found anything in this blog post helpful, don’t forget to share!You can get an idea of how small the ZimaBoard really is next to this AAA battery!Join the conversationI've had a ton of fun setting up and configuring a ZimaBoard and CasaOS over the last few weeks! I decided to walk through over 20 other home server projects you can start today. Check it out!👉https://t.co/htIeMyXC8W pic.twitter.com/G7PAImfWya— Techno Tim (@TechnoTimLive) July 14, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "I Automated Watering My Lawn & Garden!", "url": "/posts/automate-lawn-garden/", "categories": "vlog", "tags": "home-assistant, homekit, lawn, weather, gardening", "date": "2023-07-04 08:00:00 -0500", "snippet": "This week I finally decided to automate the watering of my lawn and garden without irrigation, here’s how…📺 Watch VideoAutomation Without IrrigationSince I don’t have irrigation, I have to use hose...", "content": "This week I finally decided to automate the watering of my lawn and garden without irrigation, here’s how…📺 Watch VideoAutomation Without IrrigationSince I don’t have irrigation, I have to use hoses, but that’s OK because I picked up these hose faucet timers. They’re great because you can hook them up to any hose faucet. I picked up this manifold and connected 4 of these faucet timers, one for each zone. As you can see I also split one zone into 2, we’ll talk about that in a sec. I can program each zone in the b-hyve app app to turn on each individually, and these sprinklers have a ton of watering options. The app also takes into consideration the rainfall so you’re not wasting water. And it’s not just for lawns, I also automated watering my garden giving it just the right amount of water each day. These soakers, along with a pressure reducer, help deliver water exactly where I want it. The soakers also works great for flower boxes that doesn’t receive any rain. If you’re a geek like me, you can even connect this to Home Assistant or even HomeKit.If you’re looking for the Home Assistant plugin I used to managed these timers, you can find it here Don’t forget to ⭐ the repo!Here’s the 4 port manifold I used to create 4 zonesHere are the 4 faucet timers I used to create 4 separate zones!Here are the sprinklers in action! Highly recommend these because they have a ton of watering options and they are silentWhere to Buy Orbit B-hyve Smart Hose Faucet Timer with Hub - https://amzn.to/3O2BqxW Orbit B-hyve Smart Hose Faucet Timer - https://amzn.to/43e0A0y Orbit Hose Faucet Manifold - https://amzn.to/3XGUbtJ Orbit Gear Drive Sprinkler - https://amzn.to/3JIMgqf Flat Soaker Hose - https://amzn.to/3PLtLFh Hose Bibb Connector Backflow Preventer Vacuum Breaker - https://amzn.to/3JLeuR8 Drip Irrigation 25 PSI Pressure Regulator - https://amzn.to/44suD5V Garden Hose Connector 90 Degree Brass Garden Hose Elbow - https://amzn.to/3NXc2JN Garden Hose Splitter - https://amzn.to/3raafrP Plumbers Tape - https://amzn.to/3pHEdTw Black Heavy Duty Cold Water Garden Hose - https://amzn.to/3pHI6I9See the whole kit here! - https://kit.co/TechnoTim/automated-lawn-and-garden-care(Affiliate links are included in this description. I may receive a small commission at no cost to you.)Join the conversationI Automated Watering my Lawn & Garden! Have I gone too far with automation???https://t.co/HcPdCNKXbJ— Techno Tim (@TechnoTimLive) July 3, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Meet Renovate - Your Update Automation Bot for Kubernetes and More!", "url": "/posts/renovate-bot-kubernetes/", "categories": "kubernetes", "tags": "renovate, kubernetes, docker, github, gitlab, gitops, devops, automation", "date": "2023-07-01 08:00:00 -0500", "snippet": "Keeping track of container image updates is hard. I started using Renovate Bot to to track these for me and I now get pull requests from a bot for my Docker and Kubernetes container images. It’s a ...", "content": "Keeping track of container image updates is hard. I started using Renovate Bot to to track these for me and I now get pull requests from a bot for my Docker and Kubernetes container images. It’s a game changer.A HUGE thanks to Datree for sponsoring this video!Secure Your Kubernetes, Prevent Misconfigurationshttps://www.datree.io📺 Watch VideoWhy use Renovate?How much time do you spend looking for updated container images for services you have running in your Kubernetes cluster? 5 minutes, 5 hours? Never? I used to spend hours a week checking for new container images, reading up on the changes, and not really knowing if it was going to break my cluster or not. It was super tedious doing this to the point where I almost stopped doing it. That’s when I discovered Renovate Bot. Renovate is a dependency update automation tool that scans your software, discovers dependencies, and checks to see if an update exists, and if there is one, it will automatically help you out by submitting a pull request on your code base. It works out of the box and supports a wide variety of languages and technologies, it’s highly configurable putting you in control of what gets updated and when, and it’s pretty smart too and can automatically detect dependencies and suggest ideas for improvement.Here’s the cool thing about it too, not only can it scan for all sorts of dependencies, it also gives you your choice of how you want to run it. Want to run it locally as a node module or from a CLI? Or in a Docker container? Or ever self host it in your Kubernetes cluster? No problem! Want to scan dependencies in GitHub, GitLab, AWS CodeCommit or other Git providers? No problem at all. One of the great things about Renovate is that because it’s open source, it puts you in control of how you want to run it, where you want to run it, and when you want to run it. So today we’ll be setting up Renovate bot to give us a helping hand with our Kubernetes resources. We’ll create a GitHub repo to house our Kubernetes deployments, add the Renovate bot to our repo, and then let it help us out by opening pull requests when it sees updates to any of the container images we’re using. Yeah… I feel like I just hired a devops engineer for free.Renovate works with many different source control providers like GitHub, GitLab, CodeCommit, and many others. You also have your choice of how you want to manage Renovate, meaning you can self-host it with Docker or Kubernetes, or run it as a GitHub app for free that’s hosted by Renovate’s parent company Mend.Create GitHub RepoWe’re going to go with GitHub and the GitHub app because it’s super simple to set up. First we need to create a github repo, this is as simple as going to GitHub and well, creating a new repo. After naming your repo you’ll want to choose whether to make this public or private. The choice is up to you and Renovate will work either way. Note: if you want to see the repo I created in this post and video, you can check it out here technotim-k8s-renovateCreate a repo in GitHubAfter creating the repo you’ll want to clone it to your machine. Now, I know that it’s empty, but we’ll be adding some things here shortly. After cloning it, I am going to open it up with a VSCode but any editor will do.Now that our repo is cloned, we’re going to add some Kubernetes resources so that Renovate can start analyzing our resources for updates. We’re going to create a simple nginx deployment and service.---apiVersion: apps/v1kind: Deploymentmetadata: name: nginxspec: selector: matchLabels: app: nginx replicas: 3 template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginx:1.24-alpine ports: - containerPort: 80---apiVersion: v1kind: Servicemetadata: name: nginxspec: selector: app: nginx ports: - port: 80 targetPort: 80 type: LoadBalancerFor this deployment we’re going to use an older nginx container image tag because we want to see the Renovate bot actually work, so we’ll go out to Docker Hub and choose an older tag. We’ll then put that image tag in our deployment. Now that we have this manifest, let’s commit this code and push it up.Add Renovate BotNow that we have a simple Kubernetes deployment committed to our repo, we should add the Renovate bot to start analyzing our code. We can do this by going out to GitHub, finding the Renovate app, and installing it in our repo. You need to authorize this app for your repo or org. Once you authorize this app and choose which repos it has access to you are all set!If you ever decide to change your mind and remove this app for your repo, you can go to the repo settings and remove this app at any time.Once the Renovate bot is authorized and installed, it won’t actually do anything until you merge a Pull Request that will be opened by the bot on your repo! This pull request is a special “onboarding” pull request that will show you what the bot has detected along with adding a default config for the bot. Renovate won’t take any further actions until you accept and merge this pull request. Once you have reviewed this PR, you can merge it in and it will activate the bot on your repo.Add the Renovate app to your repoOur First (Real) Pull RequestAfter merging the onboarding PR, we can go and take a look at the logs for the bot on Mend’s bot page. Here we can see that it is trying to auto detect all of the various dependencies that the bot supports. It’s checking for ansible, docker-compose, flux, gradle, helm, and many other dependencies. But it doesn’t know how to handle Kubernetes files out of the box because Kubernetes files don’t really have a naming convention because there really isn’t one. So we’ll need to tell Renovate how to check for Kubernetes files in our config.Here you can see Renovate trying to scan our repo and automatically detect dependenciesSo we’ll need to git pull to get latest and we should see our Renovate config file. We’ll need to add the file match for Kubernetes files. You’ll want to be sure that you use the right extension here, whether that be yml or yaml, both are acceptable but I typically use yml so that’s what I am going to use here.{ \"$schema\": \"https://docs.renovatebot.com/renovate-schema.json\", \"extends\": [ \"config:base\" ], \"kubernetes\": { \"fileMatch\": [\"\\\\.yml$\"] }}If you’re using FluxCD (as shown here) you also want add the flux extension and filematch. This will allow Renovate to scan your FluxCD manifests as well as creating Pull Requests for your Helm chart versions.{ \"$schema\": \"https://docs.renovatebot.com/renovate-schema.json\", \"extends\": [ \"config:base\" ], \"flux\": { \"fileMatch\": [\"\\\\.yml$\"] }, \"kubernetes\": { \"fileMatch\": [\"\\\\.yml$\"] }}Once we’ve made that change to our config locally, we’ll then commit that change and push it up.Once we push this change up and it scans our repo, we can see a new issue that was created! This is a special type of issue that Renovate creates for us and it is kind of like a dashboard for all of our dependencies.If we look at this issue, it’s telling us that it detected a new dependency that’s related to Kubernetes and that it detected not only our nginx tag but also our Kubernetes API version for the deployment. Super awesome. If you like you can choose to disable this dashboard issue in your config, but I would recommend keeping it.If we look at the logs again from Renovate, we can also see that it detected our nginx deployment and that it created a PR for us to review. Now for the actual PR. We should see a new PR that was opened from the Renovate bot!If we look at this PR we can see the proposed changes, it’s suggesting that we change our nginx container image from 1.24 to 1.25 which is the current latest tag. If we’re happy with the change we can merge it into our code with just a click.How to Handle “latest” tagNow our code base is up to date with the latest container image. What happens if a container you are using only has one tag, say like the “latest” tag? Well, let’s find out.Let’s say for instance we’re running Wordpress in our cluster, and we create a deployment.yml and in our deployment.yml we specify the “latest” tag vs. a versioned tag.---apiVersion: apps/v1kind: Deploymentmetadata: name: wordpressspec: selector: matchLabels: app: wordpress replicas: 1 template: metadata: labels: app: wordpress spec: containers: - name: wordpress image: wordpress:latest ports: - containerPort: 80---apiVersion: v1kind: Servicemetadata: name: wordpressspec: selector: app: wordpress ports: - port: 80 targetPort: 80 type: LoadBalancerAfter we commit and push this up, we can wait for Renovate to check our repository again for new dependencies, or we can manually trigger one by going back to the dependency dashboard issue and check this box to trigger it to run again.Now, if we look at the logs again we should see that it detected Wordpress, however it is unversioned. The latest tag is nondeterministic, meaning that it is not deterministic, or simply put, it can mean more than one thing. Renovate can’t use this because it can’t determine what the current version is and what the next possible version is. So, instead of pinning this version to “latest”, we can actually pin it to a digest.So if we look at the current latest tag in Docker Hub and inspect the digest, we can see it here.It’s this long string of characters:DIGEST:sha256:75ba772cce073ec2aa6cec95c5ca229dfde9029c49874350a971499d567adae7The digest is an immutable identifier for a container image and it is deterministic, meaning it can’t be changed and it only references one image. We can use that for Renovate. Once we have that, we can then pin our Wordpress container to this digest by using the like this, it’s:container image @ sha256 : digestNow if we make this change, commit this and push it up, we are now pinned to the digest which is also the same as “latest”. Again, if we want to force a scan instead of waiting, we can go back to this Dashboard issue, check the check box and then go look at the logs. We can now see that it detected our Wordpress container image along with the digest and it can now compare this to the current digest and open a PR if it needs to. If we take a look at the issue Dependency dashboard, we can now see that it detected Wordpress pinned to the digest. We won’t see a PR now because this digest is the latest digest, however if Wordpress releases a new container image with a new digest we will get a pull request to replace the digest. Awesome, so that solves the “latest” problem.Working with Helm ChartsSo that’s awesome, we have ways to work with Kubernetes manifests whether they are pinned to a versioned tag or an unversioned tag, but what about helm charts? Well, helm charts are just as easy. Let’s say we wanted to source control our mysql helm deployment, all we have to do is create a our helm values file and include the version as well as the repository.---image: repository: bitnamicharts/mysql version: 9.9.0persistence: enabled: true size: 10Giarchitecture: replicationauth: existingSecret: mysql-secretprimary: replicaCount: 1If you don’t specify the repository it will default to Docker hub, but as you can see here I am getting this chart from Bitnami. After we commit and push this up, we should now see a new dependency type of helm and since it detected an update we should also see a pull request to update this file!updating helm charts with Renovate are just as easy!Wrapping UpSo now with Renovate bot we can keep track and upgrade our Kubernetes deployment and even helm charts but I bet you are wondering how you can deploy them? There are quite a few ways to deploy these resources using GitOps tools like Flux and ArgoCD, or even just a simple CI task that runs kubectl and or helm. I have a few videos on this topic. What about Docker deployments? Well if you’re interested in how to automate deployments with Docker and Renovate let me know in the comments below.Well, I learned a ton about Renovate Bot, how to add it to your Git Repository and how to automate Pull Requests when there are updates available, and I hope you learned something too! And remember if you found anything in this post helpful, don’t forget to share. Thanks for Reading!Join the conversationKeeping track of container image updates is hard. I started using Renovate Bot to to track these for me and I now get pull requests from a bot for my Docker and Kubernetes container images. Automation is awesome. It's a game changer. Check it out!👉https://t.co/2ku5EayOIO pic.twitter.com/uLF1PC7Swi— Techno Tim (@TechnoTimLive) July 1, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "How to Upgrade Proxmox 7 to 8", "url": "/posts/upgrade-proxmox-to-8/", "categories": "proxmox", "tags": "homelab, proxmox, debian", "date": "2023-06-24 10:00:00 -0500", "snippet": "Proxmox 8.0 has been released (June, 22, 2023) and includes several new features and a Debian version upgrade. Among the changes are: Debian 12 “Bookworm”, but using a newer Linux kernel 6.2 QEMU...", "content": "Proxmox 8.0 has been released (June, 22, 2023) and includes several new features and a Debian version upgrade. Among the changes are: Debian 12 “Bookworm”, but using a newer Linux kernel 6.2 QEMU 8.0.2, LXC 5.0.2, ZFS 2.1.12 Optional Text mode installer (TUI) New default CPU type x86-64-v2-AES for VMs Ceph Quincy 17.2.6 and a new, stable Ceph Enterprise repository Authentication realm sync jobs ACL for network resources Resource mappings between PCI(e) or USB devices and nodes in a cluster and more….Many have been asking how to upgrade, so I decided to put together an easy-to-follow post to get your Proxmox server upgraded to 8!Preparing the Upgrade to Proxmox 8This might go without saying, but you’ll want to be sure you back up your Proxmox server’s configs as well as any virtual machines running on thi server. After you’ve done that, you’ll need to check to be sure you are running at least 7.4.15 or newer (If you need to upgrade from 6 to 7, see my post on how to do this). If you aren’t sure which version you are running, you can run this to check:pveversionThis should output something similar to:pve-manager/7.4-15/a5d2a31e (running kernel: 5.15.108-1-pve)Next we’ll want to run an upgrade script to check to if there are any potential issues during the upgrade process. Don’t worry, this does not execute anything other than checks and is safe to run multiple times.You can run it by executing:pve7to8You can also run it with all checks enabled by executing: pve7to8 --fullYou should see something similar to the following in the output:➜ ~ pve7to8 --full= CHECKING VERSION INFORMATION FOR PVE PACKAGES =Checking for package updates..PASS: all packages up-to-dateChecking proxmox-ve package version..PASS: proxmox-ve package has version >= 7.4-1Checking running kernel version..PASS: running kernel '5.15.108-1-pve' is considered suitable for upgrade.= CHECKING CLUSTER HEALTH/SETTINGS =PASS: systemd unit 'pve-cluster.service' is in state 'active'PASS: systemd unit 'corosync.service' is in state 'active'PASS: Cluster Filesystem is quorate.Analzying quorum settings and state..INFO: configured votes - nodes: 3INFO: configured votes - qdevice: 0INFO: current expected votes: 3INFO: current total votes: 3Checking nodelist entries..PASS: nodelist settings OKChecking totem settings..PASS: totem settings OKINFO: run 'pvecm status' to get detailed cluster status..= CHECKING HYPER-CONVERGED CEPH STATUS =SKIP: no hyper-converged ceph setup detected!= CHECKING CONFIGURED STORAGES =PASS: storage 'backups' enabled and active.PASS: storage 'fast10' enabled and active.PASS: storage 'local' enabled and active.INFO: Checking storage content type configuration..PASS: no storage content problems foundPASS: no storage re-uses a directory for multiple content types.= MISCELLANEOUS CHECKS =INFO: Checking common daemon services..PASS: systemd unit 'pveproxy.service' is in state 'active'PASS: systemd unit 'pvedaemon.service' is in state 'active'PASS: systemd unit 'pvescheduler.service' is in state 'active'PASS: systemd unit 'pvestatd.service' is in state 'active'INFO: Checking for supported & active NTP service..WARN: systemd-timesyncd is not the best choice for time-keeping on servers, due to only applying updates on boot. While not necessary for the upgrade it's recommended to use one of: * chrony (Default in new Proxmox VE installations) * ntpsec * openntpdINFO: Checking for running guests..WARN: 6 running guest(s) detected - consider migrating or stopping them.INFO: Checking if the local node's hostname 'draco' is resolvable..INFO: Checking if resolved IP is configured on local node..PASS: Resolved node IP '192.168.0.11' configured and active on single interface.INFO: Check node certificate's RSA key sizePASS: Certificate 'pve-root-ca.pem' passed Debian Busters (and newer) security level for TLS connections (4096 >= 2048)PASS: Certificate 'pve-ssl.pem' passed Debian Busters (and newer) security level for TLS connections (2048 >= 2048)INFO: Checking backup retention settings..PASS: no backup retention problems found.INFO: checking CIFS credential location..PASS: no CIFS credentials at outdated location found.INFO: Checking permission system changes..INFO: Checking custom role IDs for clashes with new 'PVE' namespace..PASS: no custom roles defined, so no clash with 'PVE' role ID namespace enforced in Proxmox VE 8INFO: Checking if LXCFS is running with FUSE3 library, if already upgraded..SKIP: not yet upgraded, no need to check the FUSE library version LXCFS usesINFO: Checking node and guest description/note length..PASS: All node config descriptions fit in the new limit of 64 KiBPASS: All guest config descriptions fit in the new limit of 8 KiBINFO: Checking container configs for deprecated lxc.cgroup entriesPASS: No legacy 'lxc.cgroup' keys found.INFO: Checking if the suite for the Debian security repository is correct..INFO: Checking for existence of NVIDIA vGPU Manager..PASS: No NVIDIA vGPU Service found.INFO: Checking bootloader configuration...SKIP: not yet upgraded, no need to check the presence of systemd-bootSKIP: No containers on node detected.= SUMMARY =TOTAL: 33PASSED: 27SKIPPED: 4WARNINGS: 2FAILURES: 0ATTENTION: Please check the output for detailed information!As you can see there are a few warnings but nothing failing. The warnings I have listed are ones related to time packages (which I am going to ignore) and one related to machines still running. To resolve the second warning I will shutdown all the machines before I upgrade.Upgrade APT PackagesWe’ll want to be sure that we’ve applied all updates to our current installation before upgrading to 8. You can do this by running:apt updateapt dist-upgradeIf there are updates, I recommend applying them all, rebooting, and upgrading again if needed. Repeat this until there aren’t any up updates to apply.➜ ~ apt updateHit:1 http://security.debian.org bullseye-security InReleaseHit:2 http://download.proxmox.com/debian/pve bullseye InReleaseHit:3 http://ftp.us.debian.org/debian bullseye InReleaseHit:4 http://ftp.us.debian.org/debian bullseye-updates InReleaseReading package lists... DoneBuilding dependency tree... DoneReading state information... DoneAll packages are up to date.➜ ~ apt dist-upgradeReading package lists... DoneBuilding dependency tree... DoneReading state information... DoneCalculating upgrade... Done0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.Updating APT RepositoriesWell need to update our Debian and Proxmox apt repositories to Bookworm:sed -i 's/bullseye/bookworm/g' /etc/apt/sources.listIf you’re also using the “no-subscription” repository, you’ll also want to update those too:sed -i -e 's/bullseye/bookworm/g' /etc/apt/sources.list.d/pve-install-repo.listMine is actually at /etc/apt/sources.list.d/pve-no-enterprise.list so I will run instead:sed -i -e 's/bullseye/bookworm/g' /etc/apt/sources.list.d/pve-no-enterprise.listYou can verify these files by checking to be sure they were updated with bookworm:cat /etc/apt/sources.listcat /etc/apt/sources.list.d/pve-install-repo.listor for me personally:cat /etc/apt/sources.list.d/pve-no-enterprise.listYou should see something like this:deb http://download.proxmox.com/debian/pve bookworm pve-no-subscriptionRemember, you are just verifying the sed replaced bullseye with bookworm in each file.Upgrading CephIf you’re running ceph you’ll want to check the Proxmox 7 to 8 Upgrade Wiki for a few additional steps. I am not running ceph so I will skip this part.Upgrade the system to Debian Bookworm and Proxmox VE 8.0Now all that’s left is updating the system! If you’ve made it this far it’s now time to upgrade! I would recommend stopping or migrating any virtual machines and LXC containers before proceeding.apt updateapt dist-upgradeThis step may take some time depending on your internet speed and server resources.The upgrade might ask you to approve changes to configurations files. I am going to defer to the Proxmox documentation for this step, which is shown below: It’s suggested to check the difference for each file in question and choose the answer accordingly to what’s most appropriate for your setup.Common configuration files with changes, and the recommended choices are: /etc/issue -> Proxmox VE will auto-generate this file on boot, and it has only cosmetic effects on the login console. Using the default “No” (keep your currently-installed version) is safe here. /etc/lvm/lvm.conf -> Changes relevant for Proxmox VE will be updated, and a newer config version might be useful. If you did not make extra changes yourself and are unsure it’s suggested to choose “Yes” (install the package maintainer’s version) here. /etc/default/grub -> Here you may want to take special care, as this is normally only asked for if you changed it manually, e.g., for adding some kernel command line option. It’s recommended to check the difference for any relevant change, note that changes in comments (lines starting with #) are not relevant. If unsure, we suggested to selected “No” (keep your currently-installed version) Verifying the UpgradeAfter upgrading all packages you can verify the upgrade by running:pve7to8If all went well, you should see everything pass (or with minimal warnings).You can now reboot your system.After rebooting and logging into the system for the first time, you’ll want to clear your browser’s cache for pve web, or just hard reload: Windows (CTRL + SHIFT + R) macOS (⌘ + Alt + R)If you have more servers in your cluster, repeat this for each server!Enjoy Proxmox 8!Check to be sure you see Proxmox 8 here!Join the conversationIf you were looking to upgrade to Proxmox 8 today, I wrote a quick guide to help! I've already tested it on my production cluster and it works great!https://t.co/NFqv0XXyWB— Techno Tim (@TechnoTimLive) June 25, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "100 Days of HomeLab - 1 Year Later", "url": "/posts/100-days-of-homelab-1-year-later/", "categories": "homelab", "tags": "homelab", "date": "2023-06-20 10:00:00 -0500", "snippet": "A year ago I started a challenge that encouraged everyone to join the #100DaysOfHomeLab challenge, a challenge designed to help improve your skills in IT. This is similar to any of the “100 Days” c...", "content": "A year ago I started a challenge that encouraged everyone to join the #100DaysOfHomeLab challenge, a challenge designed to help improve your skills in IT. This is similar to any of the “100 Days” challenges - pick a topic, stick with it for 100 days, and form a habit. Some of you might be asking what a “HomeLab” is, and I think in it’s simplest terms it’s a “lab environment” mostly at home. Think of this as a test environment to learn about technology without the fear of breaking anything. If you’d like to learn more about HomeLabs and how to get started, I summarized it in a video.After creating the challenge, I had lots of folks join in on Twitter, Mastodon, YouTube, Instagram and many other social networks using the hashtag #100DaysOfHomeLab, and it’s still going today!365 Days of HomeLabI ended up sticking with it, posting on socials (when I remembered), and took it all the way to 1 year! While some posts seemed redundant and repetitive, I kept on building, breaking, learning, and posting. Once I hit 100 Days, I decided to see how long I could go. 100 days turned into 200 days, and 200 days turned into 300… and today I hit 365 days. Looking back at my very first tweet, it seems I missed a few days of sharing, or I am really bad at math. If you can spot where I missed or messed up, let me me know in the comments below! 😀OK, my turn 😀Day 1 #100DaysOfHomeLab Since Day 0 was spent launching the video, planning, connecting with people, and celebrating 100k - today will be spent:Operationalizing the self-hosted website & Bot pic.twitter.com/5EObleZiAV— Techno Tim (@TechnoTimLive) June 12, 2022So what did you learn?Over the last year I learned so much about HomeLabbing, but specifically Docker, Kubernetes, networking, ZFS, GitOps, and many other related technologies. You can see all of my 100 Days of HomeLab tweets here however I will summarize some of the topics.Bots & WebsiteI started out by creating a Twitter bot that would retweet everyone who was joining the challenge. I felt like this was important to build and grow a community around HomeLab and a simple way to bringing people together. This is a self-hosted bot that I wrote myself, and even open sourced the code!I also decided to create a 100 Days of HomeLab website so people could learn more about the challenge and even showcase some of the creators I worked with to make this possible. Huge thanks to all creators, featured on this page or not, who joined in on the fun!What not to doAnother bucket of learnings were what not to do. This can be seen as mistakes but I looked at them as opportunities. These were things like: Backup everything you can’t recreate (even if you think you don’t need it) Test your backups Don’t run beta firmware in production Don’t run early access firmware in production (I had to list this twice in case I think about it again) Don’t deploy and walk away (for hours) Try not to test in production (although sometimes there isn’t any way around it) Don’t over buy or over build hardware, unless you think you can repurpose or sell it easily in the future You may not always need the fastest connection like 10G (things will just take a little longer) Don’t delete CRDs in k8s unless you are certain you don’t need any of the resourcesWhat to doIt wasn’t all bad, I also picked up some good habits and learned what I should continue doing in the future: Build a small test environment, even if it’s hard Create good documentation and write it as if someone other than yourself will have to follow the steps Write tests, when you can, even even when you think you can’t Have just enough hardware, repurpose what you can A little battery backup goes a long way Use DNS when possible (even if it’s painful) Use certificates, always Use strong randomized passwords Set up monitoring & alerting, even if it’s just to yourself! Keep it simple. Seems like an oxymoron for HomeLab, but the simpler you keep it, the easier it will be to supportHardwareI made lots of changes to my HomeLab over the past year, from a pile of machines on a shelf, to an open post rack, to a fully enclosed server rack in a room I converted to a server room. With this came new challenges like networking, power, and even RGB. I was sent a Storinator from 45 Drives and really expanded my storage while deprecating my old Disk Shelf. I also picked up a handful of low power devices and built a small low power cluster of Intel NUCs and rack mounted them in my server rack!AutomationI also got to dive into Ansible deeper than ever before! Ansible is a powerful tool for automating things, especially infrastructure. I automated things like updates, configuration of my machines, password changes, and even building a fully HA Kubernetes cluster with k3s. The time spent learning this tool has already paid back in dividends compared to the time I would put into doing these task manually or even worse, pile up tech debt because I would skip them.I also picked up Terraform too! Terraform is one of those things you may not ever learn until you need to. It’s definitely been eye opening building up new infrastructure with Terraform. Every time I see a form or a UI to create some sort of Infra, I automatically think about how I can automate this with Terraform… but thinking and doing are two different things and I need to start doing this more often. I’ve already figured out how to apply Terraform to Cloudflare DNS and will be applying to more systems in the future.NetworkingOnce of the biggest changes to networking wasn’t new hardware or network speed, but VLANs. I implemented VLANs here to keep all of my network traffic segmented according to the roles these devices fill. For instance I created an IoT vlan for all of my IoT devices, a Camera VLAN just for secure video devices, and Server VLAN for my servers that are used for public facing services. This helps ensure that not only am I not mixing traffic, but also minimizing the blast radius if one of my devices were to become compromised. I talked about this and more security recommendations in a video here. Highly recommended if you are going to self-host anything.KubernetesThe next big theme is Kubernetes and has been a theme on my channel almost since the beginning. I now run 3 HA Kubernetes clusters at home. That might sound crazy, but it’s true. It’s taught me so much about how to build, support, and maintain one of the most popular technologies in the world. It’s been challenging but rewarding at the same time. I ended up going all in and migrating all of my Docker only hosts to Kubernetes. I no longer have single Docker hosts (pets) and now have more Kubernetes nodes (cattle). Once I moved everything to Kubernetes, I quickly learned that I needed a better way to manage it than just a UI or applying manifests from the CLI.(GitOps has entered the chat)GitOpsGit Ops, such a such a huge term and people have varying opinions on where it starts and where it ends - but it’s the idea that Git is the source of truth to deliver infrastructure as code. What does that mean for me and in my HomeLab? For me it means that my Kubernetes cluster (and custom code) is source controlled in Git and the only way to get those changes applied is through CI. This was one of the most rewarding things I have learned about during my 100 Days of HomeLab. All 3 of my Kubernetes clusters are defined in code (YAML) in a Git repository and when I need to make changes I just commit them to my repo and push them up and FLUX takes care of the rest. It has not only taught me how to deliver infrastructure as code but also taught me about secret management with SOPS which is such a valuable lesson, Kubernetes or not. I will be looking to expand into more IaC this year and beyond because this is truly the future of infrastructure.CommunityLast but definitely not least is community. Doing this challenge has taught me that there are so many other people out there just like me, trying to build/break/fix/learn with a lab environment at home. There are countless times where I have been inspired from others or even found better, more efficient way to accomplish things by interacting with the HomeLab community. I have even picked up new tech all thanks to you. I have met lots of people on socials and will continue to follow your journey!So, what are you waiting for? Want to join the 100 Days of HomeLab Challenge? You’re just one click away!Join the conversationDay 365 #100daysofhomelab One year. It's been a year since I have started the 100 days of #homelab and I've learned a lot. Here are my learnings in a thread 🧵— Techno Tim (@TechnoTimLive) June 20, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "My Mobile HomeLab! (Travel Router with Proxmox, Docker, and OpenWRT)", "url": "/posts/mobile-homelab/", "categories": "homelab", "tags": "homelab, travel, hardware, proxmox, docker, portainer, openwrt", "date": "2023-06-18 10:00:00 -0500", "snippet": "This has been months in the making, my new Mobile HomeLab! It’s a device that I can take with me to provide secure internet access for all of my devices. Not only can it provide secure access, but ...", "content": "This has been months in the making, my new Mobile HomeLab! It’s a device that I can take with me to provide secure internet access for all of my devices. Not only can it provide secure access, but it can also let me bring apps and services with me when I travel. It’s built on Proxmox, OpenWRT, Pi-hole, and many other services. I’m taking this with me everywhere!A huge thank you to Protectli for sending this device!📺 Watch VideoWhere to Buy Protectli VP2420 - https://amzn.to/443wb68 Crucial 16 GB RAM - https://amzn.to/3qOMK7F Intel Wi-Fi 6 (alternate wifi option) - https://amzn.to/3PfuRZP Samsung 1 TB SSD - https://amzn.to/3Nj7Mme USB WiFI NIC (ralink chipset) - https://amzn.to/3NyP8an Wyze Camera - https://amzn.to/467JVi3 Timbuk2 Backpack - https://amzn.to/3p8L9ZF Slim Cat6a Cables - https://amzn.to/3qOCHPT Anker Charging Station - https://amzn.to/3qOk66r Anker USB C Cables - https://amzn.to/3qOCXhP Anker Surge Protector - https://amzn.to/3Jlq8ll Anker USB Hub - https://amzn.to/42N15yF WD 5 TB USB Hard Drive - https://amzn.to/42Oa3f4 Protectli WiFi Kit - https://protectli.com/product/m2-wifi/ Protectli 4G LTE Modem - https://protectli.com/product/mdg200-m2/See the whole kit here! - https://kit.co/TechnoTim/mobile-homelab(Affiliate links are included in this description. I may receive a small commission at no cost to you.)My Mobile HomeLabThis is my mobile HomeLab, or is it my mobile home lab, or just mobile lab, or a travel router ++, or ultimate mobile HomeLab, anyway, It’s a computer that I bring with me that serves as a network firewall, an access point, and a platform to run apps, services, and virtual machines. I guess it’s a cross between Wendell’s forbidden router and Network Chuck’s travel router. It’s something that I am going to take with me every time I travel and will provide internet access whether that be from an existing network, or one I connect to over my carrier’s mobile data network.A Mobile HomeLab device I can take with me that also provider network access!This is something that I have wanted to create for quite some time because when traveling I bring with me a few pieces of technology to make my life a little easier and keep my nerd brain fed. Some of these are common like a laptop and a tablet, but others aren’t. You see, when I travel I like to take a router with me to keep all of my devices connected securely, rather than connecting all of my devices to say the Air BnB’s WiFi. Bringing my own router assures me that my laptop, tablet, phone, pi, even security camera are connected to my router and that no other devices can spy on me.I’ve carried an old Cisco Linksys router with me every time I travel, and it provides a secure private network that only my devices can connect to. I can even take this a step further and use a VPN to connect all of my devices securely to my home network, where I get the same protection as I do when I am physically at home. This little router has worked great for quite some time, but I also started bringing a Raspberry Pi to provide a few more services on my local network. That’s around the time when I started thinking about how to combine all of the functionality into one package. Protectli reached out to me and said they wanted to give one of their devices a test run on my next trip and see if this combination of form factor and hardware would accomplish everything I needed out of my new “mobile homelab, forbidden travel router, plus plus, ultimate mobile homelab - thingie”?What I usually carry with meThe HardwareThis is a Protectli Vault VP2420 which, if you couldn’t tell by the huge heatsink on top, it’s fanless and silent. This model has an intel Celeron J6412, but it’s not like the Celerons of the past, this Celeron has 4 cores and 4 threads and has a base clock speed of 2 GHz and can burst to 2.6 GHz. What makes this CPU great is that it is super low power but yet still has features like AES-NI and VT-x and VT-d which makes it great for a hypervisor like VMWare or Proxmox. It also has QuickSync which can be used for video transcoding too. I opted for 32 GB of DDR-4 RAM , the most you can get on this device.This model comes with (4) 2.5 Gb ethernet ports for lots of hard wired connectivity options. But even more interesting than the wired options, are the wireless options. You probably noticed all of the antennas sticking out, now one set is pretty obvious and that’s one for WiFi. It’s a Protectli WiFi module that supports 802.11 ac/a/b/g/n and fits into the m.2 slot. The other antennas are actually for a 4g LTE modem that works most carriers. It even has a slot on the outside of the case that you can insert your SIM card into without opening the device up.As far as storage goes it has an internal 8GB eMMC module that I really won’t be using, and I opted for a 1 TB Samsung SSD. I would like to have another option for another drive, but I figure this was good enough for what I am going to use it for.As far as IO goes we have an HDMI port, 2 USB 3.0 ports, a Display Port, USB C, and a micro USB port for console access. It’s powered by this little brick and has a barrel plug for power. This is quite a capable machine for something that’s smaller than a tablet. All in all, it’s a solid fanless, quiet, yet power build.My Protectli Vault VP2420 with 2.5 Gb/s networkingThe BuildSo now that I have all of this put together (it came assembled) how was I going to build the ultimate mobile HomeLab?My original thought was to just run pfsense or OPNsense on this machine and use it as a router however, FreeBSD, the operating system that these are built on do not have drivers for this wireless NIC. That shut that down really quick. Then I noticed that Protectli have documentation on their site on how to set up this device with OpenWRT. That’s when I remembered Network Chuck’s video and decided that if he got it working, I could too. Well, not really because he’s like a legit networking person and I am just a hack, but anyway I thought I would give it a shot.I should have installed OpenWRT on Proxmox to begin with…So I installed OpenWRT. The process was a little bit complicated but I had some help from Stuart from the Protectli team and they updated their docs with the challenges we worked through. After getting it running, I quickly realized that I should have just used a hypervisor and created it as an OpenWRT virtual machine. This would allow me to make changes and back them up as I go. It would also allow me to install other VMs and containers that I can use while on the go.ProxmoxSo that’s what I did, I installed Proxmox on this machine since it supports virtualization and hardware passthrough. At first, I wanted to create an LXC container for OpenWRT to use less resources, however, it does not support hardware passthrough like virtualization does for network cards so I created a simple virtual machine. I found this great guide on creating an OpenWRT VM on Proxmox!The steps to create a VM were pretty straight forward and I followed each step on that checklist carefully.Once I had the virtual machine configured, I then passed through the devices that I need to run a router along with an access point. I passed through a NIC for WAN access, the wireless adapter for the access point, a USB wireless NIC for additional WAN access, and the USB modem for, well, WAN access for LTE. I gave it 2GB of RAM and 2 CPU cores, and the disk of only 512 MB. This is how big the disk image is. Now this might not seem like much but this is much more than I will ever need, considering this router that also runs a version of OpenWRT only uses 32MB of RAM and 8 MB of disk space.OpenWRT running as a VM on ProxmoxOpenWRTOnce the machine was up and running, I made some changes to the NIC and then went to the OpenWRT admin interface. The interface is pretty basic although it does come with dark mode, so that’s a plus for me. They also support a few different themes however I decided to stick with the default bootstrap dark. I configured a few initial settings like NTP, my router’d name, and then headed over to the software section. Here I can install some additional packages. I installed a few optional packages like nano, zsh, usbutils, and openssh sftp server, and htop for better monitoring. After doing this, it was now time to configure the network.NIC (LAN)First I wanted to be sure I could connect to this device via LAN. This was as simple as just configuring the virtual machine to connect to the bridge on Proxmox. This means when I plug in a network adapter to a port dedicated as LAN, I can connect to anything running on the Proxmox bridge. This will be the local area network for all of my devices on this subnet. If you want, you can configure DHCP on this OpenWRT interface but I am going to do that later with Pi-hole or even pfSense later.NIC (WAN)The next NIC I wanted to configure was the WAN NIC. This will be the NIC that is passed through to this virtual machine and will give it internet access if you have physical access to the modem or another switch. It’s as simple as assigning this NIC to WAN, and turning on DHCP. Physically plugging an ethernet cable is my preferred method of connecting this router to an upstream network like an Air BnB modem or any other network you don’t trust.After this step, the LAN and WAN should work by physically connectingWireless NIC (Access Point)Now that I have LAN and WAN NICs configured, I can plug in my laptop and connect to this network. This works fine but really we want to broadcast our own wireless SSID so all of our devices can connect to it. This is where we’ll need to configure our Protectli wireless NIC. In order for this NIC to work, we’ll need to install the drivers and a few packages on OpenWRT to enable the wireless access point feature and we can do this within the software section. You’ll need to install a few packages and then overwrite a few files with ones from Protectli. They’ve found that some of the packages that are available on OpenWRT aren’t compatible so they’ve provided these files on their website along with instructions. Once that’s taken care of and we reboot we can now see this wireless section with our wireless NIC! Here we’ll want to configure the wireless network we want to broadcast for our clients to connect to. You’ll need to configure the SSID, security, and wireless mode.Now you should have a fully working router with LAN, WAN, and an access point!Pro tip, I found out that even though this is a dual band NIC, you cannot broadcast on both bands at the same time. So if you aren’t going to use 2.4 GHz you’re fine, you can set it to AC mode or N 5GHz, but if you are using any 2.4GHz devices you’ll need to set the mode to the lowest common denominator of 2.4 GHz. Another thing you can do is configure a second NIC to broadcast on 2.4 GHz, but we’ll talk about it a little bit later.Once you apply this, you should be able to see your new SSID and connect to OpenWRT! And if you have the WAN port connected to an upstream network, you should be able to use this as your router! But the fun doesn’t stop, there, not even close.USB Wireless NIC (Client / WAN / other)At this point you should be able to connect to your router and use the internet from the WAN port, but what if you don’t have access to the WAN port? This is where a second wireless network device comes into play. Let me be clear, this was the most complicated part of this whole project. OpenWRT supports very few USB wireless adapters. I tested 8 USB wireless network adapters before I finally found one that worked with OpenWRT. I tested name brands, no name brands, USB 2, USB 3, ones with odd antennas, and ones without external antennas at all. It turns out that most wireless USB adapters use a Realtek chipset and this does not play well with OpenWRT. It was hard to find one without a Realtek chip, but it turns out this tiny little no-name one works great and that’s because it’s based on a Ralink chipset, one that’s very hard to find.I tested 8 wireless USB NICs before finally finding one that works with OpenWRTSo you’ll need to install a few more packages for driver support. I chose to install mt7601u-firmware` for this wireless USB NIC. After that you should see another NIC in the wireless section. This time we’re going to configure it as a client that connects to an existing wireless network, that way you don’t have to physically connect to the WAN port, we’ll connect over wireless. We can do this by scanning and connecting to an existing wireless network, and after that you’ll then have a completely functional router that can connect a wireless network and share it with all of your clients!I should mention that even though this works fine, this USB NIC only supports 2.4GHz / Wireless N. This is generally fast enough for the internet connection but just know that you are going to be limited by the speed of this NIC, which is around 150 Mb/s at most. Personally I would only use this option if you can’t physically connect your WAN port to your upstream router. As you can see, when I am connected to the WAN via this USB NIC, I can be a lot slower than when it is connected via ethernet cable.Now you should be able to connect your router to an upstream WiFi connection using this NIC!If you can physically connect to the WAN via ethernet, what I would do is disable this NIC or configure it to broadcast the same private network on 2.4Ghz this way you can set your primary NIC to use A/C/N 5 GHz. I had to do this to connect my Wyze cam since it only supports 2.4 GHz. Yes I take a Wyze cam with me when I travel so that I can keep an eye on the place when I leave and also keep an eye on my pups, Nano and Buddy,I bring a Wyze cam with me to keep an eye on the place!Now that I have this all working, I can now fire up my router and connect any of my devices to it and use my own secure wireless network.(Use my phone and connect )After running a speed test you can see I am getting anywhere from 180/200 Mbps which is pretty decent considering I have 500 up/down here at home. I’m sure I could squeeze out some more performance if I tweak some settings but this is great considering everything is running on stock settings.LTE ModemSo, not that I have OpenWRT working with an upstream router, what happens if I don’t have an upstream router at all? This is where the LTE modem that I mentioned earlier comes into play. This is great for times when you don’t have an internet provider where you are staying or if you decide to go and live the #vanlife.A tiny LTE modem inside!Installing the software on OpenWRt was pretty straightforward, again you install a few packages (kmod-usb-net-rndi, wwan, comgt-ncm) and then reboot. But before I rebooted I inserted this cheap testing SIM into my device. After rebooting, you’ll then go to network interfaces and add the new interface which should be USB0. You’ll want to set this as WAN as the firewall zone and then save and apply. You can then access the modem’s web GUI on a private IP address of 172.16.0 from a device connected to the LAN port. You should then see your device connected to your cellular provider and !viola! this connection can be shared with anyone connected to this device! Oh yeah, I did update the firmware too because I love updating firmware 🤷If you use an LTE modem, you can now connect all if your devices to LTE data from your carrier!Pi-holeNow that I had OpenWRT working as an access point, a firewall, and a router that can connect to an upstream router via ethernet, wireless, or LTE, it was now time to focus on the “homelab” part of this device. Since I installed Proxmox on the host, I can now install anthony I want on this machine. The first thing I decided to install was a Pi-hole to keep every connected device safe and free of ads and tracking.Like all installations on Proxmox you have options of how you want to install things. I typically choose VMs but I wanted to keep this lean and mean, so I went with an LXC container. LXC containers are easy to manage and use less resources than a full VM. So I created an LXC container and set a hostname and password and uploaded my public ssh key. I chose the ubuntu template, then gave it 8 GB of disk space, 2 CPU cores, and 2 GB of RAM. For networking I connected it to the existing bridge, which is my LAN and gave it a static IP address.Once the LXC container was created, I updated it and installed Pi-hole. After installing I updated all of my ad lists. I also added about 5 millions sites to my block list that you can see here.Added Pi-hole to block all those ads and tracking on the go!I did end up enabling DHCP on Pi-hole just to see what it was all about. I usually let my router do this but for this travel router I wanted to have more control over blocking. I ended up disabling DHCP on OpenWRT and enabling it on Pi-hole.PortainerAwesome, so now I have Pi-hole with network wide ad blocking running, so what’s next? Well, I know I want to have docker as a platform for running applications on this mobile HomeLab device and portainer is the best way to manage them. I chose to create another LXC container based on Ubuntu and gave it a 60 GB hard drive, 4 CPU cores, and 16 GB of ram. I spun up the container and let it grab an IP, and then I reserved that IP inside of Pi-hole. Once the container was up and running, I updated Ubuntu and installed Portainer. Once Portainer was running I then installed a Watchtower to keep all of my containers up to date. I typically use GitOps to handle this in my home production cluster, but I don’t want to worry about updating containers while traveling. Installing Watchtower was easy, just copy and paste the docker compose and I was good to go.Installed Portainer to manage all of my Docker containersAppsSo now that I have Portainer installed, we can install any container we like to and take it with us. For instance, we could install the super popular Plex or Jellyfin and take our media library with us. This would allow any connected device to stream movies from this device down to theirs, without an internet connection The nice thing about this Intel CPU is that it has QuickSync so you can hardware transcode videos if you need to, making sure that streaming is smooth on any resolution. I bet you’re wondering about disk space? Well, if you really wanted to take more than 1 TB of media with you, you could simply connect and attach a USB hard drive with your media to this machine and mount the drive to your Plex or Jellyfin machine.Doing some local Plex transcoding while on the go!Also, it does stop there, we can now install any docker container or LXC container we like, or even a full blown Virtual Machine since we’re running Proxmox! If we really wanted to, we could now install pfsense or OPNSense as a virtual machine and use that as our router and disable all the routing features on OpenWRT, and only use that as an access point. Once you have pFSense or OPNSense running, you can then create a VPN connection back home to get the same protection you have at home. The possibilities are really endless. Want to install other containers, like LANcache, Netcloud, or even a local Minecraft server, no problem.You can even go as far as creating a VPN tunnel back home!And that’s the nice thing about a general purpose machine like this, you have unlimited possibilities. And using the Intel Celeron platform you get powerful hardware, at a fraction of the power consumption so you get the best of both worlds. A WiFi router and access point that connects all of your devices, internet or not, and lots of services that you can use while you are on the go. I’ll be using this device full time when I travel so I will be sure to report back any modifications I make to this new “mobile homelab, forbidden travel router, plus plus, ultimate mobile homelab - thingie”Join the conversationThis has been months in the making, my new Mobile HomeLab! It's a device that I can take with me to provide secure internet access for all of my devices. Check it out!👉https://t.co/2F5gG5cZn2 pic.twitter.com/5zsXS4VG9X— Techno Tim (@TechnoTimLive) June 18, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Meet Scrypted - Stream ANY Camera to ANY Home Hub", "url": "/posts/scrypted-home-hub/", "categories": "self-hosted", "tags": "scrypted, smart-home, iot, unifi, apple, google, amazon, alexa, home-assistant, home-security, open-source, homekit", "date": "2023-05-13 10:00:00 -0500", "snippet": "Meet Scrypted an Open Source app that will let you connect almost any camera to any home hub, certified or not! You can connect popular devices from UniFi, Amcrest, Hikvision, Nest & Google, T...", "content": "Meet Scrypted an Open Source app that will let you connect almost any camera to any home hub, certified or not! You can connect popular devices from UniFi, Amcrest, Hikvision, Nest & Google, Tuya, Reolink, and many others to your home hub of choice, whether that be Apple’s HomeKit, Google Home, Alexa, or even Home Assistant.This lets you choose and reuse your own devices and take advantage of the automation and integration you get with your Smart Home Hub.📺 Watch VideoWhere to Buy UniFi UDM SE - https://l.technotim.live/ubiquiti UniFi Cameras - https://l.technotim.live/ubiquiti Apple TV 4k - https://amzn.to/3M1ZFtz Apple iPad - https://amzn.to/3VX1k8z Echo Dot - https://amzn.to/44YmpTW Echo Show 5 - https://amzn.to/3MmFdoN Echo Show 15 - https://amzn.to/3Mo8ZJMSee the whole kit here! - https://kit.co/TechnoTim/smart-home-hubs-devices(Affiliate links are included in this description. I may receive a small commission at no cost to you.)Smart Home Camera FragmentationI have cameras in and around my house.I have cameras on the front door, cameras inside my house, cameras that point outside of my house, cameras in my garage, cameras in my server room, and even cameras in my server rack….Don’t ask…All of these cameras work great and I keep all of the recorded footage in my home but what’s not great is that I am not able to tap into popular Home Hubs like HomeKit, Alexa, Google Home, or even Home Assistant.That’s because many of these platforms require some very specific requirements for adding cameras to your home hub.That means they might have to be certified, have to be compatible, and both manufacturers have to get along… and we know how that story goes.Getting ecosystems to play nice togetherSo this left me with using one app to check my video, while leaving a whole host of features that my home hub provides on the table.Things like notifications within my ecosystem, the ability to trigger automation based on my eco system, cool features like picture in a picture on other devices, and all the things that make home hubs, well, hubs.And while I do like my home security choice, I don’t like that it doesn’t integrate with my home hub of choice.It’s not my fault these two companies don’t get along and I am not going to buy all new cameras just to be compatible with my home hub. That’s where Scrypted comes in.What is ScryptedScrypted is open source software that you host on your own machine that allows you to connect almost any camera to any hub, that’s right, certified or not.You can connect popular devices from UniFi, Amcrest, Hikvision, Nest & Google, Tuya, Reolink, and many others to your home hub of choice, whether that be Apple’s HomeKit, Google Home, Alexa, or even Home Assistant.This lets you choose and reuse your own devices and take advantage of the automation and integration you get with your home hub.That’s right, something the big players aren’t offering you, and that’s choice.This means that you don’t have to pay for that subscription if you want video outside of your home, you can use scrypted to connect to one of the major hubs or even an open source one like Home Assistant.Scrypted supports many different camera integrations and many Home Hubs!Here’s where it gets really cool…Scrypted is pluggable, so it allows developers to create and update plugins within Scrypted, giving them and you lots of flexibility.Want to connect a Google Nest Camera to Alexa? Sure! Want to connect a Reolink camera to Google Home, absolutely! Want to connect your UniFi Cameras to HomeKit? No problem! What about connecting some named or no name camera that only supports RTSP or ONVIF? Scrypted has you covered!Scrypted RequirementsYou’re probably wondering, what does all of this cost? Well, if you already have the hardware it costs nothing but a little bit of your time.The next thing you’re probably asking what hardware you need to get started, or maybe you’re not even asking that, but I will tell you that you will need some hardware to get started 😀The requirements are actually pretty low and you can run it on the latest raspberry pi, or Windows, Mac, or Linux, and even Docker, either standalone or on many NAS devices like Unraid or Synology.It’s easy to set up and after you’ve connected your cameras to your home hub, you’ll be able to take advantage of all of the integrations your camera offers as well as automation your hub offers.So that’s what I am going after today, setting up Scrypted to connect my UniFi cameras to my HomeKit hub, which is one of my Apple TVs so I can use all of my cameras as if they are HomeKit Certified. Now wait, even if you don’t want or have this combination of devices and hubs, you can still follow along to set this up with any camera or any hub.Installing Scrypted with DockerSo I first created a Linux machine and then installed Docker, which I highly recommend using, but if you don’t feel comfortable you can install it any other way you like.If you are using Docker, I recommend doing this on Ubuntu, but Windows Mac, or any other version of Linux will work just fine.If you’re using a Linux machine I recommend using Docker and Portainer.Portainer is a great container management system for Docker that has a great UI.The install is fast and painless and makes managing Docker really easy.Once you’re in portainer, all you need to do is connect to your Docker instance, add a container, and then set a few properties like the name of the container, the image name and tag, and then you’ll need to map your data volume from the container to the local machine.This should be somewhere your Portainer machine can read and write to, for me it’s just a simple path to a folder on the machine.The last thing they recommend is setting the network to host mode which means it will use the networking on the host instead of Docker networking.Once all that’s set, just deploy the container and you’re good to go.Installing Scrypted with Portainer is simple!Oh, and if you want to use Docker compose, you can use this to get started quickly! Note, this will also include watchtower to updated your stack automatically.If you don’t want to use watchtower just comment out that section.version: \"3.5\"# The Scrypted docker-compose.yml file typically resides at:# ~/.scrypted/docker-compose.yml# Example volumes SMB (CIFS) and NFS.# Uncomment only one.# volumes:# nvr:# driver_opts:# type: cifs# o: username=[username],password=[password],vers=3.0,file_mode=0777,dir_mode=0777 # device: //[ip-address]/[path-to-directory]# nvr:# driver_opts:# type: \"nfs\"# o: \"addr=[ip-address],nolock,soft,rw\"# device: \":[path-to-directory]\"services: scrypted: image: koush/scrypted environment: - SCRYPTED_WEBHOOK_UPDATE_AUTHORIZATION=Bearer SET_THIS_TO_SOME_RANDOM_TEXT - SCRYPTED_WEBHOOK_UPDATE=http://localhost:10444/v1/update # nvidia support # - NVIDIA_VISIBLE_DEVICES=all # - NVIDIA_DRIVER_CAPABILITIES=all # runtime: nvidia container_name: scrypted restart: unless-stopped network_mode: host devices: # hardware accelerated video decoding, opencl, etc. - /dev/dri:/dev/dri # uncomment below as necessary. # zwave usb serial device # - /dev/ttyACM0:/dev/ttyACM0 # all usb devices, such as coral tpu # - /dev/bus/usb:/dev/bus/usb volumes: - ~/.scrypted/volume:/server/volume # modify and add the additional volume for Scrypted NVR # the following example would mount the /mnt/sda/video path on the host # to the /nvr path inside the docker container. # - /mnt/sda/video:/nvr # or use a network mount from one of the examples above # - type: volume # source: nvr # target: /nvr # volume: # nocopy: true # uncomment the following lines to expose Avahi, an mDNS advertiser. # make sure Avahi is running on the host machine, otherwise this will not work. # - /var/run/dbus:/var/run/dbus # - /var/run/avahi-daemon/socket:/var/run/avahi-daemon/socket # logging is noisy and will unnecessarily wear on flash storage. # scrypted has per device in memory logging that is preferred. logging: driver: \"json-file\" options: max-size: \"10m\" max-file: \"10\" labels: - \"com.centurylinklabs.watchtower.scope=scrypted\" # watchtower manages updates for Scrypted. watchtower: environment: - WATCHTOWER_HTTP_API_TOKEN=SET_THIS_TO_SOME_RANDOM_TEXT - WATCHTOWER_HTTP_API_UPDATE=true - WATCHTOWER_SCOPE=scrypted # remove the following line to never allow docker to auto update. # this is not recommended. - WATCHTOWER_HTTP_API_PERIODIC_POLLS=true image: containrrr/watchtower container_name: scrypted-watchtower restart: unless-stopped volumes: - /var/run/docker.sock:/var/run/docker.sock labels: - \"com.centurylinklabs.watchtower.scope=scrypted\" ports: # The auto update port 10444 can be configured # Must match the port in the auto update url above. - 10444:8080 # check for updates once an hour (interval is in seconds) command: --interval 3600 --cleanup --scope scryptedConfiguring ScryptedOnce the container is running, you’ll want to go to the machines IP address on port 10443Once you get there you will be greeted with a sign in page where you will create an account and password.Once signing in you will see the scripted homepage!The first thing I did was turn on dark mode, of course, and then went into the plugins page and clicked install plugins.Here you’ll want to install the plugin for the platform you want to support.Scripted supports many different cameras and many different hub platforms, for instance you can search for Alex and see the plugins for Amazon Alexa or Google home and see the integrations for Google home, or even Amcrest if you want to find the amcrest camera plugin! There are lots of supported cameras but for me this is going to be unifi so I searched for unifi and installed it.Once it’s installed it will ask for a username and password for your unifi device.We need to create one in UniFi protect, but you’ll want to create a new local account and not provide yours!Installing the uniFi Protect Plugin for ScryptedCreate UniFi Protect UserSo we need to go into UniFi and create a new user.We’ll have to do this in the UniFi console and what I did was create a new Role first that has Full Management access to Protect.The documentation says that you might be able to drop this down later to a Read Only user, which I may do, but I will create the user and give it admin access to Protect only.Again, be sure to create a local account and set the permissions appropriately.Once that user was created I then added the user and the password as well as the IP address of my UDM SE.Once I saved my credentials I could then see all of my cameras and you can view them now, however since I am going to use HomeKit, I need to add that plugin as well.You’ll need to create an account in UniFi Protect for Scrypted to useAdding Cameras to HomeKitSo I searched for the HomeKit plugin and installed it.We don’t need to change anything in the plugin, I just reloaded the unifi plugin and went back into my cameras.Now you’ll see some additional options, one being HomeKit.You’ll want to be sure that this is enabled.I also made sure that the SnapSho tplugin was enabled too.Once this was set up, all I had to do now was just add the cameras to HomeKit.I did this by navigating to each individual camera in Scrypted and then clicked on HomeKit and then Clicked on pairing.It will then show you a QR code which you can scan and it will add it to your home in HomeKitI did this for all of my cameras, accepted the message about it not being an officially certified accessory, and then chose the default settings of stream while I am home and while I am away.The reason I didn’t change any of this is because I still still use my UniFi Protect for camera storage, rather than store it on my docker container. And for those counting, I have nine cameras…. Yes, 9 cameras…Awesome Integration & AutomationNow that we have this set up, what can we do with it?Well, now in the home app I can see all of my cameras at a glance.I can see the latest snapshot of each camera and drill in further to see a live view.I can pin the camera too so that I can multitask.Finally! Notifications on my Apple TV!I get notifications if someone presses the doorbell and I can talk with them too.Not only do I get notifications on my phone, but I also get them on my macbook, ipad, and even AppleTV - so just in case I am “super busy” watching something that’s “super important” I can decide whether or not to get my lazy butt off the couch.Here’s the other cool thing: Since I have an Apple TV, I can even say “Hey Siri” show me my cameras and it will show me all of my connected cameras.From there I can browse them, pick one to watch and even listen to, and even pin it to the screen so I can keep an eye on things or if I am expecting a delivery.If they are in the same zone as other devices, I can interact with these devices too, like toggling on and off the lights on my porch.Picture in a Picture on my TV!_More Scrypted CompatibilityOne of the things I like most about Scrypted is that I can use almost any camera I want and I can connect it to one of many platforms.Now, I obviously connected UniFi cameras to HomeKit, but you can connect almost any camera to any platform.Want to connect some old PoE cameras to Alex or Google Home Hub, or even Home Assistant? No problem.That’s the beauty of Scrypted, is that it’s pluggable and can connect almost any camera to any Home Hub.Well, I learned a lot about Scrypted, HomeKit, and Unifi Protect and I hope you learned something too.And remember if you found anything in this video helpful, don’t forget to like and subscribe.Thanks for reading and watching!Join the conversationWhat a week! I found this awesome open source software that let's me connect and stream almost ANY camera to ANY Smart Home Hub. No more vendor lock! It's called Scrypted and it's awesome!Check it out!👉https://t.co/NdvoQydUEo pic.twitter.com/RIbFIKNJgp— Techno Tim (@TechnoTimLive) May 13, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Mirror your Kubernetes configs, secrets, and resources to other namespaces", "url": "/posts/k8s-reflector/", "categories": "homelab", "tags": "kubernetes, k8s, cert-manager, reflector, helm", "date": "2023-04-26 21:37:00 -0500", "snippet": "What is Reflector?Reflector is a Kubernetes addon designed to monitor changes to resources (secrets and configmaps) and reflect changes to mirror resources in the same or other namespaces.Since sec...", "content": "What is Reflector?Reflector is a Kubernetes addon designed to monitor changes to resources (secrets and configmaps) and reflect changes to mirror resources in the same or other namespaces.Since secrets and configs are scoped to a single namespace, this helps you create and change resources in one namespace and “reflect” them to resources in other namespaces.This is especially helpful for things like certificates and configs that are needed in multiple namespaces.You can find the GitHub repo here!InstallThis might go without saying but you’ll want to be sure you have a working Kubernetes cluster! If you need help setting on up, check out my Ansible Playbook!You’ll also want to be sure you have helm installed.Then we’ll run:helm repo add emberstack https://emberstack.github.io/helm-chartshelm repo updatehelm upgrade --install reflector emberstack/reflectorThis command will add the helm repo locally, then update the repo, then install reflector in your cluster.Reflecting ResourcesNow that it’s installed, all we need to do is add some annotations to “reflect” our resources to other namespaces.SecretsLet’s say you create the following Secret with the annotation below:apiVersion: v1kind: Secretmetadata: name: some-secret annotations: reflector.v1.k8s.emberstack.com/reflection-allowed: \"true\" reflector.v1.k8s.emberstack.com/reflection-allowed-namespaces: \"namespace-1,namespace-2,namespace-[0-9]*\"data: ...This will: create a Secret “reflect” the same secret to namespace-1 , namespace-2 and all other namespaces that match the pattern namespace-[0-9]*ConfigMapsConfigMaps are just as easy! Let’s say you have a ConfigMap with the following contents:apiVersion: v1kind: ConfigMapmetadata: name: source-config-map annotations: reflector.v1.k8s.emberstack.com/reflection-allowed: \"true\" reflector.v1.k8s.emberstack.com/reflection-allowed-namespaces: \"namespace-1,namespace-2,namespace-[0-9]*\"data: ...This will: create a ConfigMap “reflect” the same ConfigMap to namespace-1 , namespace-2 and all other namespaces that match the pattern namespace-[0-9]*CertificatesThis is the real reason I brought this chart into my cluster, was support for cert-manager certificates. There are many cases where I need to create the same certificate in multiple namespaces and rather than create them manually, I have reflector create them for me.apiVersion: cert-manager.io/v1kind: Certificate...spec: secretTemplate: annotations: reflector.v1.k8s.emberstack.com/reflection-allowed: \"true\" reflector.v1.k8s.emberstack.com/reflection-allowed-namespaces: \"namespace-1,namespace-2,namespace-[0-9]*\" ...This will: create a Certificate “reflect” the same Certificate to namespace-1 , namespace-2 and all other namespaces that match the pattern namespace-[0-9]*The benefit of doing it this way with cert-manager is that when your certificates are updated with something like Let’s Encrypt, all certificates you reflect are also updated! Of course you will only want to limit your reflections to other namespaces you trust.If you’d like to check out cert-manager see my post on how to install traefik and cert-manager!Join the conversationOk, I think I made it just in time! A post on reflector for Kubernetes!https://t.co/IOYIhTk6g5#homelab— Techno Tim (@TechnoTimLive) April 27, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Low Power Cluster - Small, Efficient, BUT Powerful!", "url": "/posts/low-power-cluster/", "categories": "homelab", "tags": "homelab, k3s, kubernetes, hardware, server-rack, home-assistant", "date": "2023-04-22 10:00:00 -0500", "snippet": "I’ve been running a few clusters in my HomeLab over the past few years but they have always been virtualized inside of Proxmox.That all changed today when I decided to run my Kubernetes cluster on ...", "content": "I’ve been running a few clusters in my HomeLab over the past few years but they have always been virtualized inside of Proxmox.That all changed today when I decided to run my Kubernetes cluster on these 3 low power, small, and efficient, Intel NUCs.📺 Watch VideoI built a lower power, efficient, and near silent server cluster! Although this cluster is small and efficient, it’s still powerful enough to run a high availability Kubernetes cluster with many services running in High Availability mode! There are so many options with running a small cluster like this, the possibilities are endless!Where to BuyA HUGE thanks to Datree for sponsoring this video!Combat misconfigurations. Empower engineers.https://www.datree.io Intel NUC 11 - https://amzn.to/43TK8nS Intel NUC 12 - https://amzn.to/3MZjC6C SAMSUNG 980 PRO SSD 2TB PCIe NVMe - https://amzn.to/41vUOrk SAMSUNG 870 EVO SATA - https://amzn.to/3KQMriU G.Skill RipJaws DDR4 SO-DIMM Series 64GB - https://amzn.to/3AlstI8 Mk1 Manufacturing - https://www.mk1manufacturing.com/cart.phpSee the whole kit here - https://kit.co/TechnoTim/efficient-low-power-powerful-virtualization-server(Affiliate links are included in this description. I may receive a small commission at no cost to you.)HardwareThese Intel NUCs are probably my favorite small form factor devices.They are only 4x4 inches and pack quite a punch.That’s because these NUCs have anywhere from a Core i3, to a Core i5, to a Core i7 processor in them.This one has a Core i7 with 4 cores and 8 threads and has a base clock speed of 2.8 GHz and can turbo boost up to 4.70 GHz.It even has QuickSync on this chip too so that I can offload encoding if I need to.You can check out the specs here.My Intel NUC Cluster!I maxed out the ram on each machine, giving it 64 GB of DDR4 RAM.Should just be just enough to run some of my workloads and another reason I chose not to run a hypervisor on these machines, I wanted to conserve resources.I added a 1 TB Samsung NVMe drive for the OS and to run all of my workloads, and then a second SSD for additional Kubernetes storage that will be replicated across all 3 devices.I may expand this in the future however this was one of many SSDs I had laying around.Intel NUC InternalsInstalling in the RackSo once I had all of the hardware buttoned up then I had to decide where exactly I was going to put these devices.Now I could have put these on my workbench or my desk, but I have a server rack in my basement that I wanted to take advantage of.I have a few general purpose shelves but I thought that these NUC deserved a little bit better home than that.I wanted a rack mount system that would hold 3 NUCs, hold them securely in place, and even give me some cable management and that’s when I found this small company that makes all kinds of small form factor rack mount systems.Mk1 Manufacturing makes all kinds of rack mount kits for small form factor devices like Mac Studios, Lenovo ThinkStations, Mac Minis, and of course Intel NUCs.The nice part about these racks too is that they are made here in the US. I purchased one for my Intel NUCs and quick rack mounted all 3.It was super easy to mount these and they even thought about the cable management for both power and networking.Intel NUC, 1U Rack Mount SystemRemote ControlI bet you’re wondering how I remote control these devices, because I wondered that too.Well, if you remember from a previous video, I picked up a PiKVM and I was able to attach multiple devices to it using an HDMI switch.Ths current switch lets me connect up to 4 devices, but I am going to try to expand to 8 later on. From the PiKVM I can even power on these devices using WAKE ON LAN that will send a magic packet to wake them up.And in the case that Wake On LAN doesn’t work, I can then use my UniFI Smart PDU Pro to toggle the power off then on to force them to wake up.Intel NUC, 1U Rack Mount SystemOperating SystemAfter getting this all hooked up and on my network, I then had to figure out how I was going to get an operating system on them.I ended up using MAAS or metal as a service to boot and provision these machines.I chose to go with Ubuntu server for these, well, because I like Ubuntu and so is the rest of my infrastructure so it makes it really easy to manage it.I was sure to reserve a static IP for these devices as well as create a DNS entry for them.Why KubernetesNow, for the most difficult part of this all, installing kubernetes.I bet you’re asking, why Kubernetes? Because.KubernetesSo to install Kubernetes I can do it one of a million different ways and on top of that I have my distributions to choose from.I ended up going with k3s because I like how lightweight that it is as well as the active community behind it.As far as installation goes I could spend the 20+ hours doing it manually but I’ve already created an Ansible playbook that can do this all for me.It does everything that I need to give me a high availability Kubernetes cluster, with both an HA Kubernetes API as well as an HA service load balancer.With three nodes I can lose 1 node and everything will still function normally.After setting my IP address it was off to the races. 🚀I sat back and watched the automation run for about 3 minutes, and shortly after that I had a highly available Kubernetes cluster to run my workloads.If you’d like to do the same thing I will leave a link to the documentation and the video where I walk you through all of this.Running the k3s-ansible playbookInstalling Apps & ServicesSo once I had Kubernetes installed I then copied my kube config file locally so I could communicate with the cluster.I was able to ping the Kubernetes API that is really a VIP and it responded.I then asked Kubernetes to show me all of my nodes and there they were, all three of them.So that was there to do next? Next I wanted to install some workloads to test out HA.Now typically I would install Traefik as my reverse proxy and cert-manager to manage my certificates, and LOKI, Grafana, and Prometheus for logging, monitoring, and visualization; however I just wanted to test out a few things before I go all in.So I decided to install a simple web server that runs nginx to host it.This web site is just a tiny nginx web server that services a single page that shows its hostname, IP address, and port, and a few other things.This was going to be a good test to test high availability. My plan was to create this workload with 3 replicas and then pull the plug on one of the nodes and make sure that both Kubernetes was still up as well as this web page.So, that’s what I did.I created a Kubernetes deployment for this container and set the replicas to this.This will ensure that 3 are running but I wanted to be sure that they were spread out across all three nodes.I did this by setting a typology constraint of hostname.This will make sure that only more than one pod is never scheduled on the same node so that I can ensure HA.---apiVersion: apps/v1kind: Deploymentmetadata: name: nginxspec: selector: matchLabels: app: nginx replicas: 3 template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginxdemos/hello ports: - containerPort: 80 topologySpreadConstraints: - maxSkew: 1 topologyKey: kubernetes.io/hostname whenUnsatisfiable: DoNotSchedule labelSelector: matchLabels: app: nginxSo once this was set, I then deployed the Kubernetes deployment and could see that I had 3 pods, all spread across 3 nodes, awesome.But how to I actually get to this web page? Well, remember how I mentioned that I typically use Traefik as my reverse proxy? Well, that’s where this would come in handy.It would allow me to expose multiple services on the same IP, but since I don’t have it installed, I will just expose it on the metal lb load balancer that comes with my playbook.To open up an IP on the virtual load balancer, all I have to do is create a service with a type of LoadBalancer.This will expose the service on one of the Metal LB Ip addresses so that we can see our web page.---apiVersion: v1kind: Servicemetadata: name: nginxspec: ipFamilyPolicy: PreferDualStack selector: app: nginx ports: - port: 80 targetPort: 80 type: LoadBalancerAfter deploying that service, we can then check the service to see which IP address it was assigned.Once we have that IP address we can then get to this web page.After, we see our web page here so we know it’s working.And it should be HA because we have one of these pods running on each of the servers!NGINX demo pageNow we need to introduce some chaos.No, no no no, not that much chaos, just simply removing one of the nodes.So, before doing that let’s ping our Kubernetes API to be sure that it ups, and you can see it’s up and responding.Next let’s open the web page and keep refreshing it.Now, we can introduce chaos by shutting down one of the nodes.I can pick anyone that I like but let’s go with 2.Let’s also ping node 2 so you can see it going down.So we shut down node 2 and wait.We can see that it’s down but out Kubernetes API is still up.We can do a kubectl get nodes and see all of our nodes, and if we refresh our web page we can see that the web site never went down.Now if we shutdown one more now, we will lose access to our Kubernetes api and web page, so let’s shutdown node 1.And as you can see we can’t get to it anymore, but if we bring up node 2 and leave node 1 down we can.Testing my HA NGINX install, you can see that node 2 is down, but the Kubernetes API still responds and the web page is still up!What else can we do?Awesome, so now we have an HA cluster but what can we do with it? Well, I mentioned a few things but you can do some awesome home Kubernetes stuff like install Home Assistant, game servers, web sites, or many other workloads, just remember that not all workloads can be HA out of the box, they have to be stateless like my nginx container, meaning they have no state like storage mounts or state in memory, but they get their state from outside of the container like an external database.This diagram explains how stateless Kubernetes apps should be architectedHow efficient is it?I bet you’re wondering how much power these three devices use, well I wondered the same thing and I checked my UniFi PDU to be sure.I let all three NUCs run a few workloads and kept them on for a few hours and each of them uses about 20 watts of power.Keep in mind that my PDU only shows average power over time so I think they are using anywhere from 15-25 watts.Is that as good as a raspberry pi? Well, no, but what I do get is an x86 processor with 8 cores, lots of high speed storage, 2.5 Gigabit networking, AES instructions, and even a GPU for quick sync if I wanted to do any kind of transcoding.Also, it has enough compute to run anything I can throw at it because remember it’s a core i7.Each Intel NUC only uses around 9 watts of power on average, with an idle k3s cluster!What do I think?So, what do I think of these lower power, small, yet powerful devices? Well, I think they are pretty awesome if you couldn’t tell by the fact that I bought 3.You can find these devices relatively cheap if you go with a model from a previous year.Is it as cheap as picking up older small form factor desktops? It’s not, what that might be a perfectly fine option for you if you want to save some money, but I didn’t have 3 devices that I could keep around for years to come, not to mention that I still have my first NUC from almost 9 years ago. These little devices are great for servers, especially if you are considering clustering them.And rack mounting them is a great solution if you’re thinking about picking up a few.Well, I learned a lot today about low power servers, Intel NUCs, and cluster Kubernetes and I hope you learned something too.And remember if you found anything in this video helpful, don’t’ forget to share, like, and subscribe. Thanks for reading and watching!Join the conversationWhat a week! I built a lower power, efficient, and near silent server cluster! Although this cluster is small and efficient, it's still powerful enough to run many services running in High Availability mode! Check it out!👉https://t.co/5VP32kGqP4#homelab pic.twitter.com/8dWy6FQQVj— Techno Tim (@TechnoTimLive) April 22, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Building a Low Power, All-in-One, Silent Server", "url": "/posts/low-power-efficient-server/", "categories": "homelab", "tags": "homelab, proxmox, pfsense, ubuntu, windows, truenas, hardware, plex, portainer, docker, hardware", "date": "2023-04-08 10:00:00 -0500", "snippet": "What if I told you that this little machine is the perfect Proxmox Virtualization server? And what if I told you I crammed an intel core i5, 64 GB of RAM, a 1 TB NVMe SSD, another 1TB SSD all in t...", "content": "What if I told you that this little machine is the perfect Proxmox Virtualization server? And what if I told you I crammed an intel core i5, 64 GB of RAM, a 1 TB NVMe SSD, another 1TB SSD all in this tiny little box that’s dead silent without any fans? And what if I told you it can run Proxmox Virtual Server, host a pfsense router, runTrueNAS with a TB of storage, run Ubuntu server with Portainer running a few docker containers, run Windows 10 or Windows 11, and run ubuntu Desktop and pass though all of the hardware so I can use this server as a desktop, all while running a Plex Server and doing hardware transcoding with 3 - 4k streams? No Way!Yeah, I thought you’d say that.📺 Watch VideoYou might have heard of Protectli before.They’re known for making really great appliances for many open source software distributions.Most people think of Protectli devices as the perfect device for a router like pfSense. And that makes sense considering that their devices come with anywhere from 2 - 6 network ports.But their devices can be used to run almost any software imaginable, from Linux, to Windows, to a dedicated firewall, to even a virtualization host or a hypervisor. How is that possible?Where to BuyA HUGE thanks to Protectli for sending this device for me to test! Protectli Vault FW2B - 2 Port - https://amzn.to/3nRJfM1 Protectli Vault FW4B - 4 Port - https://amzn.to/3nVVU0u Protectli Vault FW6A - 6 Port - https://amzn.to/3zHWHop Protectli Vault Pro VP4630-6 Port - https://amzn.to/3GoYSRy Crucial RAM - https://amzn.to/41eks31 Samsung NVMe - https://amzn.to/3KIsKuD Samsung SSD - https://amzn.to/43fYb6ZSee the whole kit here! - https://kit.co/TechnoTim/building-a-low-power-all-in-one-silent-serverCPUThat’s possible because of the hardware that these devices ship with.Protectli sent me a VP4560 to help with some of my HomeLab projects and this device is a beast. This is the VP4650 and comes with an intel Core i5 quad core CPU with hyper-threading that is rated at 1.6 GHz and can turbo boost up to 4.2 GHz.The nice thing about this CPU is that it supports VTx for virtualization and VT-d for IOMMU so I can pass through devices though to the guest.And because it’s an Intel x86 processor it comes with AES-NI support, which is super nice for encryption / decryption for VPN or TLS.MemoryIt supports up to 64GB of RAM which is plenty for what I will be using it for, but you can scale back if you need, all the way down to 4 GB.NetworkIt comes with 6 intel 2.5 gigabit NIC ports giving you enough throughput for most of your networking needs.Protectli VP4650 has 6 - 2.5 Gb/s network ports!StorageIt also ships with a 16GB eMMC module on board and many options for storage.Also, because this machine has an NVMe slot and a SATA port you can mix and match your storage to fit your needs.I opted for a 1 TB Samsung M.2 NVMe and a 1 TB Samsung EVO drive.Protectli VP4650 InternalsExtrasYou also get the choice of adding WiFi modules and 4g LTE modems however I decided not to on this device because they also sent a lower powered VP2420 that has 4 network ports along with WiFI and LTE modules to help me build the ultimate router which you’ll be seeing in a future video.Protectli Ultimate Router (Coming soon!)CoolingIf you noticed from everything I listed, you didn’t hear anything about fans.That’s not something that’s obvious from the specs on paper, but taking one look at this device you can see this huge heatsink that passively cools the entire device.It definitely looks like a grill but I promise you can’t cook anything on here.ConnectivityProtectli devices come with plenty of options to connect all of your other devices devices_As far as connectivity goes, you have plenty of options for connecting devices, from USB 2.0, 3.0, USB C, to HDMI, to Display power, and even a micro USB port for console access.BIOSYou can choose between AMI BIOS and and open source BIOS called “coreboot”_One thing that I like about these devices is that you have your choice in firmware to use.You can use a standard AMI BIOS that works great, or your can use coreboot BIOS, which is a bare bones open source BIOS that lets you customize some cool features.For instance, if you flash their devices with core boot, you can boot to the network and download and install many different operating systems from the network.This is a neat feature that I welcome and it saves you the hassle of loading up that Ventoy USB disk with new ISO.I did however opt for AMI BIOS because I did have a few issues with coreboot related to using my Ventoy USB disk.But that’s the nice thing about this BIOS being open source, it will get better and more secure over time with more eyes looking at it and more engineers contributing to it.The BuildSo what did I do with all of this hardware? The better question is what didn’t I do?I knew that I wanted thai build to be a complete silent hypervisor and I knew that it was going to run Proxmox.The first decision I had to make was where I was going to install proxmox.Remember I have the choice between the NVMe drive, the SATA drive, and the eMMC module.Turns out the eMMC mobile isn’t really an option because Proxmox won’t let you install it there without some hacks and I didn’t want to hack this device so I decided to install it on the NVMe drive and use the rest of the partition for virtual machines.Typically I would have installed the OS on the slower drive and save the NVMe for VMs but I have other plans for that. Installing Proxmox was straightforward, just like any other Proxmox installation.After it was installed I then configured IOMMU so I can pass devices through to guest machines and everything else I have on my First 11 Things on Proxmox video.After that was all set it was now time to install some VMs.RouterI knew that I wanted to install a router on this machine.This will give me the flexibility to run a network firewall for all of these devices and give me the option to protect any device I use when I travel, but more on that later.So I installed pfsense, and passed through 2 NICs from the host down to the guest. This first NIC is the WAN port, so an upstream provider like an ISP or even some network I don’t trust, and then one port for LAN if I do want to connect all of these devices to the local network. Passing these through and configuring them was pretty simple and if I forget which port is which they even included some stickers for me to label the ports.I also added another network port that’s used as a network bridge in case I want these VMs to use an internal network.Protectli Network interface stickersNASNow that the router was done, I wanted to configure a NAS on this device.This NAS could be any open source NAS but I chose to go with TrueNAS SCALE.I went with TrueNAS because, well it’s TrueNAS,and I went with SCALE because I wanted a Linux based OS that plays better with Proxmox.After installing TrueNAS I then created a 1 TB drive in Proxmox and assigned it to TrueNAS so that I can have 1 TB of storage on my NAS.I know it’s not ZFS and I don’t have redundant drives, so if you do the same you’ll want to be sure that you have your data backed up to another machine.Once I had TrueNAS up and running I could set up NFS and Samba shares just like I would normally with a physical install.I can also pass through one of the NICs to my NAS so that it can have a dedicated 2.5 Gb/s NIC if I like.Ubuntu Server + PortainerNext up I needed something to run my containers.Yes, I know I can use TrueNAS to do that but I wanted to go with my preferred combination of Ubuntu Server + Docker + Portainer.Having a dedicated Ubuntu server running Portainer gives me a great UI and so many possibilities.After installing and configuring I then created a few containers.This is a perfect host now to run all of my self-hosted services.DesktopAfter getting my foundation all set up, I then had my choice of desktop OSes.I could choose between Windows and Ubuntu Desktop, then I looked at how much disk space and RAM I had left and I thought to myself, why not both.This is where things got a little bit interesting too.I first installed Windows 11 and configured it, no problems there, but after installing Windows I wanted to passthrough the GPU on the device to the VM, along with sound card and USB devices so I could use this all in one server as a desktop too.After messing with this for hours I could not get the single Intel GPU to display anything on the screen even though it was definitely passed through to the guest machine and I could see it over Remote Desktop.I thought maybe it was Windows 11 so I created a Windows 10 machine and it did the same thing.Ubuntu Virtual machine running on Proxmox with the hardware passed through from host to guest so I can use it as a desktop simultaneouslySo I decided to try it again, but with Ubuntu Desktop and sure enough it worked! I was able to pass through the integrated GPU front he host down to the guest and use this machine as a desktop.I will be the first to admit that it wasn’t winning any performance awards but I was able to do most tasks that I would expect to do on a laptop.I installed VSCode, customize the desktop, watched some YouTube, and even passed through the thermal subsystem so I could monitor the temperature of the host.After I had this working I decided to install Plex on this machine so that I could see if I could get QuickSync working.QuickSync is a technology and a dedicated chip on most modern intel processors that lets you off load decoding and encoding video from the processor to this chip.This technology is similar to NVENC from NVIDIA, and AMF from AMD, but the idea is that you give this work to another part of the processor instead of pegging all of your CPU cores.Plex can take advantage of this if you have a plex pass and I do, so I wanted to see if I could get it working.That’s where I started to run into troubles.I thought that since I had the GPU passed through to this Ubuntu machine that Plex would just see QuickSync and use it. No matter what I tried I could not get Plex do hardware encoding, I even tried using Docker containers which supposedly should work if the hardware is mapped properly however I couldn’t get it to work.I could see the Intel GPU using Remote Desktop on WindowsThen I decided to try my Windows VM.I could see the Intel GPU when using Remote Desktop so there was hope.Sure enough that when I installed plex and started streaming a video the hardware enabled transcoding kicked it and the CPU barely budged! I was able to transcode 3-4k streams down to 1080, 720, and even 480, no problem!I could encode 3 - 4k streams on Plex using Intel’s Quick Sync!This was awesome and puzzling at the same time.The WIndows machine could see the GPU and take advantage of QuickSync but I couldn’t output the display from the HDMI or DisplayPort, and the Ubuntu machine could output to the monitor over HDMI but couldn’t use QuickSync.Judging by the fact that I was able to cover both of these use cases with different operating systems this told me that it’s something with software and not hardware so I chalked it up as software issue and it may be fixed some day.PowerProtectli VP4650 power draw with 4 virtual machines running and hardware attachedYou might think that running 4 virtual machines on this device would draw a lot of power and generate a lot of heat.Well, I thought the same thing until I pulled out my kill-a-watt and decided to measure it.This Protectli machine running 4 VMs and the host itself with all of these devices plugged in pulled anywhere from 20-30 watts, which I think is pretty good considering I have all of this functionality in one device.If I wanted to save some more power I could power down any of these virtual machines when not using them.Protectli VP4650 temperatures with 4 virtual machines running and hardware attachedAnd as far as heat goes? Well, do you hear that fan? That’s right, no fan equals no noise but that also means that it’s going to heat up these fins.As you saw earlier that the thermals were around 56 celsius on the die, it’s actually much cooler on the heatsink fins so you definitely can’t cook anything on it.Final ThoughtsAs you saw I was able to create quite a few virtual machines and spin up an absolutely quiet hypervisor and use it as a desktop, which goes to show just how flexible these devices are.If you go with Protectli you are getting a blank slate where you can create and build anything you want.From a full fledged server with virtual machines to a small dedicated development environment.Now it wouldn’t be fair if I didn’t mention some of the beefs I have with it too.Remember that eMMC drive I mentioned? Well, if you’re planning on using it with Proxmox it’s almost useless.Proxmox can’t be installed on that device and even if it could it’s only 16GB.I’d love to see another option other than the eMMC module or even space for another SSD.The other things that some mention is the price.These devices are a little more expensive than some of the other small form factor devices out there, so I wish the price would come down just a bit.However these devices are purpose built, have lots of customization options like WiFi and 4g LTE, are industrial quality, offer support for all of their devices, and allow you to swap out firmware for coreboot anytime you like and those options might be enough for you to justify the premium cost, because I think these are truly premium devices.Well, I learned a lot about running Proxmox on Protectli devices and I hope you learned something too.And remember if you found anything in this video helpful, don’t forget to like and subscribe.Thanks for reading and watching!ConfigurationHere is my configuration for each virtual machine on my Proxmox server.Please note that (as seen in this article and the video) I did have issues getting the Windows machines to output their display to a physical monitor however Quick Sync to encode videos worked just fine and I could output the display using Ubuntu desktop however I could not use Quick Sync.If you have a fix, let me know in the comments!pfSenseboot: order=virtio0;ide2;net0cores: 4cpu: host,flags=+aeshostpci0: 0000:06:00ide2: none,media=cdrommemory: 2048meta: creation-qemu=7.2.0,ctime=1680150221name: pfsensenet0: virtio=12:70:A1:22:F9:2F,bridge=vmbr1numa: 0ostype: otherscsihw: virtio-scsi-singlesmbios1: uuid=0388a78d-7950-49e7-8ef9-19a9744e8ee2sockets: 1startup: order=1,up=30,down=30vga: qxlvirtio0: local-lvm:vm-100-disk-0,discard=on,iothread=1,size=20Gvmgenid: 314798d0-820e-40bd-89ad-ac364b03b83cWindows 11agent: 1balloon: 0bios: ovmfboot: order=ide0;ide2;virtio0;net0cores: 8cpu: hostefidisk0: local-lvm:vm-101-disk-0,efitype=4m,pre-enrolled-keys=1,size=4Mhostpci0: 0000:00:02,pcie=1hostpci1: 0000:00:12.0ide0: local:iso/virtio-win-0.1.229.iso,media=cdrom,size=522284Kide2: none,media=cdrommachine: pc-q35-7.2memory: 32768meta: creation-qemu=7.2.0,ctime=1680233057name: windows-11net0: virtio=DE:AB:E8:6B:9F:B7,bridge=vmbr2,firewall=1,tag=60numa: 0ostype: win11scsihw: virtio-scsi-singlesmbios1: uuid=5f7d30a5-b3df-4a29-800c-730c7a43668dsockets: 1tpmstate0: local-lvm:vm-101-disk-1,size=4M,version=v2.0vga: stdvirtio0: local-lvm:vm-101-disk-2,cache=unsafe,discard=on,iothread=1,size=10>vmgenid: 9193bc41-1b82-4069-bc42-8cbb0dfca31dUbuntu Desktopagent: 1balloon: 0boot: order=scsi0;ide2;net0cores: 8cpu: hosthostpci0: 0000:00:02,pcie=1,rombar=0,x-vga=1hostpci1: 0000:00:1fhostpci2: 0000:00:1ahostpci3: 0000:00:12,pcie=1ide2: none,media=cdrommachine: q35memory: 16384meta: creation-qemu=7.2.0,ctime=1680232192name: ubuntunet0: virtio=1E:05:6A:E7:68:85,bridge=vmbr2,tag=60numa: 0ostype: l26scsi0: local-lvm:vm-102-disk-0,cache=writeback,discard=on,iothread=1,size=8>scsihw: virtio-scsi-singlesmbios1: uuid=7b2a286b-197d-4382-9c04-5a0544596b89sockets: 1startup: order=4,up=30,down=30usb0: host=24f0:0142usb1: host=045e:0724vga: nonevmgenid: e93460b1-66f7-4694-a528-98ed006eb770Ubuntu Serveragent: 1balloon: 0boot: order=scsi0;ide2;net0cores: 4cpu: hostide2: none,media=cdrommemory: 8192meta: creation-qemu=7.2.0,ctime=1680232488name: ubuntu-servernet0: virtio=F6:BF:85:17:B6:0F,bridge=vmbr2,firewall=1,tag=60numa: 0ostype: l26scsi0: local-lvm:vm-103-disk-0,cache=unsafe,discard=on,iothread=1,size=32Gscsihw: virtio-scsi-singlesmbios1: uuid=7bc4309c-dc9a-4632-bfd5-2e5f8a5e4fcdsockets: 1startup: order=3,up=30,down=30vmgenid: 2500d141-f7be-4c7b-ab9f-0a0f0075ea97TrueNASagent: 1balloon: 0boot: order=scsi0;ide2;net0cores: 4cpu: hostide2: none,media=cdrommachine: q35memory: 8192meta: creation-qemu=7.2.0,ctime=1680314889name: truenasnet0: virtio=DE:16:B3:D8:6C:C7,bridge=vmbr2,firewall=1,tag=60numa: 0ostype: l26scsi0: local-lvm:vm-104-disk-0,discard=on,iothread=1,size=32G,ssd=1scsi1: evo:vm-104-disk-0,discard=on,iothread=1,size=1000G,ssd=1scsihw: virtio-scsi-singlesmbios1: uuid=2ab225ac-44d8-4fb0-b5eb-0ada70e05f33sockets: 1startup: order=2,up=30,down=30vmgenid: 79db20a3-ff24-457c-8abb-6dc4df3c6e38Windows 10agent: 1balloon: 0bios: ovmfboot: order=ide0;ide2;scsi0;net0cores: 8cpu: hostefidisk0: local-lvm:vm-105-disk-0,efitype=4m,pre-enrolled-keys=1,size=4Mhostpci0: 0000:00:02,pcie=1hostpci1: 0000:00:12,pcie=1hostpci2: 0000:00:1fide0: none,media=cdromide2: none,media=cdrommachine: pc-q35-7.2memory: 32768meta: creation-qemu=7.2.0,ctime=1680459394name: windows-10net0: virtio=72:B4:A4:CD:C6:96,bridge=vmbr2,firewall=1,tag=60net1: virtio=C6:9F:2F:F2:73:7B,bridge=vmbr1,firewall=1,link_down=1numa: 0ostype: win10scsi0: local-lvm:vm-105-disk-1,cache=unsafe,discard=on,iothread=1,size=150G>scsihw: virtio-scsi-singlesmbios1: uuid=74ff8b62-d60d-4d5c-81a0-e3939baa380csockets: 1startup: order=4,up=30,down=30vga: nonevmgenid: f4593d16-12ab-4483-8962-6c27ee576f05Join the conversationOver the last few weeks I built a lower power, efficient, and silent Proxmox server! I can run many virtual machine and even pass through the hardware to use it as a desktop simultaneously! Check it out! 👉https://t.co/4u6DW3BS3E#homelab pic.twitter.com/32quyBjXH5— Techno Tim (@TechnoTimLive) April 8, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Automate Cloudflare with Terraform and GitHub Actions! - Terraform Tutorial for Beginners", "url": "/posts/terraform-cloudflare-github/", "categories": "cloud", "tags": "terraform, hashicorp, cloudflare, github, cloud, homelab", "date": "2023-03-25 10:00:00 -0500", "snippet": "Today, we’re going to set up and configure Terraform on your machine so we can start using Terraform.Then we’ll configure cf-terraforming to import our Cloudflare state and configuration into Terra...", "content": "Today, we’re going to set up and configure Terraform on your machine so we can start using Terraform.Then we’ll configure cf-terraforming to import our Cloudflare state and configuration into Terraform.After that we’ll set up a GitHub report and configure GitHub actions so you have CI and CD for deploying your Infrastructure automatically using a Git Flow.If you’re new to Terraform, that’s fine! This is a beginner tutorial for Terraform and by the end of this, you will feel like an expert!📺 Watch VideoWhat is Terraform and how does it help?Terraform is a powerful infrastructure as code tool to help you create and manage infrastructure across multiple public or private clouds. It can help you provision, configure, and manage infrastructure using their simple and human readable configuration language. Using Terraform helps you automate your infrastructure and your DevOps workflow, do it consistently, and allows you to collaborate with teams in Git.There are 7 key areas where Terraform shines: Automation: Terraform enables automation of infrastructure provisioning, configuration, and management, which reduces human error and saves time. Consistency: Terraform ensures that your infrastructure is consistent across all environments, from development to production. Collaboration: Terraform allows multiple teams to work together on infrastructure changes, using version control systems like Git. Cloud-agnostic: Terraform supports various cloud providers, including AWS, Google Cloud, and Microsoft Azure, allowing you to use the same tool to manage resources across different clouds. Scalability: Terraform is designed to handle large-scale infrastructure deployments and can easily manage thousands of resources. Reusability: Terraform modules enable you to reuse code and infrastructure components across multiple projects, making it easier to manage infrastructure at scale. Flexibility: Terraform is highly flexible and can be extended through plugins to integrate with other tools and services. Installing TerraformThis will work on Ubuntu and Windows + WSLInstall terraform for other platformsInstall dependenciessudo apt updatesudo apt install software-properties-common gnupg2 curlImport the gpg keycurl https://apt.releases.hashicorp.com/gpg | gpg --dearmor > hashicorp.gpgsudo install -o root -g root -m 644 hashicorp.gpg /etc/apt/trusted.gpg.d/Add hashicorp repositorysudo apt-add-repository \"deb [arch=$(dpkg --print-architecture)] https://apt.releases.hashicorp.com $(lsb_release -cs) main\"Install terraformsudo apt install terraformCheck the versionterraform --versionTerraform v1.4.0on linux_amd64Create your Terraform Cloudflare configFirst create a simple terraform config:terraform { required_providers { cloudflare = { source = \"cloudflare/cloudflare\" version = \"~> 3.0\" } }}provider \"cloudflare\" { api_token = var.cloudflare_api_token}# Create a recordresource \"cloudflare_record\" \"www\" { # ...}# Create a page ruleresource \"cloudflare_page_rule\" \"www\" { # ...}Here is my .editorconfig:# http://editorconfig.orgroot = true[*]indent_style = spaceindent_size = 2charset = utf-8trim_trailing_whitespace = trueinsert_final_newline = true[*.md]trim_trailing_whitespace = falseInitialize terraform and Cloudflareterraform initWe should see that it installed plugins, and it should have created a lock file.Terraform Plan and ApplyNext we’ll want to review our plan, we can see our proposed changesterraform planNext we’ll apply our changes.terraform applyVerify on the dashboard.After applying we can verify the results.we can also test with nslookupnslookup yoursite.example.comCheck Cloudflare’s site.if we run plan again, we can see there’s no work to doterraform applyShould see that there isn’t any work to do.Importing Cloudflare StateWe will need to import our Cloudflare state into our local Terraform state. An important point to understand about Terraform is that it can only manage configuration it created or was explicitly told about after the fact. The reason for this limitation is that Terraform expects to be authoritative for the resources it manages. It relies on two types of files to understand what resources it controls and what state they are in. Terraform determines when and how to make changes from the following: A configuration file (ending in .tf) that defines the configuration of resources for Terraform to manage. This is what you worked with in the tutorial steps. A local state file that maps the resource names defined in your configuration file — for example, cloudflare_load_balancer.www-lb — to the resources that exist in Cloudflare. https://developers.cloudflare.com/terraform/advanced-topics/import-cloudflare-resources/So this means that we need to sync the remote state of Cloudflare, down to our local state.This is where cf-terraforming can helpCheck for the latest version here:https://github.com/cloudflare/cf-terraforming/tagsUpdate this command with the latest tagcurl -L https://github.com/cloudflare/cf-terraforming/releases/download/v0.11.0/cf-terraforming_0.11.0_linux_amd64.tar.gz -o cf-terraforming.tar.gztar -xzf cf-terraforming.tar.gzrm cf-terraforming.tar.gzsudo mv ./cf-terraforming /usr/local/binsudo chmod +x /usr/local/bin/cf-terraformingThen we need to updated our .zshrc or .bashrc with our variablesnano ~/.zshrcexport CLOUDFLARE_API_TOKEN='12345'export CLOUDFLARE_ZONE_ID='abcde'The source your shellsource ~/.zshrcNow let’s export Cloudflare state(Be sure you have copied your variables into your shell, or ran the export commands above )cf-terraforming generate \\ --resource-type \"cloudflare_record\" \\ --zone $CLOUDFLARE_ZONE_ID > imported.tfLook at the file and copy the contents into your cloudflare.tfthen runterraform planTerraform thinks that we need to apply all of these resources, even though they exist.We need to import them into our local state.cf-terraforming import \\ --resource-type \"cloudflare_record\" \\ --zone $CLOUDFLARE_ZONE_IDThis will export a lot of commands, we now need to run them to import them into our state.All you need to do it copy and paste the commands into your terminal.This will import your local state, you can see it in terraform.tfstateIf we run terraform plan now, we can see that there aren’t any changes.Remote State with Terraform CloudTerraform CloudBe sure to sign up for an account and then get add your CLOUDFLARE_API_TOKEN and an ENV variable in Terraform Cloud.Mark it as seneitive.Then you’ll want to updated your cloudflare.tfIt should look like this cloud { hostname = \"app.terraform.io\" organization = \"your org\" workspaces { name = \"Cloudflare\" } }Your cloudflare.tf file should now look like:terraform { cloud { hostname = \"app.terraform.io\" organization = \"your org\" workspaces { name = \"Cloudflare\" } } required_providers { cloudflare = { source = \"cloudflare/cloudflare\" version = \"~> 3.0\" } }}provider \"cloudflare\" { api_token = var.cloudflare_api_token}# Create a recordresource \"cloudflare_record\" \"www\" { # ...}# Create a page ruleresource \"cloudflare_page_rule\" \"www\" { # ...}Then runterraform initThis will prompt you to sign in and then import your local state into Terraform cloud.CI / CD with GitHub ActionsIf you want to create a CI / CD pipeline with GitHub actions, you’ll need to create a new repo at GitHubHere is my .gitignore.terraform/terraform.tfstate*Convert your local folder into a git repo:first, cd into your folder Note: Be sure not to commit any of your secrets to git! This includes API tokens, terraform state, and any other files that might include sensitive informationgit initgit commit -m \"first commit\"git branch -M maingit remote add origin git@github.com:username/your-repo-name.gitgit push -u origin mainTo create a branch, add files, commit, and pushgit checkout -b my-new-branchgit add .git commit -m \"fix(terraform): made some changes\"git push --set-upstream origin my-new-branchBe sure you have created a secret TF_API_TOKEN with your Terraform API token.For reference, here is the terraform GitHub Action (with my bug fix)name: 'Terraform'on: push: branches: [ \"main\" ] pull_request:permissions: contents: readjobs: terraform: name: 'Terraform' runs-on: ubuntu-latest environment: production # Use the Bash shell regardless whether the GitHub Actions runner is ubuntu-latest, macos-latest, or windows-latest defaults: run: shell: bash steps: # Checkout the repository to the GitHub Actions runner - name: Checkout uses: actions/checkout@v3 # Install the latest version of Terraform CLI and configure the Terraform CLI configuration file with a Terraform Cloud user API token - name: Setup Terraform uses: hashicorp/setup-terraform@v2 with: cli_config_credentials_token: $ # Initialize a new or existing Terraform working directory by creating initial files, loading any remote state, downloading modules, etc. - name: Terraform Init run: terraform init # Checks that all Terraform configuration files adhere to a canonical format - name: Terraform Format run: terraform fmt -check # Generates an execution plan for Terraform - name: Terraform Plan run: terraform plan -input=false # On push to \"main\", build or change infrastructure according to Terraform configuration files # Note: It is recommended to set up a required \"strict\" status check in your repository for \"Terraform Cloud\". See the documentation on \"strict\" required status checks for more information: https://help.github.com/en/github/administering-a-repository/types-of-required-status-checks - name: Terraform Apply if: github.ref == 'refs/heads/main' && github.event_name == 'push' run: terraform apply -auto-approve -input=falseWrapping upAt this point you should be able to run terraform and have your Cloudflare state sync’d with Terraform Cloud and GitHub actions running in CI / CD so you can start deploying your infrastructure using code!Join the conversationOver the past few weeks I learned all about Terraform and it's awesome! I converted my Cloudflare settings to code and deploy it with CI / CD using GitHub Actions!You can check it out here:👉 https://t.co/vUnvV8m3Mh#terraform #cloudflare #github #homelab pic.twitter.com/2oWkhtZshu— Techno Tim (@TechnoTimLive) March 25, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Rotating your Encryption Keys and Updating your Secrets with SOPS", "url": "/posts/rotate-sops-encryption-keys/", "categories": "utilities", "tags": "sops, age, flux, kubernetes", "date": "2023-03-05 09:00:00 -0600", "snippet": "If you’ve been encrypting your secrets with SOPS and Age you know how useful it is to keep your secrets safe from prying eyes. If you’re not familiar with encrypting your secrets with SOPS and Age,...", "content": "If you’ve been encrypting your secrets with SOPS and Age you know how useful it is to keep your secrets safe from prying eyes. If you’re not familiar with encrypting your secrets with SOPS and Age, I highly recommend checking out a post I did a while back that shows you how easy it is to encrypt your secrets and even hide them in plain sight in a Git repo.I am happy (and relieved) that I started doing this for all of my secrets.This works great, until you need to rotate your encryption key that’s used to encrypt your secrets. I use FLUX for GitOps which helps me deliver changes to my Kubernetes cluster via code and since I can commit my infrastructure, I can also commit my secrets as code too (SOPS, or Secrets Operations).This means that all of my secret files (typically secret.sops.yaml) are all encrypted using my key.But what happens when I need to change the key, either for good security hygiene or because it was compromised? The short answer is, there’s no easy way other than writing a little bit of code.Scripting it with BashFirst you’ll need to generate a new age file withage-keygen -o age.agekeyThis will output a age.agekey file.Take note of this location.Then you’ll want to execute this script in the folder where you have secrets that need to be updated.This script isn’t anything ground breaking but hopefully it will help you update all of your secrets without having to go and manually change them yourself.#!/bin/bash# Define the paths to the old/current and new age key filesSOPS_AGE_KEY_FILE=~/.config/sops/age/keys.txtSOPS_AGE_KEY_FILE_NEW=~/.config/sops/age/age.agekey# Define the commands to decrypt and encrypt the fileDECRYPT_COMMAND=\"sops --decrypt --age \\$(cat $SOPS_AGE_KEY_FILE |grep -oP \\\"public key: \\K(.*)\\\") --encrypted-regex '^(data|stringData)$' --in-place\"ENCRYPT_COMMAND=\"sops --encrypt --age \\$(cat $SOPS_AGE_KEY_FILE_NEW |grep -oP \\\"public key: \\K(.*)\\\") --encrypted-regex '^(data|stringData)$' --in-place\"# Find all the *.sops.yaml files recursively in the current directory and apply the decrypt and encrypt commands to themfind . -name \"*.sops.yaml\" -type f -print0 | while IFS= read -r -d '' file; do eval \"$DECRYPT_COMMAND $file\" eval \"$ENCRYPT_COMMAND $file\"doneIt works like this: SOPS_AGE_KEY_FILE is the path to your existing keys.txt or age.agekey file SOPS_AGE_KEY_FILE_NEW is the path to your new age.agekey file. It will look for files matching *.sops.yaml recursively and then decrypt the file using the old key, and encrypt it using the new key.After running this script you should see all of your secrets now encrypted with the new key! You can now replace your old key file with your new one so that SOPS_AGE_KEY_FILE is referencing. You should test decrypting your secrets before saving them.sops --decrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP \"public key: \\K(.*)\") --encrypted-regex '^(data|stringData)$' secret.sops.yamlUpdating your FLUX Secret in KubernetesIf you are able to see the decrypted secret, you are all set as far as the ket goes.Another thing you’ll need to do is delete your old secret in Kubernetes and replace it with this new one so that your secrets can be decrypted in your cluster!kubectl delete -n flux-system secrets sops-ageThen create new secret from the new filecat age.agekey |kubectl create secret generic sops-age \\--namespace=flux-system \\--from-file=age.agekey=/dev/stdinNow you should be all set! Be sure to keep your new age.agekey somewhere safe.Join the conversationI wrote up a quick post on how to rotate your SOPS encryption key and update all of your secrets at once! Great if you're using SOPS with Kubernetes.https://t.co/iME1iS4Kpl— Techno Tim (@TechnoTimLive) March 6, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Configuring VLANs, Firewall Rules, and WiFi Networks - UniFi Network Application", "url": "/posts/vlan-firewall-unifi/", "categories": "homelab", "tags": "unifi, vlan, network, hardware", "date": "2023-03-04 09:00:00 -0600", "snippet": "What is a VLAN and How Do They Help?Today we’re going to cover setting up VLANs using UniFi’s network controller.We’ll set up a VLAN, from start to finish, which includes creating a new network, co...", "content": "What is a VLAN and How Do They Help?Today we’re going to cover setting up VLANs using UniFi’s network controller.We’ll set up a VLAN, from start to finish, which includes creating a new network, configuring a wireless network that uses VLANs, and then we’ll set up firewall rules to make sure we’re keeping our network safe. If you think VLANs are only for the enterprise, you’re wrong, I will show you how they are helpful at home too.📺 Watch VideoSo what’s a VLAN? A VLAN or Virtual Local Area Networks, is a group of devices, computers, or servers that communicate with each other as if they are on the same physical LAN, but they are actually located on separate physical LAN segments.VLANs can be created by configuring a managed network switch to segment the network into different broadcast domains.So why are VLANs important, even to the home user? VLANs are important for security. They can help isolate sensitive data and systems from the rest of your network, improving security by preventing unauthorized access. VLANs are important for performance. VLANs can be used to separate network traffic into different segments, reducing network congestion and improving overall performance. VLANS are important for management. VLANS can be used to simplify network management by grouping devices based on location, department, or even function making it much easier to configure, monitor, and troubleshoot. VLANs give you flexibility. VLANS allow for network changes and reconfigurations without physical changes to your network infrastructure saving you time and money, and we all want to save that, right? So what’s not to love about VLANs if they give you greater control over network traffic, help optimize network performance, give you better security, and give you management and flexibility?Well, for me it was complexity and knowing where to start.HardwareUbiquiti UniFi 6 Lite Access Point - https://l.technotim.live/ubiquitiUniFI UDM SE - https://l.technotim.live/ubiquitiUniFi UDM Pro - https://l.technotim.live/ubiquiti(Affiliate links are included in this description. I may receive a small commission at no cost to you.)How to Create a VLAN with UniFiA list of common VLANs in UniFi Network Application Navigate Settings Choose Networks Choose “Create New Network” Name it whatever we like (IoT) Choose something descriptive Choose your router (if applicable), but I wouldn’t offload routing unless you know what you’re doing. I typically uncheck auto scale network and define it myself We’ll choose the host address and netmask While we’re at it we should also choose manual for the advanced section Choose a VLAN Id I typically match the 3rd octet in my case that would be 100 If you’re using Apple devices or Chromecast (or similar devices) on this network, you’ll want to turn on IGMP snooping & Multicast DNS DHCP Mode - you’ll want to keep as DHCP server For DHCP Range you’ll want to choose the beginning and end of your range.Can be anything within range.At home I usually start at 100 so I know which devices are using DHCP at a glance. There are other options here that you don’t really need to change but if you do, change them to your likingCongrats you just created your first VLAN! 🎉Creating Wireless Network for a VLANA list of common WiFI networks in UniFi Network ApplicationOnce we’ve created our VLAN, we can now add this to a wireless network.This is perfect for IoT devices or really any VLAN that you want to use over your wireless network. First, we’ll go to Settings, then WiFi Then choose create new WiFi Network We’ll name the network and give it a password Then we’ll choose the Network it belongs to (IoT) In the network list we can see our newly created network! You can make any other adjustments you need to your wireless network, but I am going to keep the defaults. Then we’ll hit applyIf you check your access points, you can now see this wireless network being set up and provisioned with the new config that contains our new WiFi network that is bound to our VLAN!Assigning a VLAN to a Switch portUniFi Network application port managementYou can now assign this to one of your switch post by going into your switch and assigning it this VLAN / VLAN IDChoose the new VLAN and let your device get a new DHCP address from the new VLAN. You should expect to see an IP in the range that we set above.Once you choose once we assign it, let’s connect a device and test it out.Connect a device, check its IP, ping google, then ping another device on another VLAN.Uh-oh!UniFi allows inter VLAN communication out of the box.I guess this was a conscious decision from them to make things easier, but it does make your networks open to other networks.We can fix that, with a firewall rule!Configuring a Network ProfileA list of common WiFI networks in UniFi Network ApplicationBefore we set up our firewall rules, first let’s create a profile.Profiles are a simple way to group items or alias them.This comes in handy later when creating firewall rules. Navigate to Profiles Create a new Profile Name it something like “(VLAN NAME) Only” Set type to IPv4 Address/Subnet Add all of your other VLANs 192.168.0.0/24 (this is the default network) 192.168.10.0/24 (this is my “Trusted” network) Again, this Profile is for all other VLANs, not our new VLAN we just created.Configuring Firewall RuleIn order to block inter VLAN Communication we’ll need to set up some firewall rules.The pattern I usually follow is blocking all traffic from one VLAN destined to all other VLANs.This can be done by creating Profiles. Navigate to Firewall & Security Choose the Type For inter VLAN communication you’ll want to choose “LAN In” Give your Rule a description, I usually follow the convention Block thing to other thing e.g. Block IoT to ALL Be sure this applies before predefined rules for Action, choose “Drop” For Source Type, Choose “Network” For Network choose your new VLAN e.g. “IoT” For Destination choose “Port/IP Group” For IPv4 Address Group choose “IoT Only” (this is the Profile we created above) For Port Group choose “Any”This rule will block all communication that that originates on your IoT VLAN to all other VLANs (IoT Only).You’ll also want to be sure that this rule applies after every rule that you want to allow in your list of Firewall rules. Navigate to Firewall & Security Check rule order Be sure that any rule you create that Allows / Accepts is above this rule that Blocks / Denies.TestingBe sure to test all of your firewall rules!Once you have these rules in place, I highly recommend you test your firewall rules.Some examples of things you should test Can you communicate with the IoT VLAN from your Trusted VLAN? Can you communicate with the Trusted VLAN from your IoT VLAN? Can you communicate with the gateway (192.168.100.1) from your IoT VLAN? Can you communicate with DNS from your IoT VLAN?Checking these types of things will help you verify that your network rules are being applied properly.Repeat these tests anytime you make changes.Wrapping upAt this point you should have a new VLAN that works on your WiFi access points, your network ports, and should have firewall rules in place to prevent unauthorized access! You can simply repeat this process for every new VLAN that you need! Have you set up VLANs yet?Join the conversationToday I decided to share how I set up my VLANs, Firewall rules, Wireless Networks, and Network Security. 👉https://t.co/SOGBrsmKXK#vlan #unifi #homelab pic.twitter.com/x2LovlQVd4— Techno Tim (@TechnoTimLive) March 4, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "The Ultimate Guide to Wake on LAN for Windows, MacOS, and Linux", "url": "/posts/wake-on-lan/", "categories": "utilities", "tags": "wol, windows, mac, linux, network, network, wake-on-lan", "date": "2023-02-19 09:00:00 -0600", "snippet": "What is Wake on LAN and why is it so hard?After releasing my video on the PiKVM I realized that there was so much confusion about Wake on LAN, and rightfully so, that I decided to put together this...", "content": "What is Wake on LAN and why is it so hard?After releasing my video on the PiKVM I realized that there was so much confusion about Wake on LAN, and rightfully so, that I decided to put together this guide on how to configure Wake on LAN on any machine. Wake on LAN (WoL) is a networking standard that allows a computer to be turned on by sending a network packet. The client sends a special packet (sometimes referred to as a “magic packet”) and the remote machine will wake up either from a cold power state or from sleep.This is where it starts to get complicated because different hardware manufactures have implemented different controls in BIOS to enable or disable this, and to make even more complex operating systems like Windows, macOS, and Linux have also implemented their own way to wake the machine up when it’s sleeping or in a low powered state.I am just going to throw this out there, Wake on LAN is hard.Since there are many different combinations I will try to cover how to configure your machines wake up successfully regardless of hardware, operating system, and power state.Preparing your hardware for Wake on LANIn order to wake your machine up, we have to be sure that WoL features are turned on in the BIOS and that other features are disabled.Since I cannot test every single BIOS out there, I am going to use my machine as an example for the types of options you will need to enable or disable.Most of the options should be named similarly however where it is located in your BIOS will depend on your manufacturer.First, you’ll need to get into the BIOS of the machine, this is typically done by pressing a key at book like f2 or del but varies by machine.Once you’re in you’re in we’ll start changing some settings.Power settingsYou’ll want to look around for something similar to power settings.If you do not see these options in your power settings, it could be in advanced, networking, or onboard devices.Power settings menu for Intel NUC.This will look different for your machine but the idea is still the sameHere are some things to look for: Deep S4/S5 Sleep - You’ll want to disable this, otherwise only the power button will wake the machine which will disable Wake on LAN Wake on LAN from S4/S5 - You’ll want to enable this setting and if it has an option choose Power on - Normal Boot Wake System from S5 - You’ll want to disable this.This is basically an alarm clock for your machine.There’s no need to enable this unless you want set a time for it to turn on every day.I’ve used this in the past as a contingency plan for some of my servers in case they were powered off accidentally. I would set an alarm for 12 AM. USB S4/S5 Power - I typically disable this if it’s a server since nothing should be plugged in but if it’s a desktop with USB devices you want powered you can turn it on safely. Wake on LAN - enable this might sound obvious but some older systems have an option that says exactly that however newer systems have options for waking in all of the different sleep states. What to do when AC Power is restored - This is optional but I usually set it to Stay Off if it’s a desktop, Power On if it’s a server that should always be on, and Last power state if it’s something like a machine that I wake seldomly.There is one exception, which is if you have a way to toggle the power remotely too.I have a USP PDU Pro from UniFi that I can toggle all of my servers on and off.If you are able to toggle them on and off, the best setting is Power On, that way you have a way to power them on, even if they were gracefully shut down previously. Another quick check you can do is power down the machine and check to be sure the network light is lit up on your NIC.If it’s not, this means Wake on LAN is not enabled on your machine and you’ll have to find the option in your BIOS to make it work.Bare Metal Wake upIf you don’t have an operating system on your machine yet, you should be able to wake up the machine over the network now.If you do have an operating system on your machine, another way you can test a bare metal / cold boot wake is by pulling the power on the machine and then plugging it back in.The reason this should work is because modern operating systems might not fully shut down (they go into a sort of sleep) or might disable WoL on the NIC when shutting down.We’ll fix this in the next section.Waking up a Windows machineAfter you enabled Wake on LAN in the BIOS, and verified you see the light on your NIC blinking when you power off your machine, we can now enable Wake on LAN at the operating system level for Windows.This will work on all modern versions of Windows (Windows 10 and Windows 11).Device managerFirst we’ll want to open the Device Manager.You can do this from the UI or from a command promptdevmgmt.mscBe sure to select the network card that you use to connect to your network. Once open you’ll want to expand Network adapters and find your network adapter, then right click and choose Properties Then choose the Power Management tab and be sure that all of these options are enabled Allow the computer to turn off this device to save power Allow this device to wake the computer Only allow a magic packet to wake the computer. Power Management options for your network adapter.Then we’ll need to verify a few more settings.These settings may or may not exist and depend on your network adapter manufacturer. Click on the Advanced Tab for your Network Adapter Find Wake on Magic Packet and set it to Enabled Find WOL & Shutdown Link Speed and set it to 10 Mbps You’ll want to be sure that your switch supports this speed, otherwise Auto should be fine Click OKYou should check to see if Wake on LAN works before proceeding to the next step since this might not be necessary with your machine.Fast StartupAnother Windows Feature that can prevent a machine from shutting down properly to allow Wake on LAN is Fast Startup.This disables hibernation.I recommend testing to see if Wake on LAN works before disabling this.First, we’ll need to open the Power Control Panel.You can do this from the UI or from a command promptpowercfg.cplThen we’ll need to change some settings Click Choose what the power buttons do from the left menu Click Change settings that are currently unavailable Uncheck Turn on fast startup (recommended) Click Save changesYou should now check to see if Wake on LAN works for your machine.Waking up a Linux machineAfter you enable Wake on LAN in the BIOS, and verified you see the light on your NIC blinking when you power off your machine, we can now enable Wake on LAN at the operating system level for Linux.This sounds odd but I have found that machines (especially Linux) need WoL turned on for each NIC.Install ethtool if you don’t have it alreadysudo apt updatesudo apt install ethtoolFirst check to see if WoL is supported by your NICip a # this will list all of your NICssudo ethtool eno1 # replace with one of the NICs you want to checkThis should output something similar toSettings for eno1: Supported ports: [ TP ] Supported link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/Full Supported pause frame use: No Supports auto-negotiation: Yes Supported FEC modes: Not reported Advertised link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/Full Advertised pause frame use: No Advertised auto-negotiation: Yes Advertised FEC modes: Not reported Speed: 1000Mb/s Duplex: Full Auto-negotiation: on Port: Twisted Pair PHYAD: 1 Transceiver: internal MDI-X: on (auto) Supports Wake-on: pumbg Wake-on: g Current message level: 0x00000007 (7) drv probe link Link detected: yesYou’re looking for Supports Wake-on: pumbg with at least the letter g in the string.This means that the NIC does support WoL for a magic packet, which is a good thing.If you don’t see this here, don’t worry we’ll fix it in netplanUsing NetplanThere are lots of outdated commands you’ll find on the internet that won’t work or will partially work so I advise that you only do this with netplan.If you don’t have netplan installed (Debian, etc…) skip to the next section.To edit your netplansudo nano /etc/netplan/01-netcfg.yaml # replace with your netplan yamlOnce here, you’ll see your network settings.You’ll want to turn on wakeonlan in this yaml for each NIC.For example if you have 2 NICs, eno1 and enp2s0 you would add it in both places under that key.# This file describes the network interfaces available on your system# For more information, see netplan(5).network: version: 2 renderer: networkd ethernets: eno1: dhcp4: yes wakeonlan: true enp2s0: dhcp4: yes wakeonlan: trueOnce this is set, you’ll want to apply your netplan.sudo netplan applyThen we’ll want to shutdownsudo shutdown -P nowNow we should be able to wake up the machine using WoL from a remote machine.Without Netplan (Debian, etc…)Since you don’t have netplan we’ll have to create a service and enable it.Do not do this step if you configure it with netplan.Find the path to ethtoolwhich ethtoolIn my case it’s at /usr/sbin/ethtool but your may vary.Nest we’ll create a file at /etc/systemd/system/wol.servicenano /etc/systemd/system/wol.serviceIn this file add the following[Unit]Description=Enable Wake On LAN[Service]Type=oneshotExecStart = /usr/sbin/ethtool --change eno1 wol g[Install]WantedBy=basic.targetYou’ll want to be sure to change your path for ethtool as well eno1 to the name of your NICThen we’ll need to enable the servicesudo systemctl daemon-reloadsudo systemctl enable wol.serviceThen we can check to be sure out service is startedsystemctl status wolThen we’ll want to shutdownsudo shutdown -P nowNow we should be able to wake up the machine using WoL from a remote machine.Waking up a MacWaking up a Mac is pretty easy, the easiest of them all.The most challenging part is finding the option in System Preferences.For a Macbook: Open System Preferences and search for power Click on Power Nap in Battery You’ll see Wake for network access here you can choose whether you want to wake up Always or Only on Power Adapter.Either of these options should be fine.For all other Macs you’ll want to search System Preferences for another option. Search for “Energy Saver” Here you’ll see an option to Wake for network access.Be sure this is checkThis option might appear different in different versions of macOS and it also varies by form factor, but you’ll want to be sure that the “Wake for network access” option is turned onInstalling a Wake on LAN clientIn order to wake up a remote machine machine up, you will need a tool that can send a wake on LAN packet to the remote machine.Windows Wake On LAN CLientI am a fan of doing this in a terminal however a decent Windows utility with a GUI is WakeOnLAN.It’s also open source and hosted on GitHub.After installing it and configuring a machine to wake you should be able to wake your machine if it is on the same network and you’ve followed the other steps that are outlined in this guide.WakeOnLAN is an open source Windows utility that has a nice GUILinux Wake on LAN clientI usually prefer installing a command line tool to wake machines up over the network from a Linux machine and I typically using wakeonlan an open source utility that’s simple to use.To install it on a Debian-like system:sudo apt updatesudo apt install wakeonlanOnce it’s installed you can now wake machines on the same network by using the command: sudo wakeonlan 00:11:22:33:44:55If your machine is on another network and you can reach the broadcast IP, you can supply it in your command sudo wakeonlan -i 192.168.2.255 00:11:22:33:44:55Be sure to replace the mac address and broadcast IP above with the mac address of the remote machine and set the broadcast IP if on a different network.macOS Wake on LAN clientTo instal a client for macOS it’s very simple using brewbrew install wakeonlanOnce it’s installed you can now wake machines on the same network by using the command: wakeonlan 00:11:22:33:44:55If your machine is on another network and you can reach the broadcast IP, you can supply it in your command wakeonlan -i 192.168.2.255 00:11:22:33:44:55Be sure to replace the mac address and broadcast IP above with the mac address of the remote machine and set the broadcast IP if on a different network.Wrapping upAt this point you should be able to power on any machine from any machine on your network. One piece of advice is if you are using VLANs you’ll want to b sure you are sending the WoL packet from the same network, otherwise you’ll have to be sure that you can reach and target the right broadcast IP from the network you are on.As I mentioned in the beginning of this post, Wake on LAN is hard however if you follow these steps for each machine type you should be able to enjoy reliably waking up your machine remotely over the network.Join the conversationDay 252 #100daysofhomelab A day late, but I just wrapped up my Ultimate Guide to Wake on LAN for Windows, MacOS, and Linux! https://t.co/xYMVDoyuo9— Techno Tim (@TechnoTimLive) February 19, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Using the Raspberry Pi PiKVM with Multiple Machines", "url": "/posts/pikvm-at-scale/", "categories": "homelab", "tags": "pikvm, kvm, raspberry-pi, hardware, arch, homelab, linux", "date": "2023-02-18 09:00:00 -0600", "snippet": " If you’re looking to configure the TESmart switch with PiKVM, I finally figured it out and you can read all about it here.What is the PiKVM?If you don’t know what a KVM switch is, it’s a device t...", "content": " If you’re looking to configure the TESmart switch with PiKVM, I finally figured it out and you can read all about it here.What is the PiKVM?If you don’t know what a KVM switch is, it’s a device that allows you to connect multiple computers to one device which allows you to control them with a single keyboard, monitor, and mouse.They’re relatively cheap unless you’re looking for an IP based one that will let you connect over the network.IP KVMs are really expensive, that is until the PiKVM came along. The PiKVM is a Raspberry Pi-based KVM switch, which allows you to remotely control a computer using a keyboard, a web browser, and mouse from anywhere in the world.It runs a web server that lets you connect to any computer connected to it and remote control it as if you’re sitting right in front of it, without plugins or installing any agents on the device. It’s much more capable than remote controlling it using a remote desktop client, it can even let you remote control a machine before it boots to let you change things in the bios, or even reformat and reinstall your operating system remotely.This is all great except for one small thing, unlike a traditional KVM that lets you control multiple devices, the PiKVM is really meant for remote controlling just one device.The PiKVM is built with just one HDMI input and one keyboard mouse input while traditional KVMs have multiple inputs for multiple clients.So how can we scale the PiKVM to connect it to more devices so that we aren’t stuck moving it from machine to machine each time we need to remote control one of our other devices?📺 Watch VideoThe little LCD is both cute and functionalYou can build a PiKVM yourself by purchasing the PiKVM v3 HAT which is a great choice if you already have a raspberry pi4 and are willing to build it yourself.Or if you have a Pi Zero you can even build it using some inexpensive parts and without soldering.But chances are you have neither since raspberry pis are impossible to find and buying a pre-assembled kit is the only option.It was for me and that’s what I ended up doing.I purchased the PiKVM v3 pre-assembled which comes with a Raspberry Pi 4 2GB model, 32GB micro SD card, power supply, an HDMI cable, a USB C to USB A cable, and a nice case.The steel case is solid and feels sturdy and industrial.The PiKVM has lots of connections, connections for power, USB devices, mouse and keyboard emulation, RJ45 to serial connection, HDMI, and even an RJ45 connector for ATX power which lets me hook this up to a motherboard to power it on and off remotely.The other cool thing you get with the pre-assembled kit is the little LCD screen that shows system information and a cute cat when it boots. It comes pre-flashed with PiKVM installed and ready to go.Oh, it runs arch BTW.I had to let you knowSponsorA HUGE THANKS to Micro Center for sponsoring today’s content.New Customer Exclusive – Free 256GB SSD: https://micro.center/18lShop AMD Ryzen 5 3600 & Gigabyte B450M Combo Deal: https://micro.center/69dCheck out Micro Center’s Custom PC Builder: https://micro.center/d35Submit your build to Micro Center’s Build Showcase: https://micro.center/dswPiKVM at ScaleBut before we connect everything, remember when I said I wanted to connect it to more than one device? Well, I wanted to connect it to 8x times that, yes 8 devices.I found this HDMI KVM switcher with a USB hub that I thought would be perfect for it. This TESmart allows you to connect up to 8 devices with video and USB and has a built-in USB hub.It also has an RJ45 port that allows me to change the input over IP and that’s it. It’s not an IP KVM otherwise I would need the PiKVM, but being able to switch the input over IP is all I needed to automate it with the PiKVM.I thought this device was perfect for remote controlling some of my servers considering it is rack mountable.However there was just one catch that would almost ruin this entire project that I didn’t know about yet.The Problems AheadI tested PiKVM on my workbench with this old intel NUC and it worked fine.I was able to remote control it and even power it on and off using Wake on LAN.I chalked it up as a success and started moving everything into my server rack.It might not seem like it, but mounting this HDMI KVM Switch took quite some time.I had to run HDMI cables and USB B cables to and from all of my devices that I wanted to remote control.I started running the wires and wiring up 4 devices, just to be sure it worked with my existing machines before wiring up all 8.But, I bet you’re asking why I just don’t use IPMI that I have on my servers? Well, this isn’t to control my servers, it’s to control my rack mounted PC conversion along my new Intel NUC cluster.None of these machines have IPMI so that’s why I needed an IP KVM solution like the PiKVM.I decided to put my PiKVM on this little shelf for now but I’ll probably find somewhere a little more permanent to place it. Once I had everything hooked up, that’s when the troubles began.I could remote into some of the NUCs running Linux and the PC conversion, but not the ones running Windows.I thought for sure that it was something with my connection so I checked all of the connections over and over again.It was right around that time that the creator of PiKVM Max Devaev reach out to me asking me how I was liking the PiKVM and to let him know if I ran into any troubles because he was interested in advanced use cases for the PiKVM.I’m not sure why he thought I was going to be using this in an advanced way…. But he was right…This was my first attempt with a TESmart SwitchI worked with Max for a few days on and off over discord.He sent snippets of code for me to run and even gave me lots of EDIDs to try. EDIDs (Extended Display Identification Data) are a signature or metadata that tell a device how to work with the monitor.Sometimes we could get the Linux machines running on the TESmart switch working, but not the Windows machines. And other times we could get the Windows machines working but not the Linux machines.We ended up discovering that the TESmart HDMI switch would “poison” the PiKVM and send the TESmart EDID rather than the one from the PiKVM.TESmart EDID:Section \"Monitor\" Identifier \"ITE-FHD\" ModelName \"ITE-FHD\" VendorName \"ITE\" # Monitor Manufactured week 12 of 2010 # EDID version 1.3 # Digital Display DisplaySize 620 340 Gamma 2.20 Option \"DPMS\" \"false\" Horizsync 13-46 VertRefresh 23-61 # Maximum pixel clock is 170MHzPiKVM EDIDSection \"Monitor\" Identifier \"PiKVM\" ModelName \"PiKVM\" VendorName \"LNX\" # Monitor Manufactured week 28 of 2011 # EDID version 1.3 # Digital Display # Display Physical Size not given. Normal for projectors. Gamma 2.20 Option \"DPMS\" \"false\" Horizsync 15-46 VertRefresh 59-61 # Maximum pixel clock is 150MHz #Not giving standard mode: 256x160, 60HzAt this point, I had to cut my losses and go with a smaller, non rack mountable, but more compatible EZCOO KVM Switch and, I have to say, it’s fantastic.A New HDMI Switch Enters the ChatThis is the EZCoo HDMI KVM switch. It’s a 4 port HDMI KVM Switch that allows 4 HDMI ports to be switched to a single display. This single display will be the PiKVM.It also has a built- in USB 3 hub which is awesome for plugging in USB devices that will connect to the machine when you switch the input.It has 4 HDMI inputs and 1 USB 3 input that you’ll connect to each machine and has one HDMI out and one USB for keyboard and one for mouse.We won’t be using these specific USB ports because we’ll be using mouse & keyboard emulation in one plugged into a generic USB port.The real magic of this device is that it has a micro USB management port on the side that the PiKVM can use to control and toggle the inputs automatically, giving us a way to switch between all of our connected devices without having to manually press the input button.As nice as this device is, I really wish they made an 8 port rack mountable one because I want to control more than 4 devices without swapping them out or daisy chaining them, Which is why I wanted the TESmart switch in the first place.Oh, speaking of the TESmart, after working with Max for a while on this device he mentioned that this might work with the new v4 version of the PiKVM which just recently launched on Kickstarter.He said he was going to send one of their prototypes to test so, fingers crossed it works.I will be sure to create a v4 video once it’s released and hopefully it supports the TESmart switch.This EZCOO is small, compact, and 100% compatiblePutting it all togetherNow that I had everything working the way it should it was time to connect to each device through the web portal.Once connected, I can toggle between each of my devices here, from my first Intel NUC running Ubuntu, to my Second Intel NUC running Windows 10, to my third Intel NUC running Windows 11, to my PC conversion running Ubuntu server.And you can see that it’s pretty snappy. The latency is really low and I can even run HD videos no problem at all.If I do run into any latency issues or I am on a slow connection I can change the protocol and even the bitrate to something more fitting.But running HD videos probably isn’t the reason you want a KVM, it’s more likely that you want to have access to the machine while it boots, and here’s where it gets really awesome. The PiKVM is open and it’s totally hackable and there are some great plugins and drivers that allow you to customize the UI with those plugins. For instance I can shutdown this machine and then wake it up using a Wake on LAN packet to power it back on.Side note, I learned a ton about making Wake on LAN work for Windows and Linux and I will be updating my blogs with complete walk-throughs of how to enable it, but anyway If that wasn’t cool enough I can then get into the BIOS of this machine to make any changes that I want.I can change the boot order, change boot devices, overclock the machine and do anything that I couldn’t normally do without being right in front of the machine.I can even upload ISOs to the PiKVM and then attach them to the device virtually and boot from it to install any operating system! This lets me rebuild any of these machines no matter where I am all from a web browser.Want to install Linux on a machine that’s powered off, no problem.Just attach the virtual drive to the machine, send a wake on lan packet to wake it up, then boot from the virtual drive and install! You could also attach the ATX power control to the header of the motherboard if you like and power it on that way, but I have network access to all of my machines so I will use wake on lan.Plus, it’s super awesome to be able to wake devices up over the network. And here’s where it gets really awesome, remember how I said that my KVM also has a USB Hub? Well, I’ve attached a 64GB USB drive to it with Ventoy installed that has every ISO I could ever need.As I switch inputs between machines it attaches the USB drive with Ventoy to each machine allowing me to install any operating system I want.You can make this even more powerful by adding a USB drive and VentoyBecause the PiKVM is hackable, I’ve customized the GPIO menu to let me switch between devices, wake them up, wake them up on different NICs, and restart the kvmd service or the PiKVM itself. (See my config below) I should say that I didn’t really “hack” it, this isn’t a “techno tim” hack - there’s an overrides file that lets you customize most of the PiKVM so I didn’t go totally off the rails.It even has a web ui to give you terminal access to your PiKVM in case you aren’t able to use SSH, which is super handy if you’re mobile. But this little device has so many features already and the fact that the software is open source and continues to be updated makes this solution such a great investment for me.You can customize the menu however you like (my config below), here I added WoL for each network card and even a way to restart the PiKVM from the menuIs it worth it?So I bet you’re wondering if it’s worth it? I am going to break this down into 2 parts.Is it worth it to buy pre assembled? And is it worth it for remote control with a PiKVM. Well for me it is for a few reasons.First of all I can’t find a raspberry pi to assemble this myself, and if you consider it comes with a case, a fan, a 32GB micro sd, additional cables, and even a little LCD screen 100% ready to go for an additional 90 bucks? I would say it is.Now on to the tougher question, is it worth it to have a PiKVM at all? I would say yes for me, but for you it depends.The way I looked at it was that I was going to scale it to 8, which would divide the cost of a PiKVM and switch across 8 machines making it around 70 dollars per machine if you include all of the cables.PiKVM $259 + TESmart $299 / 8 = $70 per machineI’d say that it’s worth it for me to have remote access to that many machines for the life of each machine.But, I did have to downgrade to a smaller switch that only gives me access to 4 machines which is roughly 95 dollars per machine.PiKVM $259 + EZCOO $120 / 4 = $95 per machineThat’s a little bit higher, however it’s a much better value than remote controlling just one machine with the PiKVM, which would be the cost of the PiKVM.PiKVM $259 / 1 = $259 per machineHardwareHere are the items that I used during this project.PiKVM - https://pikvm.orgEZCOO - HDMI KVM Switch - https://amzn.to/3IyiIv1HDMI Cables - https://amzn.to/3SgJ34gUSB B Cables - https://amzn.to/3Eel0wUUSB C Cables - https://amzn.to/3k8vQhbUSB Flash Drive - https://amzn.to/3XI50u6TESmart Switch (not full compatible) - https://amzn.to/3YV0Gsi(Affiliate links may be included in this description. I may receive a small commission at no cost to you.)PiKVM ConfigHere is my PiKVM config that I use.You will need to edit /etc/kvmd/override.yaml on your device and then restart the kvm service.kvmd: gpio: drivers: ez: type: ezcoo protocol: 2 device: /dev/ttyUSB0 wol_server0: type: wol mac: 1c:69:7a:ad:11:85 wol_server1: type: wol mac: 88:ae:dd:05:cf:09 wol_server2: type: wol mac: 88:ae:dd:05:c6:3b wol_server3: type: wol mac: a0:36:9f:4f:c4:b4 wol_server3a: type: wol mac: d8:50:e6:52:8e:c2 reboot: type: cmd cmd: [/usr/bin/sudo, reboot] restart_service: type: cmd cmd: [/usr/bin/sudo, systemctl, restart, kvmd] scheme: ch0_led: driver: ez pin: 0 mode: input ch1_led: driver: ez pin: 1 mode: input ch2_led: driver: ez pin: 2 mode: input ch3_led: driver: ez pin: 3 mode: input pikvm_led: pin: 0 mode: input ch0_button: driver: ez pin: 0 mode: output switch: false ch1_button: driver: ez pin: 1 mode: output switch: false ch2_button: driver: ez pin: 2 mode: output switch: false ch3_button: driver: ez pin: 3 mode: output switch: false wol_server0: driver: wol_server0 pin: 0 mode: output switch: false wol_server1: driver: wol_server1 pin: 0 mode: output switch: false wol_server2: driver: wol_server2 pin: 0 mode: output switch: false wol_server3: driver: wol_server3 pin: 0 mode: output switch: false wol_server3a: driver: wol_server3a pin: 0 mode: output switch: false reboot_button: driver: reboot pin: 0 mode: output switch: false restart_service_button: driver: restart_service pin: 0 mode: output switch: false view: table: - [\"#NUC1\", ch0_led, ch0_button, \"wol_server0 | WoL\"] - [\"#NUC2\", ch1_led, ch1_button, \"wol_server1 | WoL\"] - [\"#NUC3\", ch2_led, ch2_button, \"wol_server2 | WoL\"] - [\"#PC\", ch3_led, ch3_button, \"wol_server3 | WoL-10g\", \"wol_server3a | WoL-1g\"] - [\"#PiKVM\", \"pikvm_led|green\", \"restart_service_button|confirm|Service\", \"reboot_button|confirm|Reboot\"]Wake on LANIf you’re having issues with Wake on LAN, see The Ultimate Guide to Wake on LAN for Windows, MacOS, and LinuxJoin the conversationThe last few weeks I have been trying to figure out how to scale the PiKVM to more than one device. It took a lot of twists and turns but I finally figured out a solution, even if the first attempts failed... Check it out ⬇️https://t.co/4qgwcmPwMi#raspberrypi #homelab pic.twitter.com/ljxpIE3cYx— Techno Tim (@TechnoTimLive) February 18, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files🤝 Support me and help keep this site ad-free!" }, { "title": "Test Your Internet Speed from the Linux Terminal with fast", "url": "/posts/fast-internet-test-cli/", "categories": "utilities", "tags": "fast, cli, linux, open-source", "date": "2023-02-05 09:00:00 -0600", "snippet": "What is FAST.com?FAST.com is speed test gives you an estimate of your current Internet speed. It was created by Netflix to bring transparency to your upload / download speeds and to see if your IS...", "content": "What is FAST.com?FAST.com is speed test gives you an estimate of your current Internet speed. It was created by Netflix to bring transparency to your upload / download speeds and to see if your ISP may be prioritizing traffic.I’ve run this quite a bit in a browser to do a quick spot check or my speeds, but I’ve never had a great tool to check this from some of my Linux machines. Let me clarify, some of my Linux servers that do not have a browser - that’s until I found this utility, fast.fast is an open source utility to run internet speed checks from machines that don’t have a browser, from the terminal, all in a small, zero dependency binary.You can read more about it on the GitHub repo.Installing fastWe’re going to use curl so you’ll want to be sure you have it installedcurl -VThis should return something similar to the followingcurl 7.68.0 (x86_64-pc-linux-gnu) libcurl/7.68.0 OpenSSL/1.1.1f zlib/1.2.11 brotli/1.0.7 libidn2/2.2.0 libpsl/0.21.0 (+libidn2/2.2.0) libssh/0.9.3/openssl/zlib nghttp2/1.40.0 librtmp/2.3Release-Date: 2020-01-08Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftpFeatures: AsynchDNS brotli GSS-API HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP UnixSocketsThen we’ll want to download the latest fast binary by runningLATEST_VERSION=$(curl -s \"https://api.github.com/repos/ddo/fast/releases/latest\" | grep -Po '\"tag_name\": \"v\\K[0-9.]+')curl -L https://github.com/ddo/fast/releases/download/v${LATEST_VERSION}/fast_linux_$(dpkg --print-architecture) -o fastIf you want to use wget instead of curl, you can run the followingLATEST_VERSION=$(curl -s \"https://api.github.com/repos/ddo/fast/releases/latest\" | grep -Po '\"tag_name\": \"v\\K[0-9.]+')wget https://github.com/ddo/fast/releases/download/v${LATEST_VERSION}/fast_linux_$(dpkg --print-architecture) -O fastThen we’ll want to make it executable by runningchmod +x fastThen we can run a speed test by running./fastThis should return something similar to the following➜ ~ ./fast -> 477.72 MbpsThat’s it! You can now run an internet speed test from the Linux cli without a browser! What’s your download speed?Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Updating Flux Installation Using the Latest Binary from CLI", "url": "/posts/update-flux/", "categories": "kubernetes", "tags": "flux, devops, gitops, kubernetes, open-source", "date": "2023-02-03 19:00:00 -0600", "snippet": "What is Flux?Flux is a tool for keeping Kubernetes clusters in sync with sources of configuration (like Git repositories), and automating updates to configuration when there is new code to deploy. ...", "content": "What is Flux?Flux is a tool for keeping Kubernetes clusters in sync with sources of configuration (like Git repositories), and automating updates to configuration when there is new code to deploy. It’s open source and you can read more about it on the GitHub repo. Looking for a tutorial on how use this? Check out this video on how to use SOPS and Age for your Git Repos!Updating FluxWe’re going to use curl so you’ll want to be sure you have it installedcurl -VThis should return something similar to the followingcurl 7.68.0 (x86_64-pc-linux-gnu) libcurl/7.68.0 OpenSSL/1.1.1f zlib/1.2.11 brotli/1.0.7 libidn2/2.2.0 libpsl/0.21.0 (+libidn2/2.2.0) libssh/0.9.3/openssl/zlib nghttp2/1.40.0 librtmp/2.3Release-Date: 2020-01-08Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftpFeatures: AsynchDNS brotli GSS-API HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP UnixSocketssudo apt update && sudo apt install curlThen we’ll want to download the latest Flux binary by runningcurl -s https://fluxcd.io/install.sh | sudo bashThen we’ll want to be sure it’s installed properly by runningflux -vThis should return something similar to the followingflux version 0.39.0Next we’ll need to locate our gotk-components.yaml file for flux in our git repo.For example, mine lives in clusters/cluster-01/baseclusters├── cluster-01│   ├── base│   │   └── flux-system│   │   └── gotk-components.yamlOne you locate gotk-components.yaml we’ll patch it by using the following commandflux install --export > clusters/cluster-01/base/flux-system/gotk-components.yamlAfter this file is updated, you can check to be sure it updated the correct file by runninggit diffYou should see something like the followingdiff --git a/clusters/cluster-01/base/flux-system/gotk-components.yaml b/clusters/cluster-01/base/flux-system/gotk-components.yamlindex 79576f0f..9c26b708 100644--- a/clusters/cluster-01/base/flux-system/gotk-components.yaml+++ b/clusters/cluster-01/base/flux-system/gotk-components.yaml@@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT.-# Flux Version: v0.38.3+# Flux Version: v0.39.0 # Components: source-controller,kustomize-controller,helm-controller,notification-controller apiVersion: v1 kind: Namespace@@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux- app.kubernetes.io/version: v0.38.3+ app.kubernetes.io/version: v0.39.0 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system@@ -23,7 +23,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux- app.kubernetes.io/version: v0.38.3+ app.kubernetes.io/version: v0.39.0 name: alerts.notification.toolkit.fluxcd.io:if you see something other than the original gotk-components.yaml being updated, you might want to check the location of the file and try again.Once this is updated, you can simply commit and push this up and let GitOps do the rest!git add .git commit -m \"feat(flux): Upgraded flux to 0.39.0\" # replace with your veriongit pushLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Installing Mozilla SOPS Encryption Tool", "url": "/posts/install-mozilla-sops/", "categories": "utilities", "tags": "homelab, secops, mozilla, sops, cli, linux, open-source", "date": "2023-01-30 09:00:00 -0600", "snippet": "What is Mozilla SOPS?SOPS is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP.It’s open source an...", "content": "What is Mozilla SOPS?SOPS is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP.It’s open source and you can read more about it on the GitHub repo.Looking for a tutorial on how use this? Check out this video on how to use SOPS and Age for your Git Repos!InstallWe want to get the latest release of SOPS so we need to look at their github repo for the latest version.SOPS_LATEST_VERSION=$(curl -s \"https://api.github.com/repos/getsops/sops/releases/latest\" | grep -Po '\"tag_name\": \"v\\K[0-9.]+')Then we’ll use curl to download the latest .debcurl -Lo sops.deb \"https://github.com/getsops/sops/releases/download/v${SOPS_LATEST_VERSION}/sops_${SOPS_LATEST_VERSION}_amd64.deb\"Then we’ll want to install sops.deb along with any missing dependenciessudo apt --fix-broken install ./sops.debThen we’ll clean up our downloadrm -rf sops.debThen we can test to make sure sops is working by running:sops -versionUninstallTo uninstall, it’s as simple as using apt to remove itsudo apt remove sopsLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Installing Age Encryption Tool", "url": "/posts/install-age/", "categories": "utilities", "tags": "homelab, secops, devops, age, cli, linux, open-source", "date": "2023-01-30 09:00:00 -0600", "snippet": "What is Age?age is a simple, modern and secure file encryption tool, format, and Go library. It features small explicit keys, no config options, and UNIX-style composability.It is commonly used in ...", "content": "What is Age?age is a simple, modern and secure file encryption tool, format, and Go library. It features small explicit keys, no config options, and UNIX-style composability.It is commonly used in tandem with Mozilla SOPS.It’s open source and you can read more about it on the GitHub repo. Looking for a tutorial on how use this? Checkout this video on how to use SOPS and Age for your Git Repos!InstallWe want to get the latest release of age so we need to look at their github repo for the latest version.AGE_LATEST_VERSION=$(curl -s \"https://api.github.com/repos/FiloSottile/age/releases/latest\" | grep -Po '\"tag_name\": \"v\\K[0-9.]+')Then we’ll use curl to download the latest .tar.gzcurl -Lo age.tar.gz \"https://github.com/FiloSottile/age/releases/latest/download/age-v${AGE_LATEST_VERSION}-linux-amd64.tar.gz\"Then we’ll want to extract age.tar.gztar xf age.tar.gzThen we’ll move both binaries (age and age-keygen) to /usr/local/bin so we can use themsudo mv age/age /usr/local/binsudo mv age/age-keygen /usr/local/binThen we’ll clean up our downloads and extractionsrm -rf age.tar.gzrm -rf ageThen we can test to make sure age and age-keygen are working by runningage -versionage-keygen -versionUninstallTo uninstall, it’s as simple as removing the binariessudo rm -rf /usr/local/bin/agesudo rm -rf /usr/local/bin/age-keygenLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Deploying Machines with MaaS and Packer - Metal as a Service + Hashicorp Packer Tutorial", "url": "/posts/metal-as-a-service-packer/", "categories": "maas", "tags": "homelab, packer, maas, hashicorp, canonical, ubuntu, proxmox, open-source", "date": "2023-01-28 08:00:00 -0600", "snippet": "MaaS or Metal as a service from Canonical is a great way to provision bare metal machines as well as virtual machines.MaaS allows you to deploy Windows, Linux, ESXi, and many other operating system...", "content": "MaaS or Metal as a service from Canonical is a great way to provision bare metal machines as well as virtual machines.MaaS allows you to deploy Windows, Linux, ESXi, and many other operating systems to your systems helping you to build a bare metal cloud.You can even use Packer from Hashicorp to configure custom images too! We’ll cover all of this and more in this tutorial on how to install and configure MaaS from start to finish with Packer!📺 Watch VideoSponsorNew Customer Exclusive - $25 Off ALL Processors: https://micro.center/3siCheck out Micro Center’s Custom PC Builder: https://micro.center/wcxSubmit your build to Micro Center’s Build Showcase: https://micro.center/dcmVisit Micro Center’s Community Page: https://micro.center/2vrInstalling MaaSMaaS can be installed via apt or snap.I had some issues with the apt version so I used snap for this install.snap installBe sure snap is installedsudo apt install snapdsudo snap install --channel=3.2 maasapt installsudo apt-add-repository ppa:maas/3.2sudo apt updatesudo apt install maasInstalling a Test Database(skip this step if you already have postgres in your environment)This should be used if you want to use MaaS test databasesudo snap install maas-test-dbtesting the databasesudo maas-test-db.psqlthen list databases you should see maasdb therepostgres=# \\lInitializing MaaSIf you are using the test database above, initialize MaaSsudo maas init region+rack --database-uri maas-test-db:///If you already have postgres in your environment you can initialize MaaS using your existing postgres service.Be sure to create the database, user, and assign that user permissions before running the init command.sudo maas init region+rack --database-uri \"postgres://username:password@192.168.0.100/maas\" # replace username /password / ip /db name if you don’t wand to store your secrets in your terminal’s history, consider using ENV variables:sudo maas init region+rack --database-uri \"postgres://$MAAS_DBUSER:$MAAS_DBPASS@$HOSTNAME/$MAAS_DBNAME\"Create admin accountsudo maas createadminHere you can choose to import your LaunchPad or GitHub public key using gh:githubusernameChecking MaaSsudo maas statusThe output should like something similar to this:bind9 RUNNING pid 1014, uptime 2 days, 10:52:40dhcpd STOPPED Not starteddhcpd6 STOPPED Not startedhttp RUNNING pid 1477, uptime 2 days, 10:52:23ntp RUNNING pid 1143, uptime 2 days, 10:52:37proxy RUNNING pid 1454, uptime 2 days, 10:52:25rackd RUNNING pid 1017, uptime 2 days, 10:52:40regiond RUNNING pid 1018, uptime 2 days, 10:52:40syslog RUNNING pid 1144, uptime 2 days, 10:52:37If you ever need to reinitialize MaaSsudo maas init regionConfiguring Packer ImagesInstall PackerGet key ringwget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpgAdd keyringecho \"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release --codename --short) main\" | sudo tee /etc/apt/sources.list.d/hashicorp.listadd Hashicorp Reposudo apt-add-repository \"deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main\" Install Packersudo apt updatesudo apt install packerUpdate and install dependencies needed to build imagessudo apt updatesudo apt install qemu-utils qemu-system ovmf cloud-image-utils make curtain gitBuilding a custom image from canonical/packer-maasClone the canonical/packer-maas repogit clone https://github.com/canonical/packer-maas.gitcd packer-maascd ubuntusudo packer init ubuntu-cloudimg.pkr.hclsudo make custom-cloudimg.tar.gzcheck and change permissions of archive (change root to your username)ls -lsudo chown root:root ./custom-cloudimg.tar.gzUploading Packer image to MaaSecho your MaaS api key to your home directorysudo maas apikey --username=massadmin > ~/api-key-fileYou can check with withcat ~/api-key-fileAuthenticate to MaaS with your api keymaas login massadmin http://localhost:5240/MAAS/api/2.0/ $(head -1 ~/api-key-file)Upload the custom image we made to MaaSmaas massadmin boot-resources create name='custom/cloudimg-tgz' title='Ubuntu Custom TGZ' architecture='amd64/generic' filetype='tgz' content@=custom-cloudimg.tar.gzChapters00:00 - What is MaaS (Metal as a Service) from Canonical?02:00 - Micro Center / $25 Off CPUs! (Sponsor)03:00 - Installing MaaS06:56 - Initial MaaS Configuration09:41 - Importing your SSH Key10:23 - Networking Configuration & Discovery14:05 - PXE & Network Boot with DHCP15:33 - Commissioning a Machine (Initial Discovery)18:45 - Power Types & Wake on LAN (WOL)20:50 - Commissioning a Machine Part 2 (For real this time)24:00 - Deploying Ubuntu26:15 - SSH in to machine26:54 - Creating Custom Images with Hashicorp Packer33:40 - Uploading a Custom Image to MaaS38:05 - What do I think of MaaS from Canonical?39:57 - Stream Highlight - “100 + 50 subs dropped 🫳🎤”Join the conversationThis past week I learned how to solve the challenge of imaging bare metal machines. I settled on MaaS (Metal as a Service) and custom images with Hashicorp Packer. This is the missing link for automation in my #homelab Check out the video here 👇https://t.co/5rhHtwaLi4 pic.twitter.com/KgeYCgYzgt— Techno Tim (@TechnoTimLive) January 28, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Enable Nested Virtualization In Proxmox", "url": "/posts/proxmox-nested-virtualization/", "categories": "proxmox", "tags": "homelab, proxmox, virtualization", "date": "2023-01-21 09:00:00 -0600", "snippet": "What Is Nested Virtualization?Nested Virtualization is a feature that allows you to run a virtual machine within a virtual machine while still using hardware acceleration from the host machine.Put ...", "content": "What Is Nested Virtualization?Nested Virtualization is a feature that allows you to run a virtual machine within a virtual machine while still using hardware acceleration from the host machine.Put simply, it allows you to run a vm inside of a vm.Enabling Nested Virtualization In ProxmoxEverything we do will be done on the host system running Proxmox.Once enabled, the guest can take advantage of it.First we need to check to see if nested virtualization is enabled in Proxmox.If you’re running an Intel CPU run this command:cat /sys/module/kvm_intel/parameters/nestedIf you’re running an AMD CPU run this command:cat /sys/module/kvm_amd/parameters/nestedYou should see an output of Y or N.If N this means that nested virtualization is not enabled, so let’s enabled it!On the Proxmox host, run the following command as root:If you’re running an Intel CPU run this command:echo \"options kvm-intel nested=Y\" > /etc/modprobe.d/kvm-intel.confIf you’re running an AMD CPU run this command:echo \"options kvm-amd nested=1\" > /etc/modprobe.d/kvm-amd.conf Next reboot the systemrebootThen check to see if nexted virtualization is enabled on the Proxmox host:If you’re running an Intel CPU run this command:cat /sys/module/kvm_intel/parameters/nestedIf you’re running an AMD CPU run this command:cat /sys/module/kvm_amd/parameters/nestedYou should see Y this time.This means that you can now using virtualization inside of a VM, just be sure to set your VM’s processor accordingly! (use HOST for CPU type)Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "The EASIEST way to Expand Your ZFS Pool in TrueNAS (But is it the Best?)", "url": "/posts/truenas-zfs-expand/", "categories": "truenas", "tags": "homelab, truenas, zfs, storage, open-source", "date": "2023-01-14 09:00:00 -0600", "snippet": "ZFS is a great file system that comes with TrueNAS and can meet all of your storage needs.But with it comes some complexity on how to manage and expand your ZFS storage pools.Over the last week I l...", "content": "ZFS is a great file system that comes with TrueNAS and can meet all of your storage needs.But with it comes some complexity on how to manage and expand your ZFS storage pools.Over the last week I learned all about storage pools and how to move them, expand them, and even what not to do when trying to grow your storage pool.Join me as I figure out how to move a 20 TB pool to my new storage server with 100 TB of raw data.📺 Watch Video📦 Products in this video 📦Seagate Exos 14TB Drives https://amzn.to/3kaQnkNSeagate IronWolf 8TB Drives https://amzn.to/3iGq3yHSee all of the storage I recommend in this kit!https://kit.co/TechnoTim/best-ssd-hard-drive-flash-storage(Affiliate links may be included in this description. I may receive a small commission at no cost to you.)Chapters00:00 - What are my options for expanding ZFS?00:25 - Use ZFS Snapshot Replication (My First Attempt)02:20 - Just Copy the Data to the New Pool (My Second Attempt)03:01 - Expand the Pool by Replacing All Disks (My Third Attempt)04:27 - Replacing All of the Drives & Resilvering07:16 - Pool has Expanded!07:43 - My Beef with ZFS and Recommendations09:20 - Stream Highlight - This is how I got into this mess with ZFS…A clip used in this video was from Tom Lawrence’s channel. Thanks Tom!Join the conversationOver the last week I learned all about storage pools and how to move them, expand them, and even what not to do when trying to grow your storage pool.https://t.co/IoQKKKhEKm#truenas #zfs #nas pic.twitter.com/UFZF4hLSBc— Techno Tim (@TechnoTimLive) January 14, 2023Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Techno Tim HomeLab Services Tour (Late 2022) - What am I Self-Hosting in my HomeLab?", "url": "/posts/homelab-services-tour-2022/", "categories": "homelab", "tags": "homelab, hardware, network, server, self-hosted, kubernetes, k3s, linux", "date": "2022-12-31 08:00:00 -0600", "snippet": "Wow, what a year of self-hosting! After showing off my Home Lab hardware in my late 2022 tour, many of you asked what services are self-hosted in this stack. This is always a moving target so I dec...", "content": "Wow, what a year of self-hosting! After showing off my Home Lab hardware in my late 2022 tour, many of you asked what services are self-hosted in this stack. This is always a moving target so I decided it was time to share which services I am running here at home.Today, we walk through everything I am hosting including: Dashboard, Hypervisor, Virtualization, Containerization, Network Attached Storage (NAS), DNS, Network Management, Home Security, Kubernetes, Kubernetes Storage, Docker, Reverse Proxy, Certificates, Monitoring, Logging, Syncing Data, File Sharing, Link Page, Link Shortening, Home Entertainment, Home Automation, Battery / UPS Monitoring, CMS, Static Site Generators, Dynamic DNS, CI/CD, Git Ops, Dev Ops, and many, many others.Enjoy the virtual tour!Worth mentioning, I have videos on almost every service mentioned in this video!📺 Watch VideoRelated VideosHere are most of the videos mentioned in this video: Techno Tim HomeLab Server Room Tour! (Late 2022) Self-Hosting Security Guide for your HomeLab Meet Heimdall, Your Homelab Application Dashboard Before I do anything on Proxmox, I do this first… The FASTEST Way to run Kubernetes at Home - k3s Ansible Automation TrueNAS Scale Apps - Official, Unofficial, Docker, and Kubernetes High Availability Pi-Hole? Yes please! Using Pi-Hole for Local DNS - Fast, Simple, and Easy Guide Flux GitOps Tutorial - DevOps and GitOps for Kubernetes Wildcard Certificates with Traefik + cert-manager + Let’s Encrypt in Kubernetes Tutorial Beautiful Dashboards with Grafana and Prometheus - Monitoring Kubernetes Tutorial Network UPS Tools (NUT Server) Ultimate Guide Self-Hosted, DIY, Open Source Alternative to Linktree Meet keepalived - High Availability and Load Balancing in One Meet Grafana LOKI, a Log Aggregation System for EVERYTHING Meet Uptime Kuma, a Fancy Open Source Uptime Monitor for all your HomeLab Monitoring Needs Meet Jekyll - The Static Site Generator📦 Gear in this video 📦(Affiliate links are included in this description. I may receive a small commission at no cost to you.)KitWant to see all the gear in this video?Check out the kit here: https://kit.co/TechnoTim/techno-tim-homelab-tour-late-2022Rack & Accessories 42u Rack https://amzn.to/3YIKlrq 18u Rack https://amzn.to/3WqNZVy D Ring Hooks https://amzn.to/3FSxk5Y 1u Brush Panels https://amzn.to/3hKNiaf 1u Rack Mount Full Depth Shelf https://amzn.to/3jrm5Kp Right Angle Extension Cord https://amzn.to/3Wl7gay Black Outlet Covers https://amzn.to/3jrf7Vu UniFi SmartPower PDU Pro https://l.technotim.live/ubiquitiNetwork Patch Panel https://amzn.to/3YIKtHq Wall Mount Patch Panel https://amzn.to/3WyvnCk Slim Network Cables - https://amzn.to/3kbYV85 UniFi Flex Mini - https://l.technotim.live/ubiquiti UDM SE - https://l.technotim.live/ubiquiti UDM Pro - https://l.technotim.live/ubiquiti UniFi 48 Port Pro Switch Gen 2 - https://l.technotim.live/ubiquitiServers & Accessories SuperMicro 1u Servers - https://amzn.to/3YBQy8u 14 TB Exos Seagate Drives - https://amzn.to/3GbtXsk NetApp DD4246 Disk Shelf - https://amzn.to/3o2AOKh PC Conversion Case - https://amzn.to/3YGXx03 Smart ZigBee LED Controller - https://amzn.to/3jtCpKI Cooler Master SickleFlow 120mm RGB Fans - https://amzn.to/3I68AtA 1 TB Samsung SSDs - https://amzn.to/3PPcedoAccessories Axxtra Power Strip - https://amzn.to/3qbzIhT Eaton 5P1500R UPS - https://amzn.to/3OC2D90 Tripp Lite 2200VA 1920W UPS Smart 2U Rackmount - https://amzn.to/3XrnC2q Tripp Lite BP36V15-2U Smart UPS 36V 2U Rackmount External Battery Pack - https://amzn.to/3XxwBzd APC 1500VA UPS https://amzn.to/3GXLJh6 APC 600 VA UPS - https://amzn.to/3mMxsM1 Wall Control Galvanized Steel Pegboard - https://amzn.to/3bJ8R4s HDHomeRun Network Tuner - https://amzn.to/3Gdkd0x Hue Light Strip https://amzn.to/3I124o3 Hue Motion & Temp https://amzn.to/3qb1FXf Hue v2 Dimmer Switch - https://amzn.to/3hH6pCh Hue Smart Bulb Starter Kit - https://amzn.to/3jljCRA Nest Protect - https://amzn.to/3hMZcR8 Cloud Lamp - https://amzn.to/3GZji24 Fire Extinguisher - https://amzn.to/3GeB2s4Chapters00:00 - What is Techno Tim Self-Hosting?01:05 - Dashboard01:36 - Hypervisor07:09 - Network Attached Storage09:37 - DNS11:48 - Network Management13:05 - Home Security13:42 - Containers (Kubernetes & Docker)17:59 - -Kubernetes Storage21:04 - Git Ops22:35 - Reverse Proxy (Internal, External, and Ingress Controller)25:26 - Monitoring26:10 - Metrics & Data Visualization27:02 - Logging28:28 - Home Automation30:08 - Data Synchronization30:55 - Link Page (Contact Page)31:41 - Link Shortener32:24 - Home Entertainment33:00 - UPS Battery Monitoring33:37 - CMS (Content Management System)34:25 - Websites (Static Sites & Custom Code)34:46 - Dynamic DNS (External DNS)35:16 - CI/CD (Continuous Integration & Continuous Delivery)37:04 - Everything Else37:41 - How do I get started self-hosting?38:30 - Thanks for Watching!Join the conversationWow, what a year of self-hosting! After showing off my HomeLab hardware in my late 2022 tour, many of you asked what services are self-hosted in this stack, so I decided it was time to share which services I am running here at home.https://t.co/Z1yKrwKOaP#homelab #selfhosted pic.twitter.com/JW2WdvuIQM— Techno Tim (@TechnoTimLive) December 31, 2022Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Techno Tim HomeLab Server Room Tour! (Late 2022)", "url": "/posts/homelab-tour-2022/", "categories": "homelab", "tags": "homelab, hardware, network, server, server-rack", "date": "2022-12-24 08:00:00 -0600", "snippet": "Well, here it is! My Late 2022 Server Rack and HomeLab tour! This is a special one because I just revamped my entire rack.I’ve upgraded, replaced, added, and consolidated quite a bit since my las...", "content": "Well, here it is! My Late 2022 Server Rack and HomeLab tour! This is a special one because I just revamped my entire rack.I’ve upgraded, replaced, added, and consolidated quite a bit since my last tour! New servers, new networking, new UPS, new power management, and even a whole entire wall of tech gear.I also added lots of automation and IoT devices! Join me as we walk through my server rack transfer and upgrade!📺 Watch Video(Affiliate links are included in this description. I may receive a small commission at no cost to you.)After this, check out the 2022 (late) HomeLab Services Tour!📦 Gear in this video 📦Rack & Accessories 42u Rack https://amzn.to/3YIKlrq 18u Rack https://amzn.to/3WqNZVy D Ring Hooks https://amzn.to/3FSxk5Y 1u Brush Panels https://amzn.to/3hKNiaf 1u Rack Mount Full Depth Shelf https://amzn.to/3jrm5Kp Right Angle Extension Cord https://amzn.to/3Wl7gay Black Outlet Covers https://amzn.to/3jrf7Vu UniFi SmartPower PDU Pro https://l.technotim.live/ubiquitiNetwork Patch Panel https://amzn.to/3YIKtHq Wall Mount Patch Panel https://amzn.to/3WyvnCk Slim Network Cables - https://amzn.to/3kbYV85 UniFi Flex Mini - https://l.technotim.live/ubiquiti UDM SE - https://l.technotim.live/ubiquiti UDM Pro - https://l.technotim.live/ubiquiti UniFi 48 Port Pro Switch Gen 2 - https://l.technotim.live/ubiquitiServers & Accessories SuperMicro 1u Servers - https://amzn.to/3YBQy8u 14 TB Exos Seagate Drives - https://amzn.to/3GbtXsk NetApp DD4246 Disk Shelf - https://amzn.to/3o2AOKh PC Conversion Case - https://amzn.to/3YGXx03 Smart ZigBee LED Controller - https://amzn.to/3jtCpKI Cooler Master SickleFlow 120mm RGB Fans - https://amzn.to/3I68AtA 1 TB Samsung SSDs - https://amzn.to/3PPcedoAccessories Axxtra Power Strip - https://amzn.to/3qbzIhT Eaton 5P1500R UPS - https://amzn.to/3OC2D90 Tripp Lite 2200VA 1920W UPS Smart 2U Rackmount - https://amzn.to/3XrnC2q Tripp Lite BP36V15-2U Smart UPS 36V 2U Rackmount External Battery Pack - https://amzn.to/3XxwBzd APC 1500VA UPS https://amzn.to/3GXLJh6 APC 600 VA UPS - https://amzn.to/3mMxsM1 Wall Control Galvanized Steel Pegboard - https://amzn.to/3bJ8R4s HDHomeRun Network Tuner - https://amzn.to/3Gdkd0x Hue Light Strip https://amzn.to/3I124o3 Hue Motion & Temp https://amzn.to/3qb1FXf Hue v2 Dimmer Switch - https://amzn.to/3hH6pCh Hue Smart Bulb Starter Kit - https://amzn.to/3jljCRA Nest Protect - https://amzn.to/3hMZcR8 Cloud Lamp - https://amzn.to/3GZji24 Fire Extinguisher - https://amzn.to/3GeB2s4KitSee the entire kit here! https://kit.co/TechnoTim/techno-tim-homelab-tour-late-2022Chapters00:00 - What does Techno Tim’s HomeLab Look Like?00:50 - HomeLab Music Video02:13 - What’s all that stuff on the wall?04:05 - New Server Rack05:06 - Networking07:13 - Smart PDU (Power in the front???)10:36 - TBD Gear / Room for Growth11:14 - 1u Servers12:21 - Storinator13:42 - PC Conversion Server14:25 - Disk Shelf15:27 - UPS16:08 - Back of the Rack17:08 - Power Channels17:57 - Non Critical Power Devices18:25 - Practical RGB Lighting (it has utility)19:35 - Cable Management20:51 - UPS Battery Extender21:24 - Don’t be discouraged, Home Labs come in all shapes and sizes23:05 - HomeLab Music Video OutroJoin the conversationWell, here it is! My Late 2022 Server Rack and HomeLab tour! This is a special one because I just revamped my entire rack. I've upgraded, replaced, added, and consolidated quite a bit since my last tour! https://t.co/2N04ZDS04c#homelab pic.twitter.com/9BivCrrQgg— Techno Tim (@TechnoTimLive) December 24, 2022Light Mode vs Dark Mode!Now that I have everything moved to the new rack, "Light Mode" or "Dark Mode"? pic.twitter.com/EKD45Wwl3f— Techno Tim (@TechnoTimLive) December 25, 2022Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Set up alerts in Proxmox before it's too late!", "url": "/posts/proxmox-alerts/", "categories": "proxmox", "tags": "homelab, proxmox, alerting, open-source", "date": "2022-12-17 08:00:00 -0600", "snippet": "Setting up alerts in Proxmox is important and critical to making sure you are notified if something goes wrong with your servers.It’s so easy, I should have done this years ago! In this tutorial, ...", "content": "Setting up alerts in Proxmox is important and critical to making sure you are notified if something goes wrong with your servers.It’s so easy, I should have done this years ago! In this tutorial, we’ll set up email notifications using SMTP with Gmail or G Suite that send email alerts when there are disk errors, ZSF Issues, or when backup jobs run.We’ll then test the alerts to make sure they are working by yoinking a drive from my ZFS pool (and hopefully it doesn’t fail).📺 Watch VideoSponsorHuge THANK YOU to Micro Center for Sponsoring Today’s video!New Customer Exclusive – Free 256GB SDD: https://micro.center/24cCheck out Micro Center’s PC Builder: https://micro.center/1wkSubmit your build to Micro Center’s Build Showcase: https://micro.center/tvvShop Micro Center’s Top Deals: https://micro.center/jb4Configuring Alertsinstall dependenciesapt updateapt install -y libsasl2-modules mailutilsConfigure app passwords on your Google accounthttps://myaccount.google.com/apppasswordsConfigure postfixecho \"smtp.gmail.com your-email@gmail.com:YourAppPassword\" > /etc/postfix/sasl_passwdupdate permissionschmod 600 /etc/postfix/sasl_passwdhash the filepostmap hash:/etc/postfix/sasl_passwdcheck to to be sure the db file was createdcat /etc/postfix/sasl_passwd.dbedit postfix confignano /etc/postfix/main.cf# google mail configurationrelayhost = smtp.gmail.com:587smtp_use_tls = yessmtp_sasl_auth_enable = yessmtp_sasl_security_options =smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwdsmtp_tls_CAfile = /etc/ssl/certs/Entrust_Root_Certification_Authority.pemsmtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cachesmtp_tls_session_cache_timeout = 3600sreload postfixpostfix reloadsend a test emailecho \"This is a test message sent from postfix on my Proxmox Server\" | mail -s \"Test Email from Proxmox\" your-email@gmail.comfix from name in emailinstall dependencyapt updateapt install postfix-pcreedit confignano /etc/postfix/smtp_header_checksadd the following text/^From:.*/ REPLACE From: pve1-alert <pve1-alert@something.com>hash the filepostmap hash:/etc/postfix/smtp_header_checkscheck the contents of the filecat /etc/postfix/smtp_header_checks.dbadd the module to our postfix confignano /etc/postfix/main.cfadd to the end of the filesmtp_header_checks = pcre:/etc/postfix/smtp_header_checksreload postfix servicepostfix reloadChapters00:00 - Why you should set up alerts in Proxmox01:42 - Micro Center / Free SSD (Sponsor)02:56 - Where can I find the documentation03:07 - Installing and configuring dependencies03:54 - Google Email address configuration08:43 - Configuring postfix and customizing the email alert11:47 - Changing the mail sender name with pcre14:20 - Configure where email alerts are sent15:01 - Backup Alerts17:33 - SMART alerts18:53 - ZFS Alerts19:52 - Testing in Production24:03 - How Proxmox alerts could be better25:30 - Stream Highlight - “Just some flashing lights & music”Join the conversationSetting up alerts in Proxmox is important and critical to making sure you are notified if something goes wrong with your servers. It's so easy, I should have done this years ago!https://t.co/6uRz0eVisA#homelab #proxmox pic.twitter.com/i8E1jrP2pE— Techno Tim (@TechnoTimLive) December 17, 2022Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Automated NUT Server Install", "url": "/posts/nut-server-script/", "categories": "homelab", "tags": "homelab, nut, self-hosted, ups, pdu, open-source, automation", "date": "2022-11-28 08:00:00 -0600", "snippet": "Here’s a quick way to automate your battery backups and UPSes with and open source service called NUT server and a raspberry Pi.📺 Watch VideoNUT Server Install scriptBe sure to check out (and star)...", "content": "Here’s a quick way to automate your battery backups and UPSes with and open source service called NUT server and a raspberry Pi.📺 Watch VideoNUT Server Install scriptBe sure to check out (and star) the repo with an automated NUT server install!⭐ https://github.com/dzomaya/NUTandRpiInstructionsBe sure you have a raspberry pi or any machine running Debian / Ubuntu Linux.Then plug in your UPS via USB and then SSH into your Pi.Then download th script.wget https://raw.githubusercontent.com/dzomaya/NUTandRpi/main/scripts/nutinstall.shMake the script executable.sudo chmod +x nutinstall.shRun the script.sudo ./nutinstall.shAnswer a few questions.Be sure to keep your SNMP community string safe and treat this like a password.You can now access NUT in a browser by going to:http://yourRasberryPiIPaddress/cgi-bin/nut/upsstats.cgiYou can also query your device using SNMPsnmpwalk -v2c -c yourSNMPv2cCommunity yourRasberryPiIPaddress .1.3.6.1.4.1.8072.1.3.2.4.1.2AdvancedTo see advanced configuration and configuring NUT Server and NUT client, see my Network UPS Tools (NUT) Ultimate Guide.Join the conversationI figured I’d share my quick #homelab video on the open source NUT Server here too! pic.twitter.com/e7wA0fNGk4— Techno Tim (@TechnoTimLive) November 29, 2022Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "I'll never run out of power! - Eaton and Tripp Lite UPS", "url": "/posts/new-ups-rack/", "categories": "homelab", "tags": "ups, eaton, tripp-lite, server, server-rack, hardware", "date": "2022-11-26 08:00:00 -0600", "snippet": "Today I look at 2 (or 3 depending on how you count them) UPS systems from Tripp Lite and Eaton.These UPS devices couldn’t be any different but they are awesome nonetheless.Each has it’s own unique ...", "content": "Today I look at 2 (or 3 depending on how you count them) UPS systems from Tripp Lite and Eaton.These UPS devices couldn’t be any different but they are awesome nonetheless.Each has it’s own unique capabilities and features.Which on will you choose when looking for your next UPS? Join me as we walk through and review these type UPS systems and rack them in my new rack!📺 Watch VideoHuge THANK YOU to Eaton / Tripp Lite for sending these UPS systems.If you’re looking for a new UPS for home or work, you should totally check them out!Tripp Litehttps://tripplite.eaton.comEatonhttps://www.eaton.com/us/en-us/products/backup-power-ups-surge-it-power-distribution/backup-power-ups.htmlCheck out a variety of UPS SystemsTripp Lite Tripp Lite 1500VA Smart UPS Back Up - https://amzn.to/3gEwbGG Tripp Lite 2200VA 1920W UPS Smart 2U Rackmount - https://amzn.to/3XrnC2q Tripp Lite BP36V15-2U Smart UPS 36V 2U Rackmount External Battery Pack - https://amzn.to/3XxwBzd Tripp Lite SMART1500LCD 1500VA Smart UPS Battery Back Up - https://amzn.to/3VnIWnyEaton Eaton 5P550R 5P 550 Rackmount - https://amzn.to/3UaLwwa Eaton 5P Rackmount Compact 1500VA UPS - https://amzn.to/3OEJVhd Eaton 5P1500R - https://amzn.to/3OC2D90 Eaton 5S1500LCD UPS - https://amzn.to/3GHXaf8NUT Server Install scriptBe sure to check out (and star) David’s repo with an automated NUT server install!⭐ https://github.com/dzomaya/NUTandRpiChapters00:00 - What should I protect with my UPS?02:16 - Tripp Lite SmartPro UPS Review and Specs03:24 - Tripp Lite 36v Battery Pack Review and Specs04:29 - Tripp Lite SmartPro UPS Configuration05:23 - Eaton 5P 1550 UPS Review and Specs07:43 - Eaton 5P 1550 UPS Configuration08:47 - Rack mounting the UPSes10:53 - My Thoughts and Monitoring and Alerting Solutions13:01 - Stream Highlight - “Testing in Production”Join the conversationToday I look at 2 (or 3 depending on how you count them) UPS systems. These UPS devices couldn't be any different but they are awesome nonetheless.Which UPS do you use? (I think I had too much fun creating this thumbnail) Check it out!https://t.co/1kxDvSeGt7 pic.twitter.com/fNiODnanAR— Techno Tim (@TechnoTimLive) November 26, 2022Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Best Server Rack for Your HomeLab? Sysracks Enclosed Rack!", "url": "/posts/sysracks-server-rack/", "categories": "homelab", "tags": "server, server-rack, homelab, hardware, sysracks", "date": "2022-11-12 08:00:00 -0600", "snippet": "I’ve been on a quest looking for a new server rack for my HomeLab in my home.I’ve outgrown my current 18u open frame rack and decided to give a 32u Sysracks Enclosed Rack a try! Join me as we put ...", "content": "I’ve been on a quest looking for a new server rack for my HomeLab in my home.I’ve outgrown my current 18u open frame rack and decided to give a 32u Sysracks Enclosed Rack a try! Join me as we put together this server rack, test out all of the features, and I’ll let you know my thoughts about this brand new server rack!📺 Watch VideoA HUGE thank you to Sysracks for sending me this rack!Check out their selection of racks at https://sysracks.comA HUGE thank you to Micro Center for sponsoring this video!New Customer Exclusive – Free 256GB SSD In-Store: https://micro.center/yi0Check out Micro Center’s Custom PC Builder: https://micro.center/3dqSubmit your build to Micro Center’s Build Showcase: https://micro.center/lsnShop Micro Center’s Black Friday Deals: https://micro.center/rgu📦 See a collection of Sysracks racks here:https://kit.co/TechnoTim/sysracks-server-racksChapters00:00 - Why get a new Server Rack?01:14 - Sysracks 32u Server & Features02:22 - Micro Center (Sponsor)03:35 - Assembling the Rack07:38 - Exploring the Rack Features09:39 - Checking Out the Temperature Control Unit11:04 - My Thoughts About the Sysracks Server Rack13:42 - Stream Highlight - “The grow room isn’t big enough for 2 racks!”Join the conversationI’ve been on a quest looking for a new server rack for my HomeLab and I think I’ve found one that fits my needs! I’ve decided to give a new enclosed rack a try! https://t.co/BS4TMHo3Qw pic.twitter.com/CCGJIiWXsu— Techno Tim (@TechnoTimLive) November 12, 2022Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "I Put RGB Fans in My Server and I am NOT Apologizing", "url": "/posts/rgb-storinator/", "categories": "homelab", "tags": "homelab, hardware, server, storinator, 45-drives, rgb", "date": "2022-10-22 09:00:00 -0500", "snippet": "My Storinator server from 45Drives is great, except for 1 thing.It’s a little loud for my home.It would be fine if it were in a data center or a real network closet, however this is in my basement....", "content": "My Storinator server from 45Drives is great, except for 1 thing.It’s a little loud for my home.It would be fine if it were in a data center or a real network closet, however this is in my basement.I decided to swap out all the fans to make it quieter, and install RGB fans along with a ZigBee controller so I can control them with Home Automation!📺 Watch VideoHUGE THANK YOU to Micro Center for Sponsoring this Video!New Customers Exclusive – Get $25 off your purchase of any AMD and Intel Processor (limit one per customer): https://micro.center/1z7Check out Micro Center’s PC Builder: https://micro.center/mrpSubmit your build to Micro Center’s Build Showcase: https://micro.center/ow4Thanks again to 45drives for the Storinator!https://45drives.com📦See all the parts in this kit here! 📦https://kit.co/TechnoTim/smart-rgb-fan-conversationTime Codes00:00 - Making My Server Quiet02:13 - Micro Center (Sponsor)03:18 - Taking the Server Apart04:17 - Changing the CPU Cooler05:02 - How to Add Smart RGB to a Server06:07 - Wiring Up the ZigBee Controller and Fans07:20 - Testing and Pairing the ZigBee Controller08:08 - Why Put RGB Fans in a Server?08:42 - How Much Quieter Is It?09:13 - What’s Next for the Server?09:33 - Stream Highlight - I will buy an LTT ScrewdriverJoin the conversationI Put RGB Fans in My Server and I am NOT Apologizing!https://t.co/YRhA9jPRoj pic.twitter.com/rR8EEMOobh— Techno Tim (@TechnoTimLive) October 22, 2022Hacking my RGB fans to work with Zigbee!I hacked my RGB PC fans to use zigbee. No PC software required! pic.twitter.com/DfV13n7tE2— Techno Tim (@TechnoTimLive) October 12, 2022I made my servers quiet!I made my servers quiet! pic.twitter.com/iFQSwWhM15— Techno Tim (@TechnoTimLive) October 26, 2022Which color do you like best?Which color do you like best? pic.twitter.com/O7ChniryYd— Techno Tim (@TechnoTimLive) October 23, 2022Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Encrypt Your Sensitive Information Before Storing It - Encrypting with Mozilla SOPS and AGE", "url": "/posts/secret-encryption-sops/", "categories": "homelab", "tags": "git, kubernetes, secrets, security, sops, age", "date": "2022-10-01 09:00:00 -0500", "snippet": "Committing secrets to your Git Repo can expose information like passwords, access tokens, and other types of sensitive information.Some might think that committing secrets to a private Git Repo is ...", "content": "Committing secrets to your Git Repo can expose information like passwords, access tokens, and other types of sensitive information.Some might think that committing secrets to a private Git Repo is OK, but I am here to tell you it’s not.If you’re going to commit secrets to a git repo, private or public, you should encrypt them first using Mozilla SOPS (Secret Operations) and AGE.SOPS is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP.Age is a simple, modern, and secure file encryption tool, format, and build using Go.It can encrypt and decrypt your files making then safe enough to commit to your Git repos!A HUGE thanks to Datree for sponsoring this video!Combat misconfigurations. Empower engineers.https://www.datree.io📺 Watch VideoInstall SOPSYou can install sops by following this guide.test withsops -vshould seesops 3.7.3 (latest)Install AgeYou can install age by following this guidetest age with age -versionshould seev1.0.0test age-keygen with age-keygen -versionshould seev1.0.0configure keysNow that we have age installed we need to create a public and private keyage-keygen -o key.txtshould seeage-keygen: warning: writing secret key to a world-readable filePublic key: age1epzmwwzw8n09slh0c7z0z52x43nnga7lkksx3qrh07tqz5v7lcys45428tlet’s look at the contentscat key.txtshould see# created: 2022-09-26T21:55:47-05:00# public key: age1epzmwwzw8n09slh0c7z0z52x43nnga7lkksx3qrh07tqz5v7lcys45428tAGE-SECRET-KEY-1HJCRJVK7EE3A5N8CRP8YSDUGZKNW90Y5UR2RGYAS8L279LFP6LCQU5ADNR Remember this is a secret so keep this safe! Do not commit this!move the file and add to our shellmkdir ~/.sopsmv ./key.txt ~/.sopsadd it to our shellnano ~/.zshrc # or nano ~/.bashrcadd to the end of fileexport SOPS_AGE_KEY_FILE=$HOME/.sops/key.txtsource our shellsource ~/.zshrc # or source ~/.bashrcNow! Let’s encryptA few ways you can do this.You can encrypt in place or encrypt with an editor but we’re going to do an in place encryption.YAMLThis can be kubernetes secrets, helm values, or just plain old yamlcreate a secret with the following contentssecret.yaml---apiVersion: v1kind: Secretmetadata: name: mysql-secret namespace: defaultstringData: MYSQL_USER: root MYSQL_PASSWORD: super-Secret-Password!!!!to encryptsops --encrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP \"public key: \\K(.*)\") --encrypted-regex '^(data|stringData)$' --in-place ./secret.yamlto decryptsops --decrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP \"public key: \\K(.*)\") --encrypted-regex '^(data|stringData)$' --in-place ./secret.yamlKubernetesIf you want to decrypt this secret on the fly and apply to kubernetesencrypt firstsops --encrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP \"public key: \\K(.*)\") --encrypted-regex '^(data|stringData)$' --in-place ./secret.yamldecrypt and pipe to kubectlsops --decrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP \"public key: \\K(.*)\") --encrypted-regex '^(data|stringData)$' ./secret.yaml | kubectl apply -f -check it withk describe secrets mysql-secret-testthen kubectl get secret mysql-secret-test -o jsonpath='{.data}'thenkubectl get secret mysql-secret-test -o jsonpath='{.data.MYSQL_PASSWORD}' | base64 --decodeVSCodeinstall vscode extensionchoose the beta for sops because that supports age + sopsdon’t forget to add .decrypted~secret.yaml to .gitignoreencrypt .env filesmake sure extension is installed.ENV Filescreatesecret.envMYSQL_USER=superrootMYSQL_PASSWORD=\"super-Secret-Password!!!!############\"encryptsops --encrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP \"public key: \\K(.*)\") -i .envdecryptsops --decrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP \"public key: \\K(.*)\") -i .envdon’t forget to add .decrypted~secret.env to your .gitignoreJSON Filessecret.json{ \"mySqlUser\": \"superroot\", \"password\": \"super-Secret-Password!!!!#######\"}encryptsops --encrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP \"public key: \\K(.*)\") -i secret.jsondecryptsops --decrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP \"public key: \\K(.*)\") -i secret.jsondon’t forget to add .decrypted~secret.json to your .gitignoreINI Filessecret.ini[database]user = superrootpassword = super-Secret-Password!!!!1223encryptsops --encrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP \"public key: \\K(.*)\") -i secret.inidecryptsops --decrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP \"public key: \\K(.*)\") -i secret.inidon’t forget to add .decrypted~secret.ini to you .gitignoreFilessecret.sql--- https://xkcd.com/327/--- DO NOT USEINSERT INTO Students VALUES ( 'Robert' ); DROP TABLE STUDENTS; --' )encryptsops --encrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP \"public key: \\K(.*)\") --in-place ./secret.sqldecryptsops --decrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP \"public key: \\K(.*)\") --in-place ./secret.sqlFluxIf you’re thinking of doing GitOps with Flux, you can check out my video on this topic or see my documentation.You can do cluster decryption and fully automate decryption of secrets.In cluster decryption with Fluxhttps://fluxcd.io/flux/guides/mozilla-sops/#configure-in-cluster-secrets-decryptionJoin the conversationPeople often ask if it's OK to save secrets in code or config to a private git repo. I though this was ok until now... If you're using Secrets in Kubernetes or ENVs in Docker I highly recommend encrypting them with Mozilla SOPS.@mozhacks https://t.co/r1NpBoGWe2 pic.twitter.com/sdPFq06WQM— Techno Tim (@TechnoTimLive) October 1, 2022Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "NEW SERVER! Deploying 100 TB of Storage to my HomeLab!", "url": "/posts/45-drives-storinator/", "categories": "homelab", "tags": "homelab, hardware, server, storinator, 45-drives", "date": "2022-09-10 09:00:00 -0500", "snippet": "Check out my new server! It’s an Storinator AV15 from 45 Drives loaded with lots of great upgrades! Will it be my new high performance storage server and replace TrueNAS? Will it be my new hype...", "content": "Check out my new server! It’s an Storinator AV15 from 45 Drives loaded with lots of great upgrades! Will it be my new high performance storage server and replace TrueNAS? Will it be my new hypervisor and replace one of my Proxmox servers? Or will I cluster this server and do something else? Let’s see what this server is made of first!A HUGE thank you to Micro Center for sponsoring this video!New Customers Exclusive – FREE Redragon GS500 Gaming Stereo Speakers: https://micro.center/mkpCheck out Micro Center’s PC Builder: https://micro.center/njwSubmit your build to Micro Center’s Build Showcase: https://micro.center/gov📺 Watch VideoCheck out 45Drives Storinators and other servers - https://www.45drives.com/Seagate Exos X16 14TB Drives and more - https://kit.co/TechnoTim/best-ssd-hard-drive-flash-storageJoin the conversationNEW SERVER! This week I built, configured, and (kind of) racked a new server! It's a customized Storinator server from the folks over at @45Drives! What do you think of the design??? 💅https://t.co/r8i1fqYETj pic.twitter.com/EvxgilZb27— Techno Tim (@TechnoTimLive) September 10, 2022Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Essential HomeLab Tools & Accessories - Network / Server / PC Tool Kit", "url": "/posts/homelab-tools-accessories/", "categories": "homelab", "tags": "homelab, tools, accessories, hardware", "date": "2022-08-27 09:00:00 -0500", "snippet": "Every Home Labber and IT person has their go to set of tools and accessories to help them accomplish tasks for technical projects in their HomeLab.This ranges from the very specialized, to the comm...", "content": "Every Home Labber and IT person has their go to set of tools and accessories to help them accomplish tasks for technical projects in their HomeLab.This ranges from the very specialized, to the common.I do all kinds of projects at home, from building and racking servers, to building mini and full-size PCs, to upgrading and troubleshooting hardware, to home office upgrades, to installing wireless access points and cameras, down to building raspberry pi projects.I’ve gathered up some of my most essential tools and accessories to assist you in your projects!A HUGE thanks to Micro Center for sponsoring this video!New Customers Exclusive – FREE Redragon GS500 Gaming Stereo Speakers: https://micro.center/gomCheck out Micro Center’s PC Builder: https://micro.center/7hjSubmit your build to Micro Center’s Build Showcase: https://micro.center/vo6📺 Watch VideoItemsHere are all of the items that were in the video, plus a few more.📦 See the entire kit here: https://kit.co/TechnoTim/essential-homelab-tools-accessories-for-home-labbers-and-it-prosCage nuts Nickel plated 60 pack https://amzn.to/3bPXCuy Black 50 pack https://amzn.to/3bMQbocNetwork cables Mono price Slim cat6a https://amzn.to/3SIz5Iv Monoprice Cat6 pure bare copper https://amzn.to/3JPUdZp Cable matters 6 pack https://amzn.to/3bJDA52Label Maker Brother p touch label maker https://amzn.to/3AaN9DnLaser grip thermometer https://amzn.to/3SEYPp7Short Power cords 10 pack 8 inch https://amzn.to/3QcfHC412 outlet surge protector https://amzn.to/3QvlrXpFluke voltage tester https://amzn.to/3vOVCthKill A Watt Electricity Usage Monitor https://amzn.to/3ASub52SSD Mounting bracket https://amzn.to/3PeN3PBVelcro https://amzn.to/3C2PJfYZip ties https://amzn.to/3JIVpxCHard drive screws https://amzn.to/3SyjlYJUSB Drive https://amzn.to/3BYAnJxSATA/IDE/USB Adapter Usb 2.0 https://amzn.to/3Qc6d9P Usb 3.0 https://amzn.to/3PrTMWBCraftsman quick change screw driver https://amzn.to/3PdvtLCDeWalt utility knife https://amzn.to/3bJFnXGCable crimper https://amzn.to/3ddXxBjPunchdown tool https://amzn.to/3A9QYIVTP Link Gigabit PoE Switch https://amzn.to/3PdBA2sDremel kit https://amzn.to/3BYA15EHead lamp https://amzn.to/3SE3OqgKeystones https://amzn.to/3SQ9mxXCat 6 ends https://amzn.to/3QGXCfgCable tester Klein https://amzn.to/3dy7SrQCable toner https://amzn.to/3QrKHONLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Wildcard Certificates with Traefik + cert-manager + Let's Encrypt in Kubernetes Tutorial", "url": "/posts/kube-traefik-cert-manager-le/", "categories": "kubernetes", "tags": "kubernetes, traefik, cert-manager, k3s, cloudflare, letsencrypt", "date": "2022-08-06 09:00:00 -0500", "snippet": "Traefik, cert-manager, Cloudflare, and Let’s Encrypt are a winning combination when it comes to securing your services with certificates in Kubernetes.Today, we’ll install and configure Traefik, th...", "content": "Traefik, cert-manager, Cloudflare, and Let’s Encrypt are a winning combination when it comes to securing your services with certificates in Kubernetes.Today, we’ll install and configure Traefik, the cloud native proxy and load balancer, as our Kubernetes Ingress Controller.We’ll then install and configure cert-manager to manage certificates for our cluster.We’ll set up Let’s Encrypt as our Cluster Issuer so that cert-manager can automatically provision TLS certificates and even wildcard certificates using Cloudflare DNS challenge absolutely free.We’ll walk through all of this, step by step, so you can help secure your cluster today.📺 Watch VideoA HUGE thanks to Datree for sponsoring this video!Combat misconfigurations. Empower engineers.https://www.datree.ioGetting StartedIf you need to install a new kubernetes cluster you can use my Ansible Playbook to install one.Resources You can find all of the resources for this tutorial hereHelmcurl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3chmod 700 get_helm.sh./get_helm.shFor other ways to install Helm see the installation docs hereInstallingVerify you can communicate with your clusterkubectl get nodesYou should seeNAME STATUS ROLES AGE VERSIONk3s-01 Ready control-plane,etcd,master 10h v1.23.4+k3s1k3s-02 Ready control-plane,etcd,master 10h v1.23.4+k3s1k3s-03 Ready control-plane,etcd,master 10h v1.23.4+k3s1k3s-04 Ready <none> 10h v1.23.4+k3s1k3s-05 Ready <none> 10h v1.23.4+k3s1Verify helm is installedhelm versionYou should seeversion.BuildInfo{Version:\"v3.8.0\", GitCommit:\"d14138609b01886f544b2025f5000351c9eb092e\", GitTreeState:\"clean\", GoVersion:\"go1.17.5\"}Traefik These resources are in the launchpad/kubernetes/traefik-cert-manager/traefik/ folderAdd repohelm repo add traefik https://helm.traefik.io/traefikUpdate repohelm repo updateCreate our namespacekubectl create namespace traefikGet all namespaceskubectl get namespacesWe should seeNAME STATUS AGEdefault Active 21hkube-node-lease Active 21hkube-public Active 21hkube-system Active 21hmetallb-system Active 21htraefik Active 12sInstall traefikhelm install --namespace=traefik traefik traefik/traefik --values=values.yamlCheck the status of the traefik ingress controller servicekubectl get svc --all-namespaces -o wideWe should see traefik with the specified IPNAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTORdefault kubernetes ClusterIP 10.43.0.1 <none> 443/TCP 16h <none>kube-system kube-dns ClusterIP 10.43.0.10 <none> 53/UDP,53/TCP,9153/TCP 16h k8s-app=kube-dnskube-system metrics-server ClusterIP 10.43.182.24 <none> 443/TCP 16h k8s-app=metrics-servermetallb-system webhook-service ClusterIP 10.43.205.142 <none> 443/TCP 16h component=controllertraefik traefik LoadBalancer 10.43.156.161 192.168.30.80 80:30358/TCP,443:31265/TCP 22s app.kubernetes.io/instance=traefik,app.kubernetes.io/name=traefikGet all pods in traefik namespacekubectl get pods --namespace traefikWe should see pods in the traefik namespaceNAME READY STATUS RESTARTS AGEtraefik-76474c4d47-l5z74 1/1 Running 0 11mtraefik-76474c4d47-xb282 1/1 Running 0 11mtraefik-76474c4d47-xx5lw 1/1 Running 0 11mmiddlewareApply middlewarekubectl apply -f default-headers.yamlGet middlewarekubectl get middlewareWe should see our headersNAME AGEdefault-headers 25sdashboardInstall htpasswordsudo apt-get updatesudo apt-get install apache2-utilsGenerate a credential / password that’s base64 encodedhtpasswd -nb techno password | openssl base64Apply secretkubectl apply -f secret-dashboard.yamlGet secretkubectl get secrets --namespace traefikApply middlewarekubectl apply -f middleware.yamlApply dashboardkubectl apply -f ingress.yamlVisit https://traefik.local.example.comSample Workload These resources are in the launchpad/kubernetes/traefik-cert-manager/nginx/ folderkubectl apply -f deployment.yamlkubectl apply -f service.yamlkubectl apply -f ingress.yamlOr you can apply an entire folder at once!kubectl apply -f nginxcert-manager These resources are in the launchpad/kubernetes/traefik-cert-manager/cert-manager/ folderAdd repohelm repo add jetstack https://charts.jetstack.ioUpdate ithelm repo updateCreate our namespacekubectl create namespace cert-managerGet all namespaceskubectl get namespacesWe should seeNAME STATUS AGEcert-manager Active 12sdefault Active 21hkube-node-lease Active 21hkube-public Active 21hkube-system Active 21hmetallb-system Active 21htraefik Active 4h35mApply crds Note: Be sure to change this to the latest version of cert-managerkubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.9.1/cert-manager.crds.yamlInstall with helmhelm install cert-manager jetstack/cert-manager --namespace cert-manager --values=values.yaml --version v1.9.1Apply secrets Be sure to generate the correct token if using Cloudflare.This is using an API Token and not a global key.From issuers folderkubectl apply -f secret-cf-token.yamlApply staging ClusterIssuerFrom issuers folderkubectl apply -f letsencrypt-staging.yamlCreate certsstagingFrom certificates/staging folderkubectl apply -f local-example-com.yamlCheck the logskubectl logs -n cert-manager -f cert-manager-877fd747c-fjwhpGet challengeskubectl get challengesGet more detailskubectl describe order local-technotim-live-frm2z-1836084675productionApply production ClusterIssuerFrom issuers folderkubectl apply -f letsencrypt-production.yamlFrom certificates/production folderkubectl apply -f local-example-com.yamlLearn MoreIf you’re using cert-manager to manage certificates, you might want to check out this post on how to mirror your Kubernetes configs, secrets, and resources to other namespaces. This is helpful when you need to share you secrets / certificates across namespaces!Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Unboxing YouTube 100K Subs Play Button Creator Award", "url": "/posts/whats-in-the-box/", "categories": "homelab", "tags": "youtube, live, unboxing", "date": "2022-07-30 10:00:00 -0500", "snippet": "YouTube sent a package.I have a feeling I know what it is, but we’ll all find out live!📺 Watch VideoFind all of my server gear here!https://kit.co/TechnoTim/techno-tim-homelab-and-server-room-upgra...", "content": "YouTube sent a package.I have a feeling I know what it is, but we’ll all find out live!📺 Watch VideoFind all of my server gear here!https://kit.co/TechnoTim/techno-tim-homelab-and-server-room-upgrade-2021Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Beautiful Dashboards with Grafana and Prometheus - Monitoring Kubernetes Tutorial", "url": "/posts/kube-grafana-prometheus/", "categories": "kubernetes", "tags": "kubernetes, grafana, prometheus, alert-manager, k3s", "date": "2022-07-23 10:00:00 -0500", "snippet": "Grafana and Prometheus are a powerful monitoring solution.It allows you to visualize, query, and alert metrics no matter where they are stored.Today, we’ll install and configure Prometheus and Graf...", "content": "Grafana and Prometheus are a powerful monitoring solution.It allows you to visualize, query, and alert metrics no matter where they are stored.Today, we’ll install and configure Prometheus and Grafana in Kubernetes using kube-prometheus-stack. By the end of this tutorial you be able to observe and visualize your entire Kubernetes cluster with Grafana and Prometheus.📺 Watch VideoA HUGE thanks to Datree for sponsoring this video!Combat misconfigurations. Empower engineers.https://www.datree.ioGetting StartedIf you need to install a new kubernetes cluster you can use my Ansible Playbook to install one.k3sIf you want to get metrics from your k3s servers, you will need to provide some additional flags to k3s.Additional k3s flags used in the video:extra_server_args: \"--no-deploy servicelb --no-deploy traefik --kube-controller-manager-arg bind-address=0.0.0.0 --kube-proxy-arg metrics-bind-address=0.0.0.0 --kube-scheduler-arg bind-address=0.0.0.0 --etcd-expose-metrics true --kubelet-arg containerd=/run/k3s/containerd/containerd.sock\"helmcurl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3chmod 700 get_helm.sh./get_helm.shInstall helmThe helm chart we will be using to install Grafana, Preometheus, and Alert Manager is kube-prometheus-stackInstallingVerify you can communicate with your clusterkubectl get nodesNAME STATUS ROLES AGE VERSIONk3s-01 Ready control-plane,etcd,master 10h v1.23.4+k3s1k3s-02 Ready control-plane,etcd,master 10h v1.23.4+k3s1k3s-03 Ready control-plane,etcd,master 10h v1.23.4+k3s1k3s-04 Ready <none> 10h v1.23.4+k3s1k3s-05 Ready <none> 10h v1.23.4+k3s1Verify helm is installedhelm versionversion.BuildInfo{Version:\"v3.8.0\", GitCommit:\"d14138609b01886f544b2025f5000351c9eb092e\", GitTreeState:\"clean\", GoVersion:\"go1.17.5\"}Add helm repohelm repo add prometheus-community https://prometheus-community.github.io/helm-chartsUpdate repohelm repo updateCreate a Kubernetes Namespacekubectl create namespace monitoringEcho username and password to a fileecho -n 'adminuser' > ./admin-user # change your usernameecho -n 'p@ssword!' > ./admin-password # change your passwordCreate a Kubernetes Secret kubectl create secret generic grafana-admin-credentials --from-file=./admin-user --from-file=admin-password -n monitoringYou should seesecret/grafana-admin-credentials createdVerify your secretkubectl describe secret -n monitoring grafana-admin-credentialsYou should seeName: grafana-admin-credentialsNamespace: monitoringLabels: <none>Annotations: <none>Type: OpaqueData====admin-password: 9 bytesadmin-user: 9 bytesVerify the usernamekubectl get secret -n monitoring grafana-admin-credentials -o jsonpath=\"{.data.admin-user}\" | base64 --decodeYou should seeadminuser%Verify passwordkubectl get secret -n monitoring grafana-admin-credentials -o jsonpath=\"{.data.admin-password}\" | base64 --decodep@ssword!%Remove username and password file from filesystemrm admin-user && rm admin-passwordCreate a values file to hold our helm valuesnano values.yamlpaste in values from hereCreate our kube-prometheus-stackhelm install -n monitoring prometheus prometheus-community/kube-prometheus-stack -f values.yamlPort Forwarding Grafana UI(be sure to change the pod name to one that matches yours)kubectl port-forward -n monitoring grafana-fcc55c57f-fhjfr 52222:3000Visit Grafanahttp://localhost:52222If you make changes to your values.yaml you can deploy these changes by runninghelm upgrade -n monitoring prometheus prometheus-community/kube-prometheus-stack -f values.yamlExamples:Traefik Ingress exampleLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Will 10 Gigabit work with Cat5e? - 10Gbe HomeLab Network Upgrade!", "url": "/posts/10gbe-cat5e-homelab-network/", "categories": "homelab", "tags": "homelab, network, unifi, 10gbe, hardware", "date": "2022-07-09 10:00:00 -0500", "snippet": "After deciding to upgrade my “old” 24 PoE switch to a new 48 port PoE switch with 4 SFP+ ports, I decided to check to see if my old house with old Cat5e network wiring will work at 10 gigabit speed...", "content": "After deciding to upgrade my “old” 24 PoE switch to a new 48 port PoE switch with 4 SFP+ ports, I decided to check to see if my old house with old Cat5e network wiring will work at 10 gigabit speeds! If this works, I will have a 10 Gbe network connection from my PCs to my HomeLab server rack!📺 Watch VideoA HUGE thank you to Micro Center for sponsoring today’s video!New Customer Exclusive, Receive a FREE 256GB SSD in Store: https://micro.center/6af2daCheck Out Micro Center’s PC Builder: https://micro.center/f65221Visit the Micro Center Community: https://micro.center/e64c4cItems in this videoIntel Server Adapter X540-T1 - https://ebay.us/mQCVflUSW-PRO-48-POE - https://amzn.to/3PbuFYfPatch Panel - https://amzn.to/3yuBdukSlim Patch Cables - https://amzn.to/3yvdmdO10GBase-T SFP+ Transceiver - https://amzn.to/3atGdHBServer Rack - https://amzn.to/3AKfj8SCat5e Spool (you should buy cat 6) - https://amzn.to/3PwNeX9Cat6 Spool - https://amzn.to/3Pgk6TCRJ45 Keystone Jacks - https://amzn.to/3IxwMDGSFP+ DAC - https://amzn.to/3Pg96pyiperfInstallsudo apt updatesudo apt install iperfon the remote machineiperf -sthen on another machineiperf -c 192.168.0.104 # ip of the remote machineLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "My HomeLab Regrets...", "url": "/posts/my-homelab-regrets/", "categories": "homelab", "tags": "homelab, hardware, network, unifi", "date": "2022-06-25 10:00:00 -0500", "snippet": "If I could start my HomeLab all over, what would I choose? Would I choose the same servers, rack, networking, gateway, switch, firewall, my pc conversion, and even my disk shelf NAS? Did I make a...", "content": "If I could start my HomeLab all over, what would I choose? Would I choose the same servers, rack, networking, gateway, switch, firewall, my pc conversion, and even my disk shelf NAS? Did I make a good choice or a bad one? Join me as we give each piece of my HomeLab a Keep or Upgrade rating.📺 Watch VideoA HUGE thanks to Micro Center for sponsoring this video!New Customer Exclusive, Receive a FREE 256GB SSD in Store: https://micro.center/cff7caCheck Out Micro Center’s PC Builder: https://micro.center/81b822Visit the Micro Center Community: https://micro.center/b33782Find all of my server gear here!https://kit.co/TechnoTim/techno-tim-homelab-and-server-room-upgrade-2021Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "100 Days of HomeLab - The HomeLab Challenge", "url": "/posts/100-days-of-homelab/", "categories": "homelab", "tags": "homelab, challenge", "date": "2022-06-11 10:00:00 -0500", "snippet": "It’s here. The #100DaysOfHomeLab challenge! This challenge is meant to accelerate your knowledge in servers, networking, infrastructure, automation, storage, containerization, orchestration, virtu...", "content": "It’s here. The #100DaysOfHomeLab challenge! This challenge is meant to accelerate your knowledge in servers, networking, infrastructure, automation, storage, containerization, orchestration, virtualization, Windows, Linux, and more.It can even possibly accelerate your IT career! So, commit to the Hundred Days of HomeLab challenge, share your progress, and encourage others along the way!So, to celebrate my 100k subs, I brought in some of the biggest names in the HomeLab community and some new faces too! A hue thanks to everyone that took part in this video.I can’t thank you enough!📺 Watch VideoTake the challenge! https://100daysofhomelab.com/Join the conversationDay 100! #100DaysOfHomeLab 🎉 We did it!It's hard to believe that this challenge started 100 days ago. Still forever grateful for those in this video and all those who joined. This isn't the end, for some it's just the beginning. 🪞 Reflecting on my journey Thank you! pic.twitter.com/XpNiTjAnCv— Techno Tim (@TechnoTimLive) September 19, 2022Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Meet Jekyll - The Static Site Generator", "url": "/posts/jekyll-docs-site/", "categories": "self-hosted", "tags": "jekyll, website, github, gitlab, docker", "date": "2022-05-28 10:00:00 -0500", "snippet": "Jekyll is a static site generator that transforms your plain text into beautiful static web sites and blogs.It can be use for a documentation site, a blog, an event site, or really any web site you...", "content": "Jekyll is a static site generator that transforms your plain text into beautiful static web sites and blogs.It can be use for a documentation site, a blog, an event site, or really any web site you like. It’s fast, secure, easy, and open source.It’s also the same site generator I use to maintain my open source documentation.Today, we’ll be installing and configuring Jekyll using the Chirpy theme.We configure the site, create some pages with markdown, automatically build it with a GitHub action and even host it for FREE on GitHub pages.If you don’t want to host in the cloud, I show how to host it on your own server or even in Docker.A HUGE THANK YOU to Micro Center for Sponsoring this video!New Customers Exclusive – Get a Free 256 GB SSD at Micro CenterBrowse Micro Center’s 30,000 products in stockBe sure to ⭐ the jekyll repo and the Chrirpy theme repo📺 Watch VideoTerminal SetupIf you need help setting up your terminal on Windows, check out these two posts which will help you configure your terminal with WSL like mine Windows Terminal and WSL Config Fast, Simple, and Easy Guide Setting Up Windows for JavaScript Development THE RIGHT WAY (WSL Terminal NVM Node Yarn VS Code ZSH) You can follow this guide up until installing NodeJS (You don’t need NodeJS for Jekyll) Install Dependenciessudo apt updatesudo apt install ruby-full build-essential zlib1g-dev gitTo avoid installing RubyGems packages as the root user:If you are using bash (usually the default for most)echo '# Install Ruby Gems to ~/gems' >> ~/.bashrcecho 'export GEM_HOME=\"$HOME/gems\"' >> ~/.bashrcecho 'export PATH=\"$HOME/gems/bin:$PATH\"' >> ~/.bashrcsource ~/.bashrcIf you are using zsh (you know if you are)echo '# Install Ruby Gems to ~/gems' >> ~/.zshrcecho 'export GEM_HOME=\"$HOME/gems\"' >> ~/.zshrcecho 'export PATH=\"$HOME/gems/bin:$PATH\"' >> ~/.zshrcsource ~/.zshrcInstall Jekyll bundlergem install jekyll bundlerCreating a site based on Chirpy StarterVisit https://github.com/cotes2020/jekyll-theme-chirpy#quick-startAfter creating a site based on the template, clone your repogit clone git@<YOUR-USER-NAME>/<YOUR-REPO-NAME>.gitthen install your dependenciescd repo-namebundleAfter making changes to your site, commit and push then up to gitgit add .git commit -m \"made some changes\"git pushJekyll Commandsserving your sitebundle exec jekyll sBuilding your site in production modeJEKYLL_ENV=production bundle exec jekyll bThis will output the production site to _siteBuilding Site in CIThis site already works with GitHub actions, just push it up and check the actions Tab.,For GitLab you can see the pipeline I built for my own docs site hereBuilding with DockerCreate a Dockerfile with the followingFROM nginx:stable-alpineCOPY _site /usr/share/nginx/htmlBuild site in production modeJEKYLL_ENV=production bundle exec jekyll bThen build your image:docker build .Creating a PostNaming ConventionsJekyll uses a naming convention for pages and postsCreate a file in _posts with the formatYEAR-MONTH-DAY-title.mdFor example:2022-05-23-homelab-docs.md2022-05-34-hardware-specs.md Jekyll can delay posts which have the date/time set for a point in the future determined by the “front matter” section at the top of your post file. Check the date & time as well as time zone if you don’t see a post appear shortly after re-build.Local Linking of FilesImage from asset:... which is shown in the screenshot below:![A screenshot](/assets/screenshot.webp)Linking to a file... you can [download the PDF](/assets/diagram.pdf) here.See more post formatting rules on the Jekyll siteMarkdown ExamplesIf you need some help with markdown, check out the markdown cheat sheetI have lots of examples in my documentation site repo.Just click on the Raw button to see the code behind the page.For more neat syntax for the Chirpy theme check their demo page on making posts https://chirpy.cotes.page/posts/write-a-new-post/LinksSee reference repo for files🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "The FASTEST way to deploy apps to Kubernetes - GitOps with FLUX", "url": "/posts/flux-devops-gitops/", "categories": "kubernetes", "tags": "flux, devops, gitops, kubernetes", "date": "2022-05-13 08:00:00 -0500", "snippet": "I think I found the perfect GitOps and DevOps toolkit with FluxCD and Kubernetes.Flux is an open source GitOps solution that helps your deploy app and infrastructure with automation.It can monitor ...", "content": "I think I found the perfect GitOps and DevOps toolkit with FluxCD and Kubernetes.Flux is an open source GitOps solution that helps your deploy app and infrastructure with automation.It can monitor git repositories, source control, image container repositories, helm repositories, and more.It can install apps using Kustomize, Helm, Kubernetes manifests so it’s designed to fit into your existing workflow.It can even push alerts to your chat system letting you know when deployments happen.In this tutorial we’ll cover all of this and more.https://fluxcd.ioBe sure to ⭐ the Flux GitHub repo📺 Watch VideoKubernetes ClusterIf you’re looking to install your own Kubernetes cluster, be sure to check out this video that creates a cluster with AnsibleReference RepoIf you’re looking for the repo I created this in video, you can find it here /demos/flux-demoInstall Flux CLIcurl -s https://fluxcd.io/install.sh | sudo bashInstalling Flux using a GitHub RepoYou’ll need to grab a personal access token from hereflux bootstrap github \\ --components-extra=image-reflector-controller,image-automation-controller \\ --owner=YourGitHUbUserName \\ --repository=flux \\ --branch=main \\ --path=clusters/home \\ --personal \\ --token-authCheck flux podskubectl get pods -n flux-systemSource Controller (installing manifests)See reference repo for files, located in /demos/flux-demoHelm Controller (installing helm charts)See reference repo for files, /demos/flux-demoImage Automation Controller (monitoring a container registry)See reference repo for files, /demos/flux-demoFirst create a workload (see redis deployment file)Deploy the redis workload (deployment.yml)git add -A && \\git commit -m \"add redis deployment\" && \\git push origin mainCreate ImageRepository in the cluster, namespace, and chart that correspond.flux create image repository podinfo \\--image=redis \\--interval=1m \\--export > ./clusters/home/default/redis/redis-registry.yamlCreate ImagePolicy in the cluster, namespace, and chart that correspond.flux create image policy podinfo \\--image-ref=podinfo \\--select-semver=5.0.x \\--export > ./clusters/home/default/redis/redis-policy.yamlThen deploy the ImageRepository and ImagePolicygit add -A && \\git commit -m \"add redis image scan\" && \\git push origin maintell flux to apply changesflux reconcile kustomization flux-system --with-sourceNow edit your deployment.yml and add a comment spec: containers: - name: redis image: redis:6.0.0 # {\"$imagepolicy\": \"flux-system:redis\"}Create ImageUpdateAutomationflux create image update flux-system \\--git-repo-ref=flux-system \\--git-repo-path=\"./clusters/home\" \\--checkout-branch=main \\--push-branch=main \\--author-name=fluxcdbot \\--author-email=fluxcdbot@users.noreply.github.com \\--commit-template=\"\" \\--export > ./clusters/home/flux-system-automation.yamlCommit and deploygit add -A && \\git commit -m \"add image updates automation\" && \\git push origin maintell flux to apply changesflux reconcile kustomization flux-system --with-sourceNow do a git pull to see that flux has applied the tagsgit pullYour deployment.yml should be updated and it should be deployed to your cluster! spec: containers: - name: redis image: redis:6.0.16 # {\"$imagepolicy\": \"flux-system:redis\"}NotificationsCreate a secretkubectl -n flux-system create secret generic discord-url \\--from-literal=address=https://discord.com/api/webhooks/YOUR/WEBHOOK/URLCreate a notification providerapiVersion: notification.toolkit.fluxcd.io/v1beta1kind: Providermetadata: name: discord namespace: flux-systemspec: type: discord channel: general secretRef: name: discord-urlDefine an AlertapiVersion: notification.toolkit.fluxcd.io/v1beta1kind: Alertmetadata: name: on-call-webapp namespace: flux-systemspec: providerRef: name: discord eventSeverity: info eventSources: - kind: GitRepository name: '*' - kind: Kustomization name: '*'Get alertskubectl -n flux-system get alertsNAME READY STATUS AGEon-call-webapp True Initialized 1mUpdating FluxIf you need to update flux, check out Updating Flux Installation Using the Latest Binary from CLILinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "I Built the PERFECT Game Server with Pterodactyl and Docker", "url": "/posts/pterodactyl-game-server/", "categories": "homelab", "tags": "gaming, pterodactyl, docker, redis, mariabdb, opensource", "date": "2022-04-30 08:00:00 -0500", "snippet": "Pterodactyl is a free an open source dedicated game server.It comes with both a panel to configure and deploy your game servers as well as game server nodes to run your games.It runs games in Docke...", "content": "Pterodactyl is a free an open source dedicated game server.It comes with both a panel to configure and deploy your game servers as well as game server nodes to run your games.It runs games in Docker containers to keep them isolated and making them easier than ever to deploy.We’re going to also use Docker to create our Pterodactyl server and the Wings agent making this truly Docker to the core.https://pterodactyl.ioBe sure to ⭐ the Pterodactyl GitHub repo and the Eggs repo (additional games)📺 Watch VideoInstall DockerTo install docker, see this postReverse ProxyBoth your Pterodactyl Panel server as well as your Pterodactyl Wing server will need to be configured in your reverse proxy, each with their own public URL. If you need help configuring your reverse proxy, see my guide on how to do that.Need games 🎮?Check out game deals on Humble Games (affiliate link)Game Panelmkdir pterodactylcd pterodactylmkdir panelcd panelnano docker-compose.ymldocker-compose.ymlversion: '3.8'x-common: database: &db-environment # Do not remove the \"&db-password\" from the end of the line below, it is important # for Panel functionality. MYSQL_PASSWORD: &db-password \"CHANGE_ME\" MYSQL_ROOT_PASSWORD: \"CHANGE_ME_TOO\" panel: &panel-environment # This URL should be the URL that your reverse proxy routes to the panel server APP_URL: \"https://pterodactyl.example.com\" # A list of valid timezones can be found here: http://php.net/manual/en/timezones.php APP_TIMEZONE: \"UTC\" APP_SERVICE_AUTHOR: \"noreply@example.com\" TRUSTED_PROXIES: \"*\" # Set this to your proxy IP # Uncomment the line below and set to a non-empty value if you want to use Let's Encrypt # to generate an SSL certificate for the Panel. # LE_EMAIL: \"\" mail: &mail-environment MAIL_FROM: \"noreply@example.com\" MAIL_DRIVER: \"smtp\" MAIL_HOST: \"mail\" MAIL_PORT: \"1025\" MAIL_USERNAME: \"\" MAIL_PASSWORD: \"\" MAIL_ENCRYPTION: \"true\"## ------------------------------------------------------------------------------------------# DANGER ZONE BELOW## The remainder of this file likely does not need to be changed. Please only make modifications# below if you understand what you are doing.#services: database: image: mariadb:10.5 restart: always command: --default-authentication-plugin=mysql_native_password volumes: - \"/srv/pterodactyl/database:/var/lib/mysql\" environment: <<: *db-environment MYSQL_DATABASE: \"panel\" MYSQL_USER: \"pterodactyl\" cache: image: redis:alpine restart: always panel: image: ghcr.io/pterodactyl/panel:latest restart: always ports: - \"80:80\" - \"443:443\" links: - database - cache volumes: - \"/srv/pterodactyl/var/:/app/var/\" - \"/srv/pterodactyl/nginx/:/etc/nginx/http.d/\" - \"/srv/pterodactyl/certs/:/etc/letsencrypt/\" - \"/srv/pterodactyl/logs/:/app/storage/logs\" environment: <<: [*panel-environment, *mail-environment] DB_PASSWORD: *db-password APP_ENV: \"production\" APP_ENVIRONMENT_ONLY: \"false\" CACHE_DRIVER: \"redis\" SESSION_DRIVER: \"redis\" QUEUE_DRIVER: \"redis\" REDIS_HOST: \"cache\" DB_HOST: \"database\" DB_PORT: \"3306\"networks: default: ipam: config: - subnet: 172.20.0.0/16Start the stackdocker-compose up -dCreate a Userdocker-compose run --rm panel php artisan p:user:makeWingsmkdir pterodactylcd pterodactylmkdir wingscd wingsnano docker-compose.ymldocker-compose.ymlversion: '3.8'services: wings: image: ghcr.io/pterodactyl/wings:v1.6.1 restart: always networks: - wings0 ports: - \"8080:8080\" - \"2022:2022\" - \"443:443\" tty: true environment: TZ: \"UTC\" WINGS_UID: 988 WINGS_GID: 988 WINGS_USERNAME: pterodactyl volumes: - \"/var/run/docker.sock:/var/run/docker.sock\" - \"/var/lib/docker/containers/:/var/lib/docker/containers/\" - \"/etc/pterodactyl/:/etc/pterodactyl/\" - \"/var/lib/pterodactyl/:/var/lib/pterodactyl/\" - \"/var/log/pterodactyl/:/var/log/pterodactyl/\" - \"/tmp/pterodactyl/:/tmp/pterodactyl/\" - \"/etc/ssl/certs:/etc/ssl/certs:ro\" # you may need /srv/daemon-data if you are upgrading from an old daemon #- \"/srv/daemon-data/:/srv/daemon-data/\" # Required for ssl if you use let's encrypt. uncomment to use. #- \"/etc/letsencrypt/:/etc/letsencrypt/\"networks: wings0: name: wings0 driver: bridge ipam: config: - subnet: \"172.21.0.0/16\" driver_opts: com.docker.network.bridge.name: wings0Start the stackdocker-compose up -dsudo nano /etc/pterodactyl/config.ymlPaste the contents from the config your panel generated for your node into this fileNote: The FQDN field when configuring the node in the panel should be the URL that your reverse proxy routes to your wing server. Also ensure you entered 443 for the Daemon Port field.config.ymldebug: falseuuid: 716deb8f-7047-42ad-9323-4a25ae49118btoken_id: 7PoSfql3hdKjbMKntoken: apEo1esCKe5sEWkpfnRB5xakj3mc0aM6jglacgBcsIsgglBtOm0oV1W3efTbwarNapi: host: 0.0.0.0 port: 443 ssl: enabled: false cert: /etc/letsencrypt/live/node-01.example.com/fullchain.pem key: /etc/letsencrypt/live/node-01.example.com/privkey.pem upload_limit: 100system: data: /var/lib/pterodactyl/volumes sftp: bind_port: 2022allowed_mounts: []remote: 'https://pterodactyl.example.com'Restart the stackdocker-compose up -d --force-recreateTroubleshootingMissing MetricsIf you aren’t seeing your stats in the consolesudo nano /etc/default/grubadd additional parameters to GRUB_CMDLINE_LINUX_DEFAULTGRUB_CMDLINE_LINUX_DEFAULT=\"swapaccount=1 systemd.unified_cgroup_hierarchy=1\"sudo update-grubsudo rebootKubernetesIf you are looking to install the Pterodactyl Panel on kubernetes, see the manifests here.Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "I Freed Up 700GB+ Converting my Videos Using Tdarr", "url": "/posts/tadarr-server/", "categories": "homelab", "tags": "tdarr, plex", "date": "2022-04-16 10:00:00 -0500", "snippet": "Tdarr is a distributed transcoding system that runs on on Windows, Mac, Linux, Arm, Docker, and even Unraid.It uses a server with one or more nodes to transcode videos into any format you like.Toda...", "content": "Tdarr is a distributed transcoding system that runs on on Windows, Mac, Linux, Arm, Docker, and even Unraid.It uses a server with one or more nodes to transcode videos into any format you like.Today, we’ll set up the Docker and Windows version of Tdarr using a GPU to regain up to 50% of your disk space back.I converted my video collection using Tdarr to h265 and saved over 700 GB of disk space.A HUGE THANKS to our sponsor, Micro Center!New Customers Exclusive – Get a Free 256gb SSD at Micro Center: https://micro.center/a643c4📺 Watch VideoDocker Server + Nodedocker-compose.ymlversion: \"3.4\"services: tdarr: container_name: tdarr image: ghcr.io/haveagitgat/tdarr:latest restart: unless-stopped network_mode: bridge ports: - 8265:8265 # webUI port - 8266:8266 # server port - 8267:8267 # Internal node port environment: - TZ=America/Chicago - PUID=1000 - PGID=1000 - UMASK_SET=002 - serverIP=0.0.0.0 - serverPort=8266 - webUIPort=8265 - internalNode=true - nodeID=MyInternalNode - nodeIP=0.0.0.0 - nodePort=8267 - NVIDIA_DRIVER_CAPABILITIES=all - NVIDIA_VISIBLE_DEVICES=all volumes: - /path/to/server:/app/server - /path/to/configs:/app/configs - /path/to/logs:/app/logs - /path/to/media/:/media - /path/to/temp/:/temp deploy: resources: reservations: devices: - capabilities: - gpuWindows NodeTdarr_Node_Config.json{ \"nodeID\": \"Windows-Node\", \"nodeIP\": \"192.168.0.100\", \"nodePort\": \"8267\", \"serverIP\": \"192.168.0.101\", \"serverPort\": \"8266\", \"handbrakePath\": \"\", \"ffmpegPath\": \"\", \"mkvpropeditPath\": \"\", \"pathTranslators\": [ { \"server\": \"/media/\", \"node\": \"C:/media\" }, { \"server\": \"/temp\", \"node\": \"C:/temp\" } ], \"platform_arch\": \"win32_x64_docker_false\", \"logLevel\": \"INFO\"}Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Fully Automated K3S etcd High Availability Install", "url": "/posts/k3s-etcd-ansible/", "categories": "kubernetes, k3s", "tags": "k3s, rancher, etcd, ansible, cloud-image, metallb, kube-vip", "date": "2022-03-26 10:00:00 -0500", "snippet": "Setting up k3s is hard.That’s why we made it easy.Today we’ll set up a High Availability K3s cluster using etcd, MetalLB, kube-vip, and Ansible.We’ll automate the entire process giving you an easy,...", "content": "Setting up k3s is hard.That’s why we made it easy.Today we’ll set up a High Availability K3s cluster using etcd, MetalLB, kube-vip, and Ansible.We’ll automate the entire process giving you an easy, repeatable way to create a k3s cluster that you can run in a few minutes.A HUGE THANKS to our sponsor, Micro Center!New Customers Exclusive – Get a Free 240gb SSD at Micro Center: https://micro.center/1043bc📺 Watch VideoPrepYou’ll need to be sure you have Ansible installed on your machine and that it is at least 2.11+. If you don’t, you can use the install Ansible post on how to install and update it.Second, you’ll need to provision the VMs. Here’s an easy way to create perfect Proxmox templates with cloud image and cloud init and a video if you need.Next, you’ll need to fork and clone the repo.While you’re at it, give it a ⭐ too :).git clone https://github.com/techno-tim/k3s-ansibleNext you’ll want to create a local copy of ansible.example.cfg.cp ansible.example.cfg ansible.cfgYou’ll want to adapt this to suit your needs however the defaults should work without issue.If you’re looking for the old defaults, you can see them in this PR that remove the file.Next you’ll need to install some requirements for ansibleansible-galaxy install -r ./collections/requirements.ymlNext, you’ll want to cd into the repo and copy the sample directory within the inventory directory.(Be sure you’re using the latest template)cp -R inventory/sample inventory/my-clusterInstalling k3sNext, edit the inventory/my-cluster/hosts.ini to match your systems.DNS works here too.[master]192.168.30.38192.168.30.39192.168.30.40[node]192.168.30.41192.168.30.42[k3s_cluster:children]masternodeEdit inventory/my-cluster/group_vars/all.yml to your liking.See comments inline.It’s best to start using these args, and optionally include traefik if you want it installed with k3s however I would recommend installing it later with helmIt’s best to start with the default values in the repo.# change these to your liking, the only required are: --disable servicelb, --tls-san extra_server_args: >- --node-taint node-role.kubernetes.io/master=true:NoSchedule --tls-san --disable servicelb --disable traefikextra_agent_args: >- I would not change these values unless you know what you are doing.It will most likely not work for you but listing for posterity. Note: These are for an advanced use case. There isn’t a one size fits all setting for everyone and their needs, I would try using k3s with the above values before changing them.This could have undesired effects like nodes going offline, pods jumping or being removed, etc… Using these args might come at the cost of stability Also, these will not work anymore without some modificationsextra_server_args: \"--disable servicelb --disable traefik --write-kubeconfig-mode 644 --kube-apiserver-arg default-not-ready-toleration-seconds=30 --kube-apiserver-arg default-unreachable-toleration-seconds=30 --kube-controller-arg node-monitor-period=20s --kube-controller-arg node-monitor-grace-period=20s --kubelet-arg node-status-update-frequency=5s\"extra_agent_args: \"--kubelet-arg node-status-update-frequency=5s\"Start provisioning of the cluster using the following command:ansible-playbook ./site.yml -i ./inventory/my-cluster/hosts.ini Note: note: add –ask-pass –ask-become-pass if you are using password SSH login.After deployment control plane will be accessible via virtual ip address which is defined in inventory/my-cluster/group_vars/all.yml as apiserver_endpointkube configTo get access to your Kubernetes cluster and copy your kube config locally run:scp ansibleuser@192.168.30.38:~/.kube/config ~/.kube/configTesting your clusterBe sure you can ping your VIP defined in inventory/my-cluster/group_vars/all.yml as apiserver_endpointping 192.168.30.222Getting nodeskubectl get nodesDeploying a sample nginx workloadkubectl apply -f example/deployment.ymlCheck to be sure it was deployedkubectl describe deployment nginxDeploying a sample nginx service with a LoadBalancerkubectl apply -f example/service.ymlCheck service and be sure it has an IP from metal lb as defined in inventory/my-cluster/group_vars/all.ymlkubectl describe service nginxVisit that url or curlcurl http://192.168.30.80You should see the nginx welcome page.You can clean this up by runningkubectl delete -f example/deployment.ymlkubectl delete -f example/service.ymlResetting your clusterThis will remove k3s from all nodes.These nodes should be rebooted afterwards.ansible-playbook ./reset.yml -i ./inventory/my-cluster/hosts.iniWhat’s next?See here to get the steps for installing traefik + let’s encryptSee here for steps to deploy rancherTroubleshootingBe sure to see this post on how to troubleshoot common problemsLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Perfect Proxmox Template with Cloud Image and Cloud Init", "url": "/posts/cloud-init-cloud-image/", "categories": "proxmox", "tags": "proxmox, ubuntu, cloud-image, cloud-init, cloud, clone, linux", "date": "2022-03-19 10:00:00 -0500", "snippet": "Using Cloud Images and Cloud Init with Proxmox is easy, fast, efficient, and fun! Cloud Images are small images that are certified cloud ready that have Cloud Init preinstalled and ready to accept...", "content": "Using Cloud Images and Cloud Init with Proxmox is easy, fast, efficient, and fun! Cloud Images are small images that are certified cloud ready that have Cloud Init preinstalled and ready to accept a Cloud Config.Cloud Images and Cloud Init also work with Proxmox and if you combine the two you have a perfect, small, efficient, optimized clone template to provision machines with your ssh keys and network settings.So join me as we discuss, set up, and configure Proxmox with Cloud Images and Cloud Init.📺 Watch VideoInstructionsChoose your Ubuntu Cloud ImageDownload Ubuntu (replace with the url of the one you chose from above)wget https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.imgCreate a new virtual machineqm create 8000 --memory 2048 --core 2 --name ubuntu-cloud --net0 virtio,bridge=vmbr0Import the downloaded Ubuntu disk to local storage (Change local to the storage of your choice)qm disk import 8000 noble-server-cloudimg-amd64.img localAttach the new disk to the vm as a scsi drive on the scsi controller (Change local to the storage of your choice)qm set 8000 --scsihw virtio-scsi-pci --scsi0 local:vm-8000-disk-0Add cloud init drive ((Change local to the storage of your choice)qm set 8000 --ide2 local:cloudinitMake the cloud init drive bootable and restrict BIOS to boot from disk onlyqm set 8000 --boot c --bootdisk scsi0Add serial consoleqm set 8000 --serial0 socket --vga serial0DO NOT START YOUR VMNow, configure hardware and cloud init, then create a template and clone.If you want to expand your hard drive you can on this base image before creating a template or after you clone a new machine.I prefer to expand the hard drive after I clone a new machine based on need.Create template.qm template 8000Clone template.qm clone 8000 135 --name yoshi --fullTroubleshootingIf you need to reset your machine-idsudo rm -f /etc/machine-idsudo rm -f /var/lib/dbus/machine-idThen shut it down and do not boot it up.A new id will be generated the next time it boots.If it does not you can run:sudo systemd-machine-id-setupLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "A Hypervisor Built on Kubernetes - Cloud Native HCI with Harvester", "url": "/posts/meet-harvester/", "categories": "kubernetes, rancher", "tags": "harvester, homelab, rancher, k3s, kubernetes, grafana", "date": "2022-03-12 07:00:00 -0600", "snippet": "Rancher released a next generation open source HCI software hypervisor built on Kubernetes that helps you run virtual machines.With Harvester you can create Linux, Windows, or any virtual machine t...", "content": "Rancher released a next generation open source HCI software hypervisor built on Kubernetes that helps you run virtual machines.With Harvester you can create Linux, Windows, or any virtual machine that can be easily scaled and cluster giving your high availability virtual machines with a few clicks.It also gives you a platform to automatically create HA RKE1, RKE2, and K3S Kubernetes clusters with etcd along with the virtual machines it runs on.Now you can run virtual machines and kubernetes on the edge on one machine.📺 Watch Video⬇️ Download Harvester📖 Harvester DocumentationLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "TrueNAS Scale Apps - Official, Unofficial, Docker, and Kubernetes", "url": "/posts/truenas-scale-apps/", "categories": "truenas", "tags": "homelab, docker-compose, container, image, helm, kubernetes, k3s, truenas, docker", "date": "2022-03-02 07:00:00 -0600", "snippet": "TrueNAS SCALE is here and with it comes new way of installing and managing applications.You can install official apps, unofficial and community apps using TrueCharts, and also any Docker image or K...", "content": "TrueNAS SCALE is here and with it comes new way of installing and managing applications.You can install official apps, unofficial and community apps using TrueCharts, and also any Docker image or Kubernetes deployment with helm.Join me as we dive into managing applications and exploring TrueNAS SCALES’s new app engine that runs Docker, Kubernetes, and K3S.📺 Watch VideoIf you’re looking for Community App Catalog for TrueNAS SCALE, you can find it hereLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Building your first Dockerfile, Image, and Container", "url": "/posts/custom-docker-image/", "categories": "docker", "tags": "docker, docker-compose, container, image", "date": "2022-02-26 07:00:00 -0600", "snippet": "We spin up all types of containers on my channel in my tutorials, but we have yet to build our own custom Docker container image.Today we’ll start from scratch with an empty Dockerfile and create, ...", "content": "We spin up all types of containers on my channel in my tutorials, but we have yet to build our own custom Docker container image.Today we’ll start from scratch with an empty Dockerfile and create, build, and run our very own custom Docker image! We’ll learn all the commands that everyone should know when building and maintaining images with Docker.This tutorial is a great way to get started with Docker!📺 Watch VideoInstall DockerTo install docker, see this postDocker commandsSource filesbuild imagedocker build .build image with tagdocker build -t hello-internetlist docker imagesdocker imageslist docker containersdocker pslist docker containers including stoppeddocker ps -acreate container from imagedocker run -d -p 80:80 <image id>exec into running containerdocker exec -it <container id> /bin/shstop running containerdocker stop <container id>start a stopped containerdocker start <container id>remove a containerdocker rm <container id>remove an imagedocker rmi <image id>Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Open Source & Collaborative Security with CrowdSec and Traefik - CrowdSec & Traefik Tutorial", "url": "/posts/crowdsec-traefik/", "categories": "homelab", "tags": "homelab, hardware, security, self-hosted, crowdsec, traefik, fail2ban", "date": "2022-02-12 07:00:00 -0600", "snippet": "CrowdSec is a free, open-source and collaborative IPS. Analyze behaviors, respond to attacks & share signals across the community.With CrowdSec, you can set up your own intrusion detection syst...", "content": "CrowdSec is a free, open-source and collaborative IPS. Analyze behaviors, respond to attacks & share signals across the community.With CrowdSec, you can set up your own intrusion detection system that parses logs, detects and blocks threats, and shares bad actors with the larger CrowdSec community.It works great with a reverse proxy like traefik to help keep hackers at bay.Could this be a viable alternative to fail2ban?📺 Watch VideoA HUGE THANK YOU to Micro Center for sponsoring this video!New Customers Exclusive – Get a Free 240gb SSD at Micro Center: https://micro.center/1fbb85If you need to set up traefik, you can follow this post here on configuring traefikIf you need a high level overview of HomeLab and Self-Hosting Security, check out this video that will help you keep your network safe.Configure CrowdSectraefik bouncer repohttps://github.com/fbonalair/traefik-crowdsec-bouncermkdir crowdseccd crowdsectouch docker-compose.ymlnano docker-compose.ymlversion: '3.8'services: crowdsec: image: crowdsecurity/crowdsec:latest container_name: crowdsec environment: GID: \"${GID-1000}\" COLLECTIONS: \"crowdsecurity/linux crowdsecurity/traefik\" # depends_on: #uncomment if running traefik in the same compose file # - 'traefik' volumes: - ./config/acquis.yaml:/etc/crowdsec/acquis.yaml - crowdsec-db:/var/lib/crowdsec/data/ - crowdsec-config:/etc/crowdsec/ - traefik_traefik-logs:/var/log/traefik/:ro networks: - proxy restart: unless-stopped bouncer-traefik: image: docker.io/fbonalair/traefik-crowdsec-bouncer:latest container_name: bouncer-traefik environment: CROWDSEC_BOUNCER_API_KEY: some-api-key CROWDSEC_AGENT_HOST: crowdsec:8080 networks: - proxy # same network as traefik + crowdsec depends_on: - crowdsec restart: unless-stoppednetworks: proxy: external: truevolumes: crowdsec-db: crowdsec-config: traefik_traefik-logs: # this will be the name of the volume from trarfic logs external: true # remove if traefik is running on same stackcd configtouch acquis.yamlnano acquis.yamldocker-compose up -d --force-recreatefilenames: - /var/log/traefik/*labels: type: traefikConfigure Traefikcd traefikcd datanano traefik.ymlapi: dashboard: true debug: trueentryPoints: http: address: \":80\" http: middlewares: - crowdsec-bouncer@file https: address: \":443\" http: middlewares: - crowdsec-bouncer@fileserversTransport: insecureSkipVerify: trueproviders: docker: endpoint: \"unix:///var/run/docker.sock\" exposedByDefault: false file: filename: /config.ymlcertificatesResolvers: cloudflare: acme: email: someone@example.com storage: acme.json dnsChallenge: provider: cloudflare resolvers: - \"1.1.1.1:53\"log: level: \"INFO\" filePath: \"/var/log/traefik/traefik.log\"accessLog: filePath: \"/var/log/traefik/access.log\"nano docker-compose.ymlversion: '3'services: traefik: image: traefik:latest container_name: traefik restart: unless-stopped security_opt: - no-new-privileges:true networks: - proxy ports: - 80:80 - 443:443 environment: - CF_API_EMAIL=user@example.com - CF_DNS_API_TOKEN=YOUR_API_TOKEN # - CF_API_KEY=YOUR_API_KEY # be sure to use the correct one depending on if you are using a token or key volumes: - /etc/localtime:/etc/localtime:ro - /var/run/docker.sock:/var/run/docker.sock:ro - /home/username/traefik/data/traefik.yml:/traefik.yml:ro - /home/username/traefik/data/acme.json:/acme.json - /home/username/traefik/data/config.yml:/config.yml:ro - traefik-logs:/var/log/traefik labels: - \"traefik.enable=true\" - \"traefik.http.routers.traefik.entrypoints=http\" - \"traefik.http.routers.traefik.rule=Host(`traefik-dashboard.local.example.com`)\" - \"traefik.http.middlewares.traefik-auth.basicauth.users=USER:BASIC_AUTH_PASSWORD\" - \"traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https\" - \"traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https\" - \"traefik.http.routers.traefik.middlewares=traefik-https-redirect\" - \"traefik.http.routers.traefik-secure.entrypoints=https\" - \"traefik.http.routers.traefik-secure.rule=Host(`traefik-dashboard.local.example.com`)\" - \"traefik.http.routers.traefik-secure.middlewares=traefik-auth\" - \"traefik.http.routers.traefik-secure.tls=true\" - \"traefik.http.routers.traefik-secure.tls.certresolver=cloudflare\" - \"traefik.http.routers.traefik-secure.tls.domains[0].main=local.example.com\" - \"traefik.http.routers.traefik-secure.tls.domains[0].sans=*.local.example.com\" - \"traefik.http.routers.traefik-secure.service=api@internal\"networks: proxy: external: truevolumes: traefik-logs:docker-compose up -d --force-recreatecd config/datanano config.ymladd crowdsec-bouncer: forwardauth: address: http://bouncer-traefik:8080/api/v1/forwardAuth trustForwardHeader: truenano traefik.yml# check to be sure you have your middleware set for bothentryPoints: http: address: \":80\" http: middlewares: - crowdsec-bouncer@file https: address: \":443\" http: middlewares: - crowdsec-bouncer@fileDashboardTo add a self-hosted dashboard update your docker-compose.ymlcd crowdsectouch DockerfileFROM metabase/metabaseRUN mkdir /data/ && wget https://crowdsec-statics-assets.s3-eu-west-1.amazonaws.com/metabase_sqlite.zip && unzip metabase_sqlite.zip -d /data/nano docker-compose.yml dashboard: #we're using a custom Dockerfile so that metabase pops with pre-configured dashboards build: ./dashboard restart: always ports: - 3000:3000 environment: MB_DB_FILE: /data/metabase.db MGID: \"${GID-1000}\" depends_on: - 'crowdsec' volumes: - crowdsec-db:/metabase-data/ networks: crowdsec_test: ipv4_address: 172.20.0.5restart containerdocker-compose up -d --force-recreateDefault’s credentials for metabase are crowdsec@crowdsec.net and !!Cr0wdS3c_M3t4b4s3?? Be sure to change this.CrowdSec Commandssee metricsdocker exec crowdsec cscli metricssee bansdocker exec crowdsec cscli decisions listmanually install collectionsdocker exec crowdsec cscli collections install crowdsecurity/traefikupdate hubsdocker exec crowdsec cscli hub updateupgrade hubsdocker exec crowdsec cscli hub upgradeadd bouncer(save api key somewhere)docker exec crowdsec cscli bouncers add bouncer-traefikban ipdocker exec crowdsec cscli decisions add --ip 192.168.0.101unban ipdocker exec crowdsec cscli decisions delete --ip 192.168.0.101Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Self-Hosting Security Guide for your HomeLab", "url": "/posts/self-hosting-security/", "categories": "homelab", "tags": "homelab, hardware, security, self-hosted", "date": "2022-01-29 07:00:00 -0600", "snippet": "When most people think about self-hosting services in their HomeLab, they often think of the last mile. By last mile I mean the very last hop before a user accesses your services. This last hop, wh...", "content": "When most people think about self-hosting services in their HomeLab, they often think of the last mile. By last mile I mean the very last hop before a user accesses your services. This last hop, whether that’s using certificates or a reverse proxy, is incredibly important, but it’s also important to know that security starts at the foundation of your HomeLab.Today, we’ll work our way up from hardware security, to OS, to networking, to containers, to firewalls, IDS/IPS, reverse proxies, auth proxies for authentication and authorization, and even lean in to an external provider like Cloudflare.A HUGE thanks to Micro Center for sponsoring this video!New Customers Exclusive – Get a Free 240gb SSD at Micro Center: https://micro.center/0ef37a📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Build a Low Power, Efficient, Small Form Factor but Powerful Proxmox Server", "url": "/posts/low-power-efficient-proxmox/", "categories": "homelab", "tags": "homelab, proxmox, hardware", "date": "2022-01-15 07:00:00 -0600", "snippet": "Have you been thinking about building a low power, efficient, small form factor but performant Proxmox server? This is the perfect home server build for anyone who wanted to virtualize some machi...", "content": "Have you been thinking about building a low power, efficient, small form factor but performant Proxmox server? This is the perfect home server build for anyone who wanted to virtualize some machines while still staying green.This tiny, silent, and efficient build is one that won’t drive up your electricity bill either.A HUGE thanks to Micro Center for sponsoring this video!New Customers Exclusive – Get a Free 240gb SSD at Micro Center: https://micro.center/4e48d4📺 Watch VideoSee the kit here:https://kit.co/technotim/efficient-low-power-powerful-virtualization-serverLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Meet the Turing Pi 2 - Mix Pis and NVidia Jetsons on a Mini ITX Board!", "url": "/posts/turing-pi-2-hardware/", "categories": "homelab", "tags": "raspberry-pi, k3s, kubernetes, homelab, hardware, turing-pi", "date": "2022-01-01 07:00:00 -0600", "snippet": "The Turing Pi 2 is a compact ARM cluster that provides a scalable computing on the edge.The Turning Pi 2 comes with many improvements over the Turning Pi 1.This model ships with 32GB of RAM, SATA I...", "content": "The Turing Pi 2 is a compact ARM cluster that provides a scalable computing on the edge.The Turning Pi 2 comes with many improvements over the Turning Pi 1.This model ships with 32GB of RAM, SATA III interface, Raspberry Pi Compute module 4 support, and support for NVIDIA Jetson boards.This means that you can mix and match both raspberry Pis along with Nvidia Jetson boards. This gives us a ton of flexibility to be able to run Pis for general compute workloads, and then Nvidia Jetsons for AI or ML workloads.Join me as we explore the Turing Pi 2 and prepare its home inside of my HomeLab server rack.📺 Watch VideoTuring Pi 2 - https://turingpi.comRaspberry Pi Compute Modules - https://www.raspberrypi.com/products/compute-module-4NVIDIA Jetson - https://amzn.to/3eGDQjeRosewill 2U Server Chassis Case - https://amzn.to/3qxbygkEVGA 550 Power Supply - https://amzn.to/3EMEzd4Noctua 80mm Redux PWM Fans - https://amzn.to/3zdBUbpSamsung EVO microSD 64 GB - https://amzn.to/3FR5OosSamsung EVO microSD 128 GB - https://amzn.to/3eCIajxCR2032 Batteries - https://amzn.to/3zfWE2bCM4 Heat Sinks - https://amzn.to/31hSVVkMultipurpose Rails https://amzn.to/3Hr6wsS4 Pin Splitter Cables https://amzn.to/3mQvzh4Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Meet keepalived - High Availability and Load Balancing in One", "url": "/posts/keepalived-ha-loadbalancer/", "categories": "homelab", "tags": "homelab, keepalived, self-hosted, linux, ubuntu", "date": "2021-12-11 07:00:00 -0600", "snippet": "In my quest to make my services highly available I decided to use keepalived.keepalived is a framework for both load balancing and high availability that implements VRRP.This is a protocol that you...", "content": "In my quest to make my services highly available I decided to use keepalived.keepalived is a framework for both load balancing and high availability that implements VRRP.This is a protocol that you see on some routers and has been implemented in keepalived. It creates a Virtual IP (or VIP, or floating IP) that acts as a gateway to route traffic to all participating hosts.This VIP that can provide a high availability setup and fail over to another host in the event that one is down. In this video, we’ll set up and configure keepalived, we’ll test our configuration to make sure it’s working, and we’ll also talk about some advanced use cases like load balancing.📺 Watch VideoInstallationsudo apt updatesudo apt install keepalivedsudo apt install libipset13ConfigurationFind your IPip a edit your configsudo nano /etc/keepalived/keepalived.confFirst nodevrrp_instance VI_1 { state MASTER interface ens18 virtual_router_id 55 priority 150 advert_int 1 unicast_src_ip 192.168.30.31 unicast_peer { 192.168.30.32 } authentication { auth_type PASS auth_pass C3P9K9gc } virtual_ipaddress { 192.168.30.100/24 }}Second nodevrrp_instance VI_1 { state BACKUP interface ens18 virtual_router_id 55 priority 100 advert_int 1 unicast_src_ip 192.168.30.32 unicast_peer { 192.168.30.31 } authentication { auth_type PASS auth_pass C3P9K9gc } virtual_ipaddress { 192.168.30.100/24 }}Start and enable the servicesudo systemctl enable --now keepalived.servicestopping the servicesudo systemctl stop keepalived.serviceget the statussudo systemctl status keepalived.servicenginx examplecreate index.html to mountnano /home/user/docker_volumes/nginx/index.html<!DOCTYPE html><html lang=\"en\"><head> <meta charset=\"UTF-8\"> <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\"> <meta http-equiv=\"X-UA-Compatible\" content=\"ie=edge\"> <title>Hello From Primary Node</title> <style> h1{ font-weight:lighter; font-family: Arial, Helvetica, sans-serif; } </style></head><body> <h1> Hello World 1 </h1></body></html>install nginx via dockerdocker run --name some-nginx -v /home/user/docker_volumes/nginx:/usr/share/nginx/html:ro -d -p 8080:80 nginxvisit your VIP on port 8080PiHoleIn this video we covered the PiHole use case.After setting this up, be sure to check out the tutorial on Gravity SyncLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "HomeLab Services Tour Late 2021 - What am I Self-Hosting in my HomeLab?", "url": "/posts/homelab-services-tour-2021/", "categories": "homelab", "tags": "homelab, proxmox, grafana, logging, dns, dashboard, kubernetes, certificates, shlink, littlelink-server, portainer, self-hosted, docker, rancher, pi-hole, heimdall, plex, truenas, jekyll, grafana, loki, monitoring, uptime-kuma, traefik, nas, unifi, virtualization, containerization", "date": "2021-12-04 07:00:00 -0600", "snippet": "After showing off my Home Lab hardware in my late 2021 tour, many of you asked what services are self-hosted in this stack. This is always a moving target so I decided it was time to share which se...", "content": "After showing off my Home Lab hardware in my late 2021 tour, many of you asked what services are self-hosted in this stack. This is always a moving target so I decided it was time to share which services I am running here at home.Today, we walk through everything I am hosting including: Dashboard, Hypervisor, Virtualization, Containerization, Network Attached Storage (NAS), DNS, Network Management, Home Security, Kubernetes, Kubernetes Storage, Docker, Reverse Proxy, Certificates, Monitoring, Logging, Syncing Data, File Sharing, Self-Promotion (Contact Page), Link Shortening, Home Entertainment, Home Automation, Battery / UPS Monitoring, CMS, Static Site Generators, Dynamic DNS, CI/CD, and many, many others.Enjoy the virtual tour!Worth mentioning, I have videos on almost every service mentioned in this video!📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Meet Grafana LOKI, a Log Aggregation System for Everything", "url": "/posts/grafana-loki/", "categories": "homelab", "tags": "homelab, proxmox, grafana, logging, promtail, prometheus", "date": "2021-11-20 07:00:00 -0600", "snippet": "I’ve been on a quest to find a new logging system.I’ve use quite a few in the past, some open source, some proprietary, and some home grown, but recently I’ve decided to switch.I’ve switched to Gra...", "content": "I’ve been on a quest to find a new logging system.I’ve use quite a few in the past, some open source, some proprietary, and some home grown, but recently I’ve decided to switch.I’ve switched to Grafana Loki for all of my logs for all of my systems - this includes machines, devices, docker systems and hosts, and my all of my kubernetes clusters.If you’re thinking of using Grafana and are also looking for a fast way to log all of your systems, join me as we discuss and configure Grafana Loki.📺 Watch VideoDon’t want to host it yourself? Check out Grafana Cloud and sign up for a free account https://l.technotim.live/grafana-labsDocker SetupSee this post on how to install docker and docker-composeRunning the containerIf you’re using Docker composemkdir grafanamkdir lokimkdir promtailtouch docker-compose.ymlnano docker-compose.yml # copy the contents from belowlsdocker-compose up -d --force-recreate # be sure you've created promtail-config.yml and loki-config.yml before running thisdocker-compose.ymlversion: \"3\"networks: loki:services: loki: image: grafana/loki:2.4.0 volumes: - /home/serveradmin/docker_volumes/loki:/etc/loki ports: - \"3100:3100\" restart: unless-stopped command: -config.file=/etc/loki/loki-config.yml networks: - loki promtail: image: grafana/promtail:2.4.0 volumes: - /var/log:/var/log - /home/serveradmin/docker_volumes/promtail:/etc/promtail # ports: # - \"1514:1514\" # this is only needed if you are going to send syslogs restart: unless-stopped command: -config.file=/etc/promtail/promtail-config.yml networks: - loki grafana: image: grafana/grafana:latest user: \"1000\" volumes: - /home/serveradmin/docker_volumes/grafana:/var/lib/grafana ports: - \"3000:3000\" restart: unless-stopped networks: - lokiLoki Confignano loki/loki-config.ymlloki-config.ymlauth_enabled: falseserver: http_listen_port: 3100 grpc_listen_port: 9096common: path_prefix: /tmp/loki storage: filesystem: chunks_directory: /tmp/loki/chunks rules_directory: /tmp/loki/rules replication_factor: 1 ring: instance_addr: 127.0.0.1 kvstore: store: inmemoryschema_config: configs: - from: 2020-10-24 store: boltdb-shipper object_store: filesystem schema: v11 index: prefix: index_ period: 24hruler: alertmanager_url: http://localhost:9093Promtail Confignano promtail/promtail-config.ymlpromtail-config.ymlserver: http_listen_port: 9080 grpc_listen_port: 0positions: filename: /tmp/positions.yamlclients: - url: http://loki:3100/loki/api/v1/pushscrape_configs:# local machine logs- job_name: local static_configs: - targets: - localhost labels: job: varlogs __path__: /var/log/*log ## docker logs#- job_name: docker # pipeline_stages:# - docker: {}# static_configs:# - labels:# job: docker# __path__: /var/lib/docker/containers/*/*-json.log# syslog target#- job_name: syslog# syslog:# listen_address: 0.0.0.0:1514 # make sure you also expose this port on the container# idle_timeout: 60s# label_structured_data: yes# labels:# job: \"syslog\"# relabel_configs:# - source_labels: ['__syslog_message_hostname']# target_label: 'host'Loki Docker DriverInstall docker plugindocker plugin install grafana/loki-docker-driver:latest --alias loki --grant-all-permissionsEdit docker daemon configsudo nano /etc/docker/daemon.jsondaemon.json{ \"log-driver\": \"loki\", \"log-opts\": { \"loki-url\": \"http://localhost:3100/loki/api/v1/push\", \"loki-batch-size\": \"400\" }}Restart docker daemon. sudo systemctl restart dockerYou will also need to recreate your containers after applying this setting *LogQL sample queriesQuery all logs from the varlogs stream{job=\"varlogs\"} Query all logs from the varlogs stream and filter on docker{job=\"varlogs\"} |= \"docker\"Query all logs from the container_name label of uptime-kuma and filter on host of juno{container_name=\"uptime-kuma\", host=\"juno\"}Read more about LogQL hereARM CPU (Raspberry Pi)There is a workaround for using this with ARM CPUs. Credit to AndreiTelteu for finding this in this discussiondelete /etc/docker/daemon.jsonAdd the vector service to the docker-compose.yml file vector: image: timberio/vector:0.18.1-debian volumes: - /var/run/docker.sock:/var/run/docker.sock - /home/serveradmin/docker_volumes/vector/vector-config.toml:/etc/vector/vector.toml:ro ports: - \"8383:8383\" restart: unless-stopped networks: - lokiRun this commandmkdir vectorcd vectornano vector-config.tomlpaste this config in the file:[sources.docker-local] type = \"docker_logs\" docker_host = \"/var/run/docker.sock\" exclude_containers = [] # Identify zero-width space as first line of a multiline block. multiline.condition_pattern = '^\\x{200B}' # required multiline.mode = \"halt_before\" # required multiline.start_pattern = '^\\x{200B}' # required multiline.timeout_ms = 1000 # required, milliseconds [sinks.loki] # General type = \"loki\" # required inputs = [\"docker*\"] # required endpoint = \"http://loki:3100\" # required # Auth auth.strategy = \"bearer\" # required auth.token = \"none\" # required # Encoding encoding.codec = \"json\" # required # Healthcheck healthcheck.enabled = false # optional, default # Loki Labels labels.forwarder = 'vector' labels.host = '' labels.container_name = '' labels.compose_service = '' labels.compose_project = '' labels.source = '' labels.category = 'dockerlogs'Credits to this post for the config file: grafana/loki#2361 (comment)Kubernetes SetupIf you’re looking to set this up in kubernetes, see this postLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Installing Grafana Loki with Helm on Kubernetes", "url": "/posts/grafana-loki-kubernetes/", "categories": "kubernetes", "tags": "homelab, proxmox, grafana, logging, promtail, prometheus, kubernetes, helm", "date": "2021-11-20 06:00:00 -0600", "snippet": "In my previous video (Meet Grafana LOKI, a log aggregation system for everything and post, I promised that I would also explain how to install Granfana Loki on Kubernetes using helm.If you’re looki...", "content": "In my previous video (Meet Grafana LOKI, a log aggregation system for everything and post, I promised that I would also explain how to install Granfana Loki on Kubernetes using helm.If you’re looking to set this up in docker-compose, be sure to check out this videoInstalling helmThink of helm as a package manager for kubernetes. It’a an easy way to bundle and deploy config to kubernetes with versioning.If you need to install helm visit helm.shInstalling Loki StackFirst add Loki’s chart repository to helmhelm repo add grafana https://grafana.github.io/helm-chartsThen update the chart repositoryhelm repo updateThis command will: install grafana install prometheus install loki enable persistence for your stack and create a PVChelm upgrade --install loki grafana/loki-stack --set grafana.enabled=true,prometheus.enabled=true,prometheus.alertmanager.persistentVolume.enabled=false,prometheus.server.persistentVolume.enabled=false,loki.persistence.enabled=true,loki.persistence.storageClassName=nfs-client,loki.persistence.size=5GiYou’ll want to set loki.persistence.storageClassName=nfs-client to your StorageClassIn this example, I am using nf-client which is the Kubernetes NFS Subdir External ProvisionerAccessing the Grafana DashboardTo access your Grafana dashboard you can runkubectl port-forward --namespace <YOUR-NAMESPACE> service/loki-grafana 3000:80To get the password for the admin user runkubectl get secret --namespace <YOUR-NAMESPACE> loki-grafana -o jsonpath=\"{.data.admin-password}\" | base64 --decode ; echoThis should print out your passwordYou can now access your dashboard on http://localhost:3000Ingress with TraefikIf you want to create an IngressRoute and you are using traefik can you apply the followingingress.ymlapiVersion: traefik.containo.us/v1alpha1kind: IngressRoutemetadata: name: loki-grafana-ingress annotations: kubernetes.io/ingress.class: traefik-internal # change with your valuespec: entryPoints: - websecure routes: - match: Host(`grafana.example.com`) # change with your value kind: Rule services: - name: loki-grafana port: 80kubectl apply -f ingress.ymlYou should now be able to access your dashboard on https://grafana.example.comLogQL sample queriesQuery all logs from the container label{container=\"uptime-kuma\"} query all logs from the container stream and filter on error{container=\"uptime-kuma\"} |= \"error\"query all logs from the pod label of uptime-kuma-8d45g32fd-lk8rl{pod=\"uptime-kuma-8d45g32fd-lk8rl\"}Read more about LogQL hereUpgrading Loki StackTo upgrade, you run the same command you use to install it, with an updated charthelm repo updatehelm upgrade --install loki grafana/loki-stack --set grafana.enabled=true,prometheus.enabled=true,prometheus.alertmanager.persistentVolume.enabled=false,prometheus.server.persistentVolume.enabled=false,loki.persistence.enabled=true,loki.persistence.storageClassName=nfs-client,loki.persistence.size=5GiLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Techno Tim HomeLab and NEW Server Room Tour! (Late 2021)", "url": "/posts/homelab-tour-2021/", "categories": "homelab", "tags": "homelab, hardware", "date": "2021-11-06 08:00:00 -0500", "snippet": "Well, here it is! My Late 2021 Server Rack and HomeLab tour! This is a special one because I just revamped and remodeled a spot in the basement for my new data center / server room (still picking...", "content": "Well, here it is! My Late 2021 Server Rack and HomeLab tour! This is a special one because I just revamped and remodeled a spot in the basement for my new data center / server room (still picking out a name for it).I’ve upgraded, replaced, added, and consolidated quite a bit since my last tour! New servers, new networking, new UPS, new Raspberry Pi, and even a whole entire wall of tech gear. I also added lots of automation and IoT devices! Join me as we walk through my server room upgrade!📺 Watch Video(Affiliate links are included in this description. I may receive a small commission at no cost to you.)📦 Gear in this video 📦2u Rack Shelf - https://amzn.to/2ZVSJKNAPC 1500VA UPS - https://amzn.to/3GXLJh6Nest Protect - https://amzn.to/3BLhc21Hue Iris Light - https://amzn.to/3ET5Gn8Hue Motion & Temp https://amzn.to/3qb1FXfAxxtra Power Strip - https://amzn.to/3qbzIhTAmazon Power Strip - https://amzn.to/3mMN16wWall Control Galvanized Steel Pegboard - https://amzn.to/3bJ8R4sHue Dimmer Switch - https://amzn.to/3wj9StsHue Light Strips - https://amzn.to/3wkkLLDHue Smart Bulb Starter Kit - https://amzn.to/31renqsHue Motion & Temp Detection - https://amzn.to/3o7HOFRCloud Lamp - https://amzn.to/3GZji24Pi 4 B - https://amzn.to/3BTPKzcPoE Pi Hat - https://amzn.to/3GUqY5OPi Zero - https://amzn.to/3o4LGapHD Homerun - https://amzn.to/2ZXxmYSIntel NUC - https://amzn.to/3BKE3uR24 Port Patch Panel - https://amzn.to/3GYA4yoWall Mount Patch Panel - https://amzn.to/3o2AxadSlim Network Cables - https://amzn.to/3kbYV85UniFi Flex Mini - https://l.technotim.live/ubiquitiUniFi UDM Pro - https://l.technotim.live/ubiquitiUniFi 24 Port PoE Gen 2 Switch Pro - https://l.technotim.live/ubiquitiPC Conversion Case - https://amzn.to/3qgkFDJ18u Server Rack - https://amzn.to/3kbZdvH1u Rails - https://amzn.to/3GSd701APC 600 VA UPS - https://amzn.to/3mMxsM1NetApp DD4246 Disk Shelf - https://amzn.to/3o2AOKhSuperMicro 1u Servers - https://amzn.to/3q9M7TJ8 TB IronWolf NAS Drives - https://amzn.to/3EQXXGw🚀 Kits 🚀Rackmount Servers - https://kit.co/technotim/rackmount-home-lab-serversHomeLab Racks - https://kit.co/technotim/server-rack-homelab1u Servers - https://kit.co/technotim/techno-tim-1u-serverNetworking Stack - https://kit.co/technotim/techno-tim-network-stackRaspberry Pi with PoE - https://kit.co/technotim/best-raspberry-pi-with-poeHome Security - https://kit.co/technotim/techno-tim-home-securityStorage and Hard Drives - https://kit.co/technotim/best-ssd-hard-drive-flash-storageHomeLab and Server Room Upgrade 2021 - https://kit.co/technotim/techno-tim-homelab-and-server-room-upgrade-2021Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Virtualize Windows 11 with Proxmox the Right Way!", "url": "/posts/windows-11-proxmox/", "categories": "homelab", "tags": "homelab, proxmox, windows-11, virtualization", "date": "2021-10-22 08:00:00 -0500", "snippet": "Windows 11 is here and with it comes new hardware requirements.These requirements not only affect physical hardware but also virtual hardware too.The TPM 2.0 requirement for Windows 11 is shaking t...", "content": "Windows 11 is here and with it comes new hardware requirements.These requirements not only affect physical hardware but also virtual hardware too.The TPM 2.0 requirement for Windows 11 is shaking the tech community, HomeLab community, and even virtualization too.Well have no fear, today we’re going to virtualize Windows 11 with a virtual TPM chip! We’re going to create a virtual machine according to proxmox best practices and even install a virtual TMP chip so that you can test Windows 11 with your hardware and software before upgrading Windows 10 in your HomeLab or production environment without any hacks!📺 Watch VideoLinksWindows 11 Downloadhttps://www.microsoft.com/en-us/software-download/windows11KVM/QEMU Windows guest drivers (virtio-win) downloadhttps://github.com/virtio-win/virtio-win-pkg-scriptsNeed to Upgrade to Proxmox 7?See the guide here🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Meet Uptime Kuma, a Fancy Open Source Uptime Monitor for all your HomeLab Monitoring Needs", "url": "/posts/uptime-kuma/", "categories": "self-hosted", "tags": "homelab, uptime-kuma, self-hosted, docker, monitoring, alerting, open-source", "date": "2021-10-03 10:00:00 -0500", "snippet": "You’ve spun up lots of self-hosted services in your HomeLab but you haven’t set up monitoring and alerting yet.Well, be glad you waited because today well set up Uptime Kuma to do just that.Uptime ...", "content": "You’ve spun up lots of self-hosted services in your HomeLab but you haven’t set up monitoring and alerting yet.Well, be glad you waited because today well set up Uptime Kuma to do just that.Uptime Kuma is a self-hosted, open source, fancy uptime monitoring and alerting system.It can monitor HTTP, HTTP with keyword, TCP, Ping, and even DNS systems!https://github.com/louislam/uptime-kuma📺 Watch VideoDocker SetupSee this post on how to install docker and docker-composeRunning the containerIf you’re using Docker composemkdir uptime-kumacd uptime-kumatouch docker-compose.ymlnano docker-compose.yml # copy the contents from belowmkdir datalsdocker-compose up -d --force-recreatedocker-compose.yml---version: \"3.1\"services: uptime-kuma: image: louislam/uptime-kuma:1 container_name: uptime-kuma volumes: - /home/serveradmin/docker_volumes/uptime-kuma/data:/app/data ports: - 3001:3001 restart: unless-stopped security_opt: - no-new-privileges:trueIf you’re using Rancher, Portainer, Open Media Vault, Unraid, or anything else with a GUI, just copy and paste the environment variables, ports, and volumes from above into the form on the web page.Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Network UPS Tools (NUT) Ultimate Guide", "url": "/posts/NUT-server-guide/", "categories": "homelab", "tags": "homelab, nut, self-hosted, docker, ups, pdu, open-source", "date": "2021-09-25 10:00:00 -0500", "snippet": "Meet NUT Server, or Network UPS Tools.It’s an open UPS networking monitoring tool that runs on many different operating systems and processors.This means you can run the server on Linux, MacOS, or ...", "content": "Meet NUT Server, or Network UPS Tools.It’s an open UPS networking monitoring tool that runs on many different operating systems and processors.This means you can run the server on Linux, MacOS, or BSD and run the client on Windows, MacOS, Linux, and more.It’ perfect for your Pi, server, or desktop.It works with hundreds of UPS devices, PDUs, and many other power management systems.This is the ultimate guide to configuring Network UPS Tools (NUT).We cover everything from installing and configuring the server on as Raspberry Pi, configuring the client on Windows and Linux, configure a charting and graphing website to visualize NUT data, spin up an additional web site use Docker, and finally set up monitoring and alerting to automate shutdowns of your machine.https://networkupstools.orgAlso, note to self, don’t eat a salad before you record a video….📺 Watch VideoNUT UPS Serverplug in upslsusbshould see something likeBus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hubBus 001 Device 019: ID 09ae:2012 Tripp LiteBus 001 Device 002: ID 2109:3431 VIA Labs, Inc. HubBus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hubsudo apt updatesudo apt install nut nut-client nut-serversudo nut-scanner -Ushould see something liketripp lite[nutdev1] driver = \"usbhid-ups\" port = \"auto\" vendorid = \"09AE\" productid = \"2012\" product = \"Tripp Lite UPS\" vendor = \"Tripp Lite\" bus = \"001\"apc 1500[nutdev1] driver = \"usbhid-ups\" port = \"auto\" vendorid = \"051D\" productid = \"0002\" product = \"Back-UPS XS 1500M FW:947.d10 .D USB FW:d10\" serial = \"3xxxxxxxxxxx\" vendor = \"Tripp Lite\" bus = \"001\"apc 850[nutdev3] driver = \"usbhid-ups\" port = \"auto\" vendorid = \"051D\" productid = \"0002\" product = \"Back-UPS ES 850G2 FW:931.a10.D USB FW:a\" serial = \"3xxxxxxxxxxx\" vendor = \"American Power Conversion\" bus = \"001\"sudo nano /etc/nut/ups.confpollinterval = 1maxretry = 3[tripplite] driver = usbhid-ups port = auto desc = \"Tripp Lite 1500VA SmartUPS\" vendorid = 09ae productid = 2012[apc-network] driver = usbhid-ups port = auto desc = \"APC Back-UPS XS 1500\" vendorid = 051d productid = 0002 serial = 3xxxxxxxxx[apc-modem] driver = usbhid-ups port = auto desc = \"APC 850 VA\" vendorid = 051d productid = 0002 serial = 3xxxxxxxxxsudo nano /etc/nut/upsmon.confMONITOR tripplite@localhost 1 admin secret masterMONITOR apc-modem@localhost 1 admin secret masterMONITOR apc-network@localhost 1 admin secret mastersudo nano /etc/nut/upsd.confChange 127.0.0.1LISTEN 127.0.0.1 3493 to all interfaceLISTEN 0.0.0.0 3493 sudo nano /etc/nut/nut.confMODE=netserversudo nano /etc/nut/upsd.users[monuser] password = secret admin mastersudo nano /etc/udev/rules.d/99-nut-ups.rulesSUBSYSTEM!=\"usb\", GOTO=\"nut-usbups_rules_end\"# TrippLite# e.g. TrippLite SMART1500LCD - usbhid-upsACTION==\"add|change\", SUBSYSTEM==\"usb|usb_device\", SUBSYSTEMS==\"usb|usb_device\", ATTR{idVendor}==\"09ae\", ATTR{idProduct}==\"2012\", MODE=\"664\", GROUP=\"nut\", RUN+=\"/sbin/upsdrvctl stop; /sbin/upsdrvctl start\"LABEL=\"nut-usbups_rules_end\"reboot (because it’s easy)orsudo service nut-server restartsudo service nut-client restartsudo systemctl restart nut-monitorsudo upsdrvctl stopsudo upsdrvctl startAPC UPS 950 valist all usb deviceslsusbquery device by USB bus (replace with # from previous command)lsusb -D /dev/bus/usb/001/057You should see something likeDevice Descriptor: bLength 18 bDescriptorType 1 bcdUSB 2.00 bDeviceClass 0 bDeviceSubClass 0 bDeviceProtocol 0 bMaxPacketSize0 64 idVendor 0x051d American Power Conversion idProduct 0x0002 Uninterruptible Power Supply bcdDevice 0.90 iManufacturer 1 iProduct 2 iSerial 3 bNumConfigurations 1 Configuration Descriptor: bLength 9 bDescriptorType 2 wTotalLength 0x0022 bNumInterfaces 1 bConfigurationValue 1 iConfiguration 0 bmAttributes 0xe0 Self Powered Remote Wakeup MaxPower 2mA Interface Descriptor: bLength 9 bDescriptorType 4 bInterfaceNumber 0 bAlternateSetting 0 bNumEndpoints 1 bInterfaceClass 3 Human Interface Device bInterfaceSubClass 0 bInterfaceProtocol 0 iInterface 0 HID Device Descriptor: bLength 9 bDescriptorType 33 bcdHID 1.00 bCountryCode 33 US bNumDescriptors 1 bDescriptorType 34 Report wDescriptorLength 1049 Report Descriptors: ** UNAVAILABLE ** Endpoint Descriptor: bLength 7 bDescriptorType 5 bEndpointAddress 0x81 EP 1 IN bmAttributes 3 Transfer Type Interrupt Synch Type None Usage Type Data wMaxPacketSize 0x0008 1x 8 bytes bInterval 100NUT CGI Serversudo apt install apache2 nut-cgisudo nano /etc/nut/hosts.confMONITOR tripplite@localhost \"Tripp Lite 1500VA SmartUPS - Rack\"MONITOR apc-modem@localhost \"APC 850 VA - Wall\"MONITOR apc-network@localhost \"APC Back-UPS XS 1500 - Rack\"sudo a2enmod cgisudo systemctl restart apache2sudo nano /etc/nut/upsset.confI_HAVE_SECURED_MY_CGI_DIRECTORYvisithttp://your.ip.adddress/cgi-bin/nut/upsstats.cgiWebnut Docker Containermkdir webnutcd webnutnano docker-compose.ymlpaste contents and saveversion: \"3.1\"services: nut: image: teknologist/webnut container_name: webnut environment: - UPS_HOST=ip.address.of.nut.server - UPS_PORT=3493 - UPS_USER=admin - UPS_PASSWORD=secret restart: unless-stopped security_opt: - no-new-privileges:true networks: - proxy ports: - 6543:6543networks: proxy: external: truedocker-compose up -d --force-recreateLinux NUT Client (remote)sudo apt install nut-clientthen runupscto verifyverify you can connectupsc tripplite@ip.address.of.serversudo nano /etc/nut/upsmon.confRUN_AS_USER rootMONITOR apc-modem@ip.address.of.nut.server 1 admin secret slaveMINSUPPLIES 1SHUTDOWNCMD \"/sbin/shutdown -h\"NOTIFYCMD /usr/sbin/upsschedPOLLFREQ 2POLLFREQALERT 1HOSTSYNC 15DEADTIME 15POWERDOWNFLAG /etc/killpowerNOTIFYMSG ONLINE \"UPS %s on line power\"NOTIFYMSG ONBATT \"UPS %s on battery\"NOTIFYMSG LOWBATT \"UPS %s battery is low\"NOTIFYMSG FSD \"UPS %s: forced shutdown in progress\"NOTIFYMSG COMMOK \"Communications with UPS %s established\"NOTIFYMSG COMMBAD \"Communications with UPS %s lost\"NOTIFYMSG SHUTDOWN \"Auto logout and shutdown proceeding\"NOTIFYMSG REPLBATT \"UPS %s battery needs to be replaced\"NOTIFYMSG NOCOMM \"UPS %s is unavailable\"NOTIFYMSG NOPARENT \"upsmon parent process died - shutdown impossible\"NOTIFYFLAG ONLINE SYSLOG+WALL+EXECNOTIFYFLAG ONBATT SYSLOG+WALL+EXECNOTIFYFLAG LOWBATT SYSLOG+WALLNOTIFYFLAG FSD SYSLOG+WALL+EXECNOTIFYFLAG COMMOK SYSLOG+WALL+EXECNOTIFYFLAG COMMBAD SYSLOG+WALL+EXECNOTIFYFLAG SHUTDOWN SYSLOG+WALL+EXECNOTIFYFLAG REPLBATT SYSLOG+WALLNOTIFYFLAG NOCOMM SYSLOG+WALL+EXECNOTIFYFLAG NOPARENT SYSLOG+WALLRBWARNTIME 43200NOCOMMWARNTIME 600FINALDELAY 5set net clientsudo nano /etc/nut/nut.confMODE=netclientrestart servicesudo systemctl restart nut-clientcheck statussudo systemctl status nut-clientWindows NUT Clienthttps://github.com/gawindx/WinNUT-Client/releasesscheduling on the remote systemsudo nano /etc/nut/upssched.confCMDSCRIPT /etc/nut/upssched-cmdPIPEFN /etc/nut/upssched.pipeLOCKFN /etc/nut/upssched.lockAT ONBATT * START-TIMER onbatt 30AT ONLINE * CANCEL-TIMER onbatt onlineAT ONBATT * START-TIMER earlyshutdown 30AT LOWBATT * EXECUTE onbattAT COMMBAD * START-TIMER commbad 30AT COMMOK * CANCEL-TIMER commbad commokAT NOCOMM * EXECUTE commbadAT SHUTDOWN * EXECUTE powerdownAT SHUTDOWN * EXECUTE powerdownsudo nano /etc/nut/upssched-cmd`````bash#!/bin/sh case $1 in onbatt) logger -t upssched-cmd \"UPS running on battery\" ;; earlyshutdown) logger -t upssched-cmd \"UPS on battery too long, early shutdown\" /usr/sbin/upsmon -c fsd ;; shutdowncritical) logger -t upssched-cmd \"UPS on battery critical, forced shutdown\" /usr/sbin/upsmon -c fsd ;; upsgone) logger -t upssched-cmd \"UPS has been gone too long, can't reach\" ;; *) logger -t upssched-cmd \"Unrecognized command: $1\" ;; esacmake it executable (should already be)chmod +x /etc/nut/upssched-cmdBe sure PIPEFN and LOCKFN point to a folder that esists, I’ve seen it point to /etc/nut/upssched/ instead of /etc/nut If it does, create the folder or update these variables.mkdir /etc/nut/upssched/testsystemctl restart nut-clientthen pull the plug on the ups connected to the master, check syslogstail /var/log/syslogshould see the logsmachine should shutdownLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Meet File Browser, a Small but Mighty Web File Browser", "url": "/posts/meet-file-browser/", "categories": "self-hosted", "tags": "homelab, portainer, self-hosted, docker, rancher, file-browser", "date": "2021-09-04 10:00:00 -0500", "snippet": "Meet File Browser, an open source, self-hosted alternative to services like Dropbox and other web based file browsers.Today we’ll configure a containerized version of File Browser and have you up a...", "content": "Meet File Browser, an open source, self-hosted alternative to services like Dropbox and other web based file browsers.Today we’ll configure a containerized version of File Browser and have you up and going in just a few minutes.We’ll also walk through creating, editing, moving, copying, and even sharing files and folders so that you get a better understanding about what File Browser is all about.📺 Watch VideoDocker SetupSee this post on how to install docker and docker-composeRunning the containerIf you’re using Docker composemkdir filebrowsercd filebrowsertouch docker-compose.ymlnano docker-compose.yml # copy the contents from belowtouch filebrowser.dbdocker-compose up -d --force-recreatedocker-compose.yml---version: '3'services: file-browser: image: filebrowser/filebrowser container_name: file-browser user: 1000:1000 ports: - 8081:80 volumes: - /home/serveradmin/:/srv - /home/serveradmin/filebrowser/filebrowser.db:/database.db restart: unless-stopped security_opt: - no-new-privileges:trueIf you’re using Rancher, Portainer, Open Media Vault, Unraid, or anything else with a GUI, just copy and paste the environment variables above into the form on the web page.Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "How to Install Docker and Docker Compose Ubuntu", "url": "/posts/docker-compose-install/", "categories": "docker", "tags": "homelab, docker, docker-compose", "date": "2021-08-14 11:00:00 -0500", "snippet": "This guide will walk you through how to Install Docker Engine, containerd, and Docker Compose on Ubuntu.If you have an existing version of Docker install, it is best to remove it first.See the Clea...", "content": "This guide will walk you through how to Install Docker Engine, containerd, and Docker Compose on Ubuntu.If you have an existing version of Docker install, it is best to remove it first.See the Cleaning UpIf you’re installing this on Debian, see Docker’s Debian Install GuideInstallSet up Docker’s apt repository.# Add Docker's official GPG key:sudo apt-get updatesudo apt-get install ca-certificates curl gnupgsudo install -m 0755 -d /etc/apt/keyringscurl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpgsudo chmod a+r /etc/apt/keyrings/docker.gpg# Add the repository to Apt sources:echo \\ \"deb [arch=\"$(dpkg --print-architecture)\" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \\ \"$(. /etc/os-release && echo \"$VERSION_CODENAME\")\" stable\" | \\ sudo tee /etc/apt/sources.list.d/docker.list > /dev/nullsudo apt-get update If you use an Ubuntu derivative distro, such as Linux Mint, you may need to use UBUNTU_CODENAME instead of VERSION_CODENAME.Install the latest versionsudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-pluginCheck Installed versiondocker -vCheck docker composedocker composeCheck runtime sudo docker run hello-worldUse Docker without sudosudo usermod -aG docker $USERYou’ll need to log out then back in to apply thisCleaning UpIf you need to uninstall Docker, run the followingsudo apt-get purge docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin docker-ce-rootless-extrasLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Self-Hosted, DIY, Open Source Alternative to Linktree", "url": "/posts/open-source-linktree-alt/", "categories": "self-hosted", "tags": "homelab, pi-hole, dns, littlelink-server, portainer, self-hosted, docker, rancher", "date": "2021-08-14 11:00:00 -0500", "snippet": "Meet LittleLink & LittleLink-Server - a DIY, self hosted, and open source alternative to the popular service Linktree.This web site inside of a container allows you to create and host your own...", "content": "Meet LittleLink & LittleLink-Server - a DIY, self hosted, and open source alternative to the popular service Linktree.This web site inside of a container allows you to create and host your own web site with all of your social information and links, giving your followers multiple ways to connect with you! In this video we talk about what LittleLink-Server is, what it does, and how to create your own site using this Docker container with only a few environment variables, no knowledge of web development required.Be sure to check the documentation for details!📺 Watch VideoDocker SetupSee this post on how to install docker and docker-composeRunning the containermkdir littlelink-servercd littlelink-servertouch docker-compose.ymlIf you’re using Docker compose (see the GitHub repo for the latest file)docker-compose.yml---version: '3'services: little-link: image: ghcr.io/techno-tim/littlelink-server:latest container_name: littlelink-server environment: - META_TITLE=Techno Tim - META_DESCRIPTION=Techno Tim Link page - META_AUTHOR=Techno Tim - THEME=Dark - FAVICON_URL=https://pbs.twimg.com/profile_images/1286144221217316864/qIAsKOpB_200x200.jpg - AVATAR_URL=https://pbs.twimg.com/profile_images/1286144221217316864/qIAsKOpB_200x200.jpg - AVATAR_2X_URL=https://pbs.twimg.com/profile_images/1286144221217316864/qIAsKOpB_400x400.jpg - AVATAR_ALT=Techno Tim Profile Pic - NAME=TechnoTim - BIO=Hey! Just a place where you can connect with me! - GITHUB=https://l.technotim.live/github - TWITTER=https://l.technotim.live/twitter - INSTAGRAM=https://l.technotim.live/instagram - YOUTUBE=https://l.technotim.live/subscribe - TWITCH=https://l.technotim.live/twitch/ - DISCORD=https://l.technotim.live/discord - TIKTOK=https://l.technotim.live/tiktok - KIT=https://l.technotim.live/gear # - FACEBOOK=https://facebook.com # - FACEBOOK_MESSENGER=https://facebook.com # - LINKED_IN=https://linkedin.com # - PRODUCT_HUNT=https://www.producthunt.com/ # - SNAPCHAT=https://www.snapchat.com/ # - SPOTIFY=https://www.spotify.com/ # - REDDIT=https://www.reddit.com/ # - MEDIUM=https://medium.com # - PINTEREST=https://www.pinterest.com/ # - EMAIL=you@example.com # - EMAIL_ALT=you@example.com # - SOUND_CLOUD=https://souncloud.com # - FIGMA=https://figma.com # - TELEGRAM=https://telegram.org/ # - TUMBLR=https://www.tumblr.com/ # - STEAM=https://steamcommunity.com/ # - VIMEO=https://vimeo.com/ # - WORDPRESS=https://wordpress.com/ # - GOODREADS=https://www.goodreads.com/ # - SKOOB=https://www.skoob.com.br/ - FOOTER=Thanks for stopping by! ports: - 8080:3000 restart: unless-stopped security_opt: - no-new-privileges:trueIf you’re running docker onlyDocker commanddocker run -d \\ --name=littlelink-server \\ -p 8080:3000 \\ -e META_TITLE='Techno Tim' \\ -e META_DESCRIPTION='Techno Tim Link page' \\ -e META_AUTHOR='Techno Tim' \\ -e THEME='Dark' \\ -e FAVICON_URL='https://pbs.twimg.com/profile_images/1286144221217316864/qIAsKOpB_200x200.jpg' \\ -e AVATAR_URL='https://pbs.twimg.com/profile_images/1286144221217316864/qIAsKOpB_200x200.jpg' \\ -e AVATAR_2X_URL='https://pbs.twimg.com/profile_images/1286144221217316864/qIAsKOpB_400x400.jpg' \\ -e AVATAR_ALT='Techno Tim Profile Pic' \\ -e NAME='TechnoTim' \\ -e BIO='Hey! Just a place where you can connect with me!' \\ -e GITHUB='https://l.technotim.live/github' \\ -e TWITTER='https://l.technotim.live/twitter' \\ -e INSTAGRAM='https://l.technotim.live/instagram' \\ -e YOUTUBE='https://l.technotim.live/subscribe' \\ -e TWITCH='https://l.technotim.live/twitch' \\ -e DISCORD='https://l.technotim.live/discord' \\ -e TIKTOK='https://l.technotim.live/tiktok' \\ -e KIT='https://l.technotim.live/gear' \\ --restart unless-stopped \\ ghcr.io/techno-tim/littlelink-server:latestIf you’re using Rancher, Portainer, Open Media Vault, Unraid, or anything else with a GUI, just copy and paste the environment variables above into the form on the web page.Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "All the Secrets to Creating My Tech YouTube Channel", "url": "/posts/how-i-create-my-content/", "categories": "vlog", "tags": "homelab, office, youtube, content-creation, adobe, hardware", "date": "2021-07-31 15:00:00 -0500", "snippet": "People have asked how I’ve been able to create and grow a Tech YouTube channel and what my process is when planning, filming, editing, and producing content.Today we talk about just that.All my sec...", "content": "People have asked how I’ve been able to create and grow a Tech YouTube channel and what my process is when planning, filming, editing, and producing content.Today we talk about just that.All my secrets unveiled as we celebrate 50,000 subscribers in this behind the scenes look.Thank you so much!📺 Watch VideoSee all the hardware I recommend at https://l.technotim.live/gearDon’t forget to check out the 🚀Launchpad repo with all of the quick start source files." }, { "title": "Before you upgrade to Proxmox 7, please consider this...", "url": "/posts/proxmox-7/", "categories": "proxmox", "tags": "homelab, proxmox", "date": "2021-07-10 14:00:00 -0500", "snippet": "As you may know, proxmox is my current choice for a hypervisor. Proxmox 7 is here and comes with a host of new features! In this video we’re cover all of the new features in Proxmox 7 as well as h...", "content": "As you may know, proxmox is my current choice for a hypervisor. Proxmox 7 is here and comes with a host of new features! In this video we’re cover all of the new features in Proxmox 7 as well as how to upgrade your Proxmox server safely. We’ll also cover all of the “scary” prompts you get while upgrading as well as some of the ways to make sure your upgrade is successful. So, if you’re thinking about upgrading your HomeLab to Proxmox 7, be sure to check this video out first.If you’re looking to upgrade to Proxmox 8, see this post📺 Watch VideoCommandsCheck your upgrade statuspve6to7 --fullFirst, make sure we have the latest packagesapt updateapt dist-upgradeUpdate all Debian repositories to Bullseyesed -i 's/buster\\/updates/bullseye-security/g;s/buster/bullseye/g' /etc/apt/sources.listWe’ll also need to make sure we comment out any Proxmox ve 6.0 repositories.nano /etc/apt/sources.listnano /etc/apt/sources.list.d/pve-enterprise.listAdd Proxmox VE & package Repoecho \"deb https://enterprise.proxmox.com/debian/pve bullseye pve-enterprise\" > /etc/apt/sources.list.d/pve-enterprise.listIf you’re using the non-subscription repository (like me) also runsed -i -e 's/buster/bullseye/g' /etc/apt/sources.list.d/pve-install-repo.list If you’re running Ceph, you’ll need to runecho \"deb http://download.proxmox.com/debian/ceph-octopus bullseye main\" > /etc/apt/sources.list.d/ceph.listDo the upgradeapt updateapt dist-upgradenetwork changesIf you’re running LACP / LAGG I found that you need to make some additional changes to your network config.See the comments in the config/etc/network/interfacesauto loiface lo inet loopback#auto eno1 <--- I had to comment this outiface eno1 inet manual#auto eno2 <--- I had to comment this outiface eno2 inet manualauto bond0iface bond0 inet manual bond-slaves eno1 eno2 bond-miimon 100 bond-mode 802.3ad bond-xmit-hash-policy layer2+3auto vmbr0iface vmbr0 inet static address 192.168.0.11/24 gateway 192.168.0.1 bridge-ports bond0 bridge-stp off bridge-fd 0 bridge-vlan-aware yes bridge-vids 2-4094Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Linux desktop, inside of a container, inside of a browser??? Yes. A Webtop.", "url": "/posts/webtop-container/", "categories": "self-hosted", "tags": "homelab, traefik, portainer, docker, self-hosted, ubuntu, webtop", "date": "2021-06-20 09:00:00 -0500", "snippet": "Have you ever thought about running a Linux desktop inside of a container? Me neither until I found this awesome project from LinuxServer called Webtops.A webtop is a technology stack that allows ...", "content": "Have you ever thought about running a Linux desktop inside of a container? Me neither until I found this awesome project from LinuxServer called Webtops.A webtop is a technology stack that allows you to run Ubuntu or Alpine Linux within a container that is fully accessible from a browser.This allows you to use most Linux features with a container with a fraction of the cost of resources.Join me as we configure one from beginning to end.📺 Watch VideoDocker SetupSee this post on how to install docker and docker-composeWebtopdocker-compose.yml and .env can be found hereFiles and foldersmkdir webtopcd webtopmkdir configcd ..nano docker-compose.ymlCreate Webtop containerdocker-compose up -dLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "2 Factor Auth and Single Sign on with Authelia", "url": "/posts/authelia-traefik/", "categories": "traefik", "tags": "authelia, homelab, traefik, portainer, ssl, docker, self-hosted", "date": "2021-06-05 09:00:00 -0500", "snippet": "Authelia is an open source Single Sign On and 2FA companion for reverse proxies.It helps you secure your endpoints with single factor and 2 factor auth.It works with Nginx, Traefik, and HA proxy.To...", "content": "Authelia is an open source Single Sign On and 2FA companion for reverse proxies.It helps you secure your endpoints with single factor and 2 factor auth.It works with Nginx, Traefik, and HA proxy.Today, we’ll configure Authelia with Portainer and Traefik and have 2 Factor up and running with brute force protection!📺 Watch VideoTraefikAuthelia will work with other reverse proxies but I used Traefik.If you want to configure Traefik as your reverse proxy see this guide.Docker SetupSee this post on how to install docker and docker-composeAutheliaconfiguration.yml, users_database.yml, and docker-compose.yml can be found hereExample heimdall can be found here hereTraefik configuration changes can be found hereGeneration a hashed password$ docker run authelia/authelia:latest authelia hash-password 'yourpassword'Password hash: $argon2id$v=19$m=65536$3oc26byQuSkQqksq$zM1QiTvVPrMfV6BVLs2t4gM+af5IN7euO0VB6+Q8ZFsFiles and foldersmkdir autheliacd autheliamkdir configcd confignano configuration.ymlnano users_database.ymlcd ..nano docker-compose.ymlCreate Authelia containerdocker-compose up -dLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Is adding 3 MILLION domains to your Pi-Hole Block List a good thing?", "url": "/posts/pi-hole-blocklists/", "categories": "homelab", "tags": "homelab, pi-hole, dns, self-hosted", "date": "2021-05-08 09:00:00 -0500", "snippet": "In some of my previous Pi-Hole videos many of you spotted my blocklist with over a millions sites added and you wondered how you can do the same.Well, today I show you how to block more ads, block ...", "content": "In some of my previous Pi-Hole videos many of you spotted my blocklist with over a millions sites added and you wondered how you can do the same.Well, today I show you how to block more ads, block more tracking, block more malware, and block more telemetry with these community lists.Bonus (and spoiler alert) I show you how to add 3.5 million!Thanks to Firebog for the great lists firebog.net📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Put Wildcard Certificates and SSL on EVERYTHING", "url": "/posts/traefik-portainer-ssl/", "categories": "traefik", "tags": "homelab, pi-hole, dns, traefik, portainer, ssl, self-hosted, docker", "date": "2021-04-24 09:00:00 -0500", "snippet": "Today, we’re going to use SSL for everything.No more self-sign certs.No more http.No more hosting things on odd ports.We’re going all in with SSL for our internal services and our external services...", "content": "Today, we’re going to use SSL for everything.No more self-sign certs.No more http.No more hosting things on odd ports.We’re going all in with SSL for our internal services and our external services too.We going to set up a reverse proxy using Traefik, Portainer, and use that to get wildcard certificates from Let’s Encrypt. Join me and let’s secure all the things.📺 Watch Video Looking for the Traefik 3.0 guide? Check out traefik 3 on Docker Looking to do this same thing in Kubernetes? Check out traefik + cert-manager on KubernetesDocker SetupSee this post on how to install docker and docker-composeTraefikmkdir traefikcd traefikmkdir datacd datatouch acme.jsonchmod 600 acme.jsontouch traefik.ymltraefik.yml can be found herecreate docker networkdocker network create proxytouch docker-compose.ymldocker-compose.yml can be found herecd datatouch config.ymldocker-compose up -dPortainermkdir portainercd portainertouch docker-compose.ymlmkdir datadocker-compose.yml can be found hereGenerate Basic Auth Passwordsudo apt updatesudo apt install apache2-utilsecho $(htpasswd -nb \"<USER>\" \"<PASSWORD>\") | sed -e s/\\\\$/\\\\$\\\\$/gNOTE: Replace <USER> with your username and <PASSWORD> with your password to be hashed. If you’re having an issue with your password, it might not be escaped properly and you can use the following command to prompt for your passwordecho $(htpasswd -nB USER) | sed -e s/\\\\$/\\\\$\\\\$/gPaste the output in your docker-compose.yml in line (traefik.http.middlewares.traefik-auth.basicauth.users=<USER>:<HASHED-PASSWORD>)Spin up the containerdocker-compose up -dTraefik Routes Configcd traefik/datanano config.ymlconfig.yml heredocker-compose up -d --force-recreateYour folder structure should look like the below, if you are following along with the example.But feel free to make it however you wish just keep in mind you’ll need to change the location in the corresponding files../traefik├── data│   ├── acme.json│   ├── config.yml│   └── traefik.yml└── docker-compose.ymlLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Using Pi-Hole for Local DNS - Fast, Simple, and Easy Guide", "url": "/posts/pi-hole-dns/", "categories": "homelab", "tags": "homelab, pi-hole, dns, self-hosted", "date": "2021-04-17 09:00:00 -0500", "snippet": "Pi-Hole is a wonderful ad blocking DNS sever for your network, but did you know you can also use it for a Local DNS server? In this fast, simple, and easy guide we’ll walk through how to create DNS...", "content": "Pi-Hole is a wonderful ad blocking DNS sever for your network, but did you know you can also use it for a Local DNS server? In this fast, simple, and easy guide we’ll walk through how to create DNS Entries (A Records) for the clients on your network and also set up Aliases (pointers to A Records) so that you can start using DNS at home instead of relying on IP addresses.📺 Watch Videocommandsnslookup juno.home.lan # lookup by host namehost 192.168.0.100 # reverse lookupLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Monitoring Your Kubernetes Cluster with Grafana, Prometheus, and Alertmanager", "url": "/posts/rancher-monitoring/", "categories": "kubernetes, rancher", "tags": "k3s, rancher, kubernetes, grafana, prometheus, homelab", "date": "2021-04-10 09:00:00 -0500", "snippet": "Today in this step by step guide, we’ll set up Grafana, Prometheus, and Alertmanager to monitor your Kubernetes cluster.This can be set up really quickly using helm or the Rancher UI.We’ll install ...", "content": "Today in this step by step guide, we’ll set up Grafana, Prometheus, and Alertmanager to monitor your Kubernetes cluster.This can be set up really quickly using helm or the Rancher UI.We’ll install and configure, set up some dashboards, and even set up some alerts using Slack.All this and more in this simple to follow, easy tutorial.Setting up Grafana and Prometheus has never been so easy.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Configuring Traefik 2 Ingress for Kubernetes", "url": "/posts/k3s-traefik-rancher/", "categories": "kubernetes, rancher", "tags": "homelab, rancher, kubernetes, k3s, traefik", "date": "2021-04-08 09:00:00 -0500", "snippet": "This guide is for installing traefik 2 on k3s.If you’re not using rancher, that’s fine, just skip to Reconfiguring k3s Note: There is an updated tutorial on installing traefik + cert-manager on Ku...", "content": "This guide is for installing traefik 2 on k3s.If you’re not using rancher, that’s fine, just skip to Reconfiguring k3s Note: There is an updated tutorial on installing traefik + cert-manager on Kubernetes here. However, if you want to store your certificates on disk, this tutorial here is perfectly fine.It assumes you have followed: Fully Automated K3S etcd High Availability Install (or) HIGH AVAILABILITY k3s (Kubernetes) in minutes! (if you need rancher) High Availability Rancher on a Kubernetes ClusterThere is a little bit of “undoing” we’ll have to do since k3s ships with traefik and Rancher doesn’t play well with service load balancer. So, we’ll pick up after instaling these two.Reconfigure RancherMake note of your version of RancherRemove Rancherhelm uninstall rancherInstall Rancher(replace with version above)helm install rancher rancher-stable/rancher \\ --namespace cattle-system \\ --set hostname=rancher.example.com \\ --version 2.5.6Reconfiguring k3sGet the version of k3s that’s currently runningk3s --versionexport INSTALL_K3S_VERSION=v1.20.5+k3s1Run the same command you ran initially to install k3s on your servers but add --disable traefik --disable servicelb and be sure to set your version.example (be sure you are using the right version)export INSTALL_K3S_VERSION=v1.20.5+k3s1curl -sfL https://get.k3s.io | sh -s - server --node-taint CriticalAddonsOnly=true:NoExecute --tls-san your.load.balancer.ip --write-kubeconfig-mode 644 --disable traefik --disable servicelbThis should reconfigure your servers.Just run it on all server nodes, not agent nodes.Install Metal LBMetal LB installationYou can follow Self-Hosting Your Homelab Services with SSL to get the idea of Metal LB. It’s recommended to: Install with helm Use Layer2 configuration if you follow this seriesExposing Rancher directly to your Metal LBIt’s a good idea to do this until traefik is configured otherwise you won’t have access to the Rancher UIkubectl expose deployment rancher -n cattle-system --type=LoadBalancer --name=rancher-lb --port=443Then, you can access Rancher UI after getting external-IPkubectl get service/rancher-lb -n cattle-systemInstall Traefik 2You can can choose between creating Ingress in Rancher or IngresRoute with traefikIf you choose IngressRoute see IngressRoute otherwise continue on. You must have a persistent volume set up already for acme.json certificate This uses cloudflare, check providers if you want to switch This will get wildcard certs This is pointed at staging, if you want production be sure comment staging the line (and delete your staging certs)We will be installing this into the kube-system namespace, which already exists. If you are going to use anther namespace you will need change it everywhere.(Optional) Make sure that persistent volume claim is availableThe dynamic configuration for Traefik is stored in a persistent volume. If you want to persist the certificate, it’s better to create one now to claim later.To create a persistent volume, it’s better to check out Cloud Native Distributed Storage in Kubernetes with Longhorn.If not, just create one from Rancher UI > Clusters (Choose your cluster) > Storage > Persistent Volume > Add volumeAdd traefik helm repo and updatehelm repo add traefik https://helm.traefik.io/traefikhelm repo updateEdit & apply ConfigMap Create traefik-config.yaml with the contents of /config/traefik-config.yaml from /config This holds our cloudflare secrets along with a configmap Update this file with your values Re-check if you have a persistent volume ready to claim Apply the configkubectl apply -f traefik-config.yamlEdit & install Traefik helm chart Create traefik-chart-values.yaml with the contents of /config/traefik-chart-values.yaml from /config Update loadBalancerIP in traefik-chart-values.yaml with your Metal LB IPBefore running this, be sure you only have one default storage class set.If you are using Rancher it is Cluster > Storage > Storage Classes. Make sure only one is default. Install Traefik with chart valueshelm install traefik traefik/traefik --namespace=kube-system --values=traefik-chart-values.yamlMore configuration value can be add from this default-value.yaml from Traefik github.If all went well, you should now have traefik 2 installed and configured.Check for container logsTo check if the Traefik instance is running correctly, see the logs:kubectl -n kube-system logs $(kubectl -n kube-system get pods --selector \"app.kubernetes.io/name=traefik\" --output=name)It should be level=info msg=\"Configuration loaded from flags.\"Traefik DashboardTo see all router to Traefik, we can install and expose Traefik Dashboard.First you will need htpassword to generate a password for your dashboard.sudo apt-get updatesudo apt-get install apache2-utilsYou can then generate one using this, be sure to swap your username and password.htpasswd -nb techno password | openssl base64It should output:dGVjaG5vOiRhcHIxJFRnVVJ0N2E1JFpoTFFGeDRLMk8uYVNaVWNueG41eTAKCg==Save this in a secure place, it will be the password you use to access the traefik dashboard.Copy traefik-dashboard-secret.yaml locally and update it with your credentials.Copy traefik-dashboard-ingressroute.yaml and update it with your hostname, then apply:kubectl apply -f traefik-dashboard-secret.yamlkubectl apply -f traefik-dashboard-ingressroute.yamlThis should create: A secret in Kubernetes cluster name traefik-dashboard-auth A middleware for Traefik name traefik-dashboard-basicauth An ingress route for Traefik name dashboardCheck out the Traefik Dashboard with the URL you specify earlier.Exposing a service with traefik and Rancher IngressIn Rancher go to Load Balancing create ingress choose a host name (service.example.com) choose a target (your workload) set the port to the exposed port within the container go to labels and annotations and add kubernetes.io/ingress.class = traefik-external note, traefik-external comes from --providers.kubernetesingress.ingressclass=traefik-external in traefik-chart-values.yml.If you used something else, you will need to set your label properly. when you visit your website (https://service.example.com) you should now see a certificate issues.If it’s a staging cert, see the note about switching to production in traefik-chart-values.yaml.After changing, you will need to delete your certs in storage and reapply that filekubectl delete -n kube-system persistentvolumeclaims acme-json-certskubectl apply -f traefik-config.yamlExposing a service with traefik IngressRoutecopy the contents of config-ingress-route/kubernetes to your local machinethen runkubectl apply -f kubernetesThis will create the deployment, service, and ingress.Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Everything you need to know about the NEW Rancher UI", "url": "/posts/rancher-new-ui/", "categories": "kubernetes, rancher", "tags": "k3s, rancher, kubernetes, homelab", "date": "2021-04-03 09:00:00 -0500", "snippet": "Today we’re going to talk about the new Cluster Explorer in Rancher.The Cluster Explorer is the new fancy user interface that will replace the old Cluster Manager.The new UI contains lots of new ar...", "content": "Today we’re going to talk about the new Cluster Explorer in Rancher.The Cluster Explorer is the new fancy user interface that will replace the old Cluster Manager.The new UI contains lots of new areas to explore, from new dashboards to new workload and deployment views, to service discovery, to storage to RBAC, and more.If you’ve been hesitant to use the new UI, no need to worry, we all have.But hopefully after this you’ll switch over like I have done too!📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Multi-CPU Architecture Kubernetes Cluster with a Raspberry Pi", "url": "/posts/multi-arch-k3s-rpi/", "categories": "kubernetes, k3s", "tags": "raspberry-pi, k3s, kubernetes, homelab, hardware", "date": "2021-03-14 09:00:00 -0500", "snippet": "Building a Multi-architecture CPU Kubernetes cluster is easier than you think with k3s.In this video we’ll build a Raspberry Pi 4 with an ARM CPU and add it to our existing x86 x64 amd64 CPU Kubern...", "content": "Building a Multi-architecture CPU Kubernetes cluster is easier than you think with k3s.In this video we’ll build a Raspberry Pi 4 with an ARM CPU and add it to our existing x86 x64 amd64 CPU Kubernetes cluster.Our foundation will be Ubuntu for ARM, then we’ll add k3s, and then join it to our cluster.We’ll also discuss how this works with Docker images built for specific CPU types.We’ll also talk about some build configurations and requirements for your Pi.Happy Pi Day!📺 Watch Videok3s --versionget k3s token from a serversudo cat /var/lib/rancher/k3s/server/node-tokenset k3s version (the value you got from k3s --version) export INSTALL_K3S_VERSION=v1.20.5+k3s1install k3s as an agent using your token from abovecurl -sfL https://get.k3s.io | K3S_URL=https://example.local.com:6443 K3S_TOKEN=hksadhahdklahkadjhasjdhasdhasjk::server:asljkdklasjdaskdljaskjdlasj sh -check all k3s nodes from your workstationkubectl get nodesget all pods running on a specific node (elio)kubectl get pods --all-namespaces -o wide --field-selector spec.nodeName=elioset a label on a node (elio)kubectl label nodes elio cputype=armdescribe a node (elio)kubectl describe node elioExample pod specnginx-pod.ymlapiVersion: v1kind: Podmetadata: name: nginxspec: containers: - name: nginx image: nginx imagePullPolicy: IfNotPresent nodeSelector: cputype: arm64Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Rancher vs. Portainer - Which one should I choose?", "url": "/posts/rancher-vs-portainer/", "categories": "homelab", "tags": "homelab, rancher, portainer", "date": "2021-03-08 08:00:00 -0600", "snippet": "Rancher vs. Portainer, which one is better” Which one should I choose? Can Portainer manager Kubernetes? Can Rancher manage Kubernetes? We answer all these questions and more in this quick, no f...", "content": "Rancher vs. Portainer, which one is better” Which one should I choose? Can Portainer manager Kubernetes? Can Rancher manage Kubernetes? We answer all these questions and more in this quick, no fluff video. Side note, this is one of the most asked questions in my live streams.Please share this with anyone who asks what a Home Lab is.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Windows Terminal and WSL Config Fast, Simple, and Easy Guide", "url": "/posts/windows-terminal-wsl/", "categories": "homelab", "tags": "homelab, wsl, terminal, zsh, windows, linux", "date": "2021-02-23 08:00:00 -0600", "snippet": "Lots of people ask which terminal I use on Windows and how I configure it.It’s pretty simple, I use the Microsoft Windows Terminal and it’s a fantastic terminal on Windows.It is free and open sourc...", "content": "Lots of people ask which terminal I use on Windows and how I configure it.It’s pretty simple, I use the Microsoft Windows Terminal and it’s a fantastic terminal on Windows.It is free and open source.With Windows Terminal, you can install and configure different environments for Windows and Linux.You can choose between Ubuntu or any other WSL 1 or WSL 2 (Windows Subsystem for Linux) environment along with the typical PowerShell and cmd.In this fast, simple, and easy tutorial we’ll set up the Windows Terminal, install WSL, then install Ubuntu, and configure Ubuntu with ZSH (zshell) and oh my zsh (0h-my-zsh).Then, you’ll know exactly how I configure my Terminal on Windows.Bonus Now all your copy pasta commands will work on Windows, macOS, and Linux!📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "What is a HomeLab and How Do I Get Started?", "url": "/posts/we-are-homelab/", "categories": "homelab", "tags": "homelab, hardware, software", "date": "2021-02-21 08:00:00 -0600", "snippet": "What is a Home Lab and how do you get started? It’s easy. You can get started today in a few different ways. You can virtualize your entire home lab or build it on an old PC, a Raspberry Pi, or ...", "content": "What is a Home Lab and how do you get started? It’s easy. You can get started today in a few different ways. You can virtualize your entire home lab or build it on an old PC, a Raspberry Pi, or even some enterprise servers. The choice is really up to you. You’ll need to first establish some goals for your homelab to determine capacity for your workloads. After that, the rest is up to you. You can take it as far as you want to go, and remember each home lab is almost as unique as the individual who builds it!Please share this with anyone who asks what a Home Lab is.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "How to Update Portainer Fast, Simple, and Easy Guide", "url": "/posts/portainer-update/", "categories": "portainer", "tags": "portainer, kubernetes, homelab, docker", "date": "2021-02-19 08:00:00 -0600", "snippet": "Updating Portainer is easy, if you know how.In this quick no fluff video, I will show you how to update any version of Portainer.This guide can be used for installing it too.Portainer is a containe...", "content": "Updating Portainer is easy, if you know how.In this quick no fluff video, I will show you how to update any version of Portainer.This guide can be used for installing it too.Portainer is a container management system for Docker, Kubernetes, Swarm, and Azure ACI. Portainer is free and open source.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Containerizing HandBrake with Docker and Kubernetes", "url": "/posts/handbrake-docker-k8s/", "categories": "self-hosted", "tags": "rancher, kubernetes, handbrake, docker, homelab, self-hosted", "date": "2021-02-16 08:00:00 -0600", "snippet": "Handbrake is a fantastic open source transcoder.It allows you to transcode, or convert, your video files into different formats. It has a nice UI that’s easy to use and helps you transcode videos v...", "content": "Handbrake is a fantastic open source transcoder.It allows you to transcode, or convert, your video files into different formats. It has a nice UI that’s easy to use and helps you transcode videos very easily. It supports profiles that are optimized for your target devices. And because this is open source and cross compiled, you can run this on Windows, macOS, or Linux…but did you also know you can self host a containerized version of this with Docker and Kubernetes?📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "How to Create a Multiboot USB with Ventoy Fast, Simple, and Easy Guide", "url": "/posts/ventoy-tutorial/", "categories": "homelab", "tags": "windows, linux, homelab, ubuntu, ventoy, hardware", "date": "2021-02-12 08:00:00 -0600", "snippet": "In this quick no fluff video, I will show you how to create a multi-bootable USB drive with Ventoy that can boot all of your ISO, WIM, IMG, VHD, and EFI files.It supports both MBR and GPT partition...", "content": "In this quick no fluff video, I will show you how to create a multi-bootable USB drive with Ventoy that can boot all of your ISO, WIM, IMG, VHD, and EFI files.It supports both MBR and GPT partitions. This is the last USB drive you will ever need and you won’t ever need to format another one.Ventoy is free and open source.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "The Best Way to Dual Boot Windows and Ubuntu", "url": "/posts/dual-boot-windows-ubuntu/", "categories": "homelab", "tags": "windows, linux, homelab, ubuntu", "date": "2021-02-08 08:00:00 -0600", "snippet": "Dual booting Windows and Ubuntu Linux can be a pain however there are many benefits do doing this if you do it right.In this tutorial we’ll discuss how to dual boot Windows and Ubuntu on your PC or...", "content": "Dual booting Windows and Ubuntu Linux can be a pain however there are many benefits do doing this if you do it right.In this tutorial we’ll discuss how to dual boot Windows and Ubuntu on your PC or laptop in a few simple steps so that you can take advantage of all the hardware in your “best” machine with full access to your GPU.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "I ran MY LIFE through a DEEP LEARNING algorithm and here's what came out...", "url": "/posts/deep-learning-my-life/", "categories": "homelab", "tags": "windows, linux, homelab, machine-learning, deep-learning, ai, nvidia, hardware, life", "date": "2021-02-01 08:00:00 -0600", "snippet": "My life, ran against a neural network and detected by Deep Learning.If you’d like to see how this video was generated using ML and Deep Learning, check out the video here:How this video was generat...", "content": "My life, ran against a neural network and detected by Deep Learning.If you’d like to see how this video was generated using ML and Deep Learning, check out the video here:How this video was generated📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "RTX 3090 for Machine Learning?", "url": "/posts/3090-machine-learning/", "categories": "homelab", "tags": "windows, linux, homelab, machine-learning, deep-learning, ai, nvidia, hardware", "date": "2021-01-30 08:00:00 -0600", "snippet": "The NVIDIA RTX 3090 is a beast.We all know it can beat the benchmarks in gaming, but how about machine learning and neural networks? Today we walk through the RTX 3090 and then compile and run Dar...", "content": "The NVIDIA RTX 3090 is a beast.We all know it can beat the benchmarks in gaming, but how about machine learning and neural networks? Today we walk through the RTX 3090 and then compile and run Darknet, an open source neural network, on Windows and then Ubuntu Linux and run object detection on pictures, images, and real-time video.You will be amazed at how much more you can get out of your video card than just gaming!📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "My HUGE Home Security Upgrade", "url": "/posts/home-security-upgrade/", "categories": "homelab", "tags": "homelab, unifi, protect, home-security, hardware", "date": "2021-01-16 08:00:00 -0600", "snippet": "I am a huge fan of self hosted home security and I’ve been doing it for years. I love the idea of being able to check on my home when I am away.Also, I’ve always kept my video footage on premise (o...", "content": "I am a huge fan of self hosted home security and I’ve been doing it for years. I love the idea of being able to check on my home when I am away.Also, I’ve always kept my video footage on premise (on prem) and never sent it to the cloud.It started way back with a laptop and a webcam and it evolved into self-hosting my own DVR software on a virtual machine with many PoE and wireless cameras… but this became way too much to manage. Well, this is the next evolution of my home security, integrating it into my recently upgraded UniFi network.I wanted to simplify my home security, just like my network, so I decided to pick up some UniFi Protect G3 FLEX cameras and some new UniFi Protect G3 Instant cameras to help secure my home.I also picked up the UniFi Smart Power Plug that will monitor my internet connection and reboot my modem if I lose connection.This is going to be awesome! I hope you enjoy this complete guide to setting up your new UniFi Protect system! Note, everything here was purchased with my own money. 0 outside influence by brands.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Self-host your own internet speed test with LibreSpeed!", "url": "/posts/librespeed/", "categories": "self-hosted", "tags": "homelab, rancher, kubernetes, docker, librespeed, self-hosted", "date": "2021-01-09 08:00:00 -0600", "snippet": "Internet speed tests are full of junk, ads, tracking, and some even contain deprecated plug-ins.Who needs this when we can self-host an open source one? LibreSpeed is a lightweight speedtest imple...", "content": "Internet speed tests are full of junk, ads, tracking, and some even contain deprecated plug-ins.Who needs this when we can self-host an open source one? LibreSpeed is a lightweight speedtest implemented in JavaScript using XHR requests and web workers.It’s fast, feature rich, and supports every modern browser.Say goodbye to those other speed tests and host your own containerized in Docker or Kubernetes today!📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Cloud Native Distributed Storage in Kubernetes with Longhorn", "url": "/posts/longhorn-install/", "categories": "kubernetes, rancher", "tags": "homelab, rancher, kubernetes, longhorn, k3s", "date": "2021-01-02 08:00:00 -0600", "snippet": "Storage in Kubernetes is hard, complicated, and messy.Configuring volumes, mounts, and persistent volumes claims and getting it right can be a challenge.It’s also challenging to manage that storage...", "content": "Storage in Kubernetes is hard, complicated, and messy.Configuring volumes, mounts, and persistent volumes claims and getting it right can be a challenge.It’s also challenging to manage that storage and replicate it across all your Kubernetes clusters.It’s also been very challenging to do this on bare metal, outside of a cloud provider.That’s where Longhorn comes.Longhorn is an open source, a CNCF distributed block storage system for Kubernetes.It comes with a UI, backups, snapshots, cluster disaster recovery, and it does all this with or without Rancher.Rancher is NOT a requirement.📺 Watch VideoInstallationAdditional DependenciesThere are some additional dependencies you might want to install on target nodes prior to configuringsudo apt updatesudo apt install nfs-common open-iscsi#start the service now and on rebootsudo systemctl enable open-iscsi --nowInstall MethodsRancher app catalogSee the app catalog within RancherKubectlkubectl apply -f https://raw.githubusercontent.com/longhorn/longhorn/master/deploy/longhorn.yamlkubectl get pods \\--namespace longhorn-system \\--watchSee more at https://longhorn.io/docs/1.0.0/deploy/install/install-with-kubectlHelmhelm3kubectl create namespace longhorn-systemhelm install longhorn ./longhorn/chart/ --namespace longhorn-systemkubectl -n longhorn-system get podTaints This is not required, nor do I taint nodes anymore.I allow Longhorn storage to use any available space on any node that is not running etcd / control plane.You can simply skip this step and it will work like this.If you’re still convinced you need dedicated nodes, it’s much easier doing it in the Longhorn UI after a node joins the cluster than with taints.I ended up tainting my storage nodes using this commandkubectl taint nodes luna-01 luna-02 luna-03 luna-04 CriticalAddonsOnly=true:NoExecutekubectl taint nodes luna-01 luna-02 luna-03 luna-04 StorageOnly=true:NoExecuteThen applying that toleration to Longhorn in settingsStorageOnly=true:NoExecute;CriticalAddonsOnly=true:NoExecuteThis ensures that the storage nodes won’t take on any general workloads and still allow Lonhorn to use these as storage.Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Automate EVERYTHING with Ansible!", "url": "/posts/ansible-automation/", "categories": "homelab", "tags": "homelab, ansible", "date": "2020-12-26 08:00:00 -0600", "snippet": "Ansible.Need I say more? Well, maybe, if you’ve never heard of it. Ansible is a simple IT / DevOps automation that anyone can use.You can Automate anything with an SSH connection and WITHOUT insta...", "content": "Ansible.Need I say more? Well, maybe, if you’ve never heard of it. Ansible is a simple IT / DevOps automation that anyone can use.You can Automate anything with an SSH connection and WITHOUT installing any agents or clients. Join me as we set up, configure and start automating with Ansible!📺 Watch Videoinstallsudo apt updatesudo apt install ansiblesudo apt install sshpass Note: Most distributions include an “older” version of Ansible.If you want to install the latest version of Ansible, see installing the latest version of ansiblehosts[ubuntu]server-01server-02192.168.0.100192.168.0.1002commandscheck ansible versionansible --versioncommand with moduleansible -i ./inventory/hosts ubuntu -m ping --user someuser --ask-passcommand with playbookansible-playbook ./playbooks/apt.yml --user someuser --ask-pass --ask-become-pass -i ./inventory/hostsplaybooksapt.yml- hosts: \"*\" become: yes tasks: - name: apt apt: update_cache: yes upgrade: 'yes'qemu-guest-agent.yml- name: install latest qemu-guest-agent hosts: \"*\" tasks: - name: install qemu-guest-agent apt: name: qemu-guest-agent state: present update_cache: true become: truezsh.yml- name: install latest zsh on all hosts hosts: \"*\" tasks: - name: install zsh apt: name: zsh state: present update_cache: true become: truetimezone.yml- name: Set timezone and configure timesyncd hosts: \"*\" become: yes tasks: - name: set timezone shell: timedatectl set-timezone America/Chicago - name: Make sure timesyncd is stopped systemd: name: systemd-timesyncd.service state: stopped - name: Copy over the timesyncd config template: src=../templates/timesyncd.conf dest=/etc/systemd/timesyncd.conf - name: Make sure timesyncd is started systemd: name: systemd-timesyncd.service state: startedtimesyncd.conf# This file is part of systemd.## systemd is free software; you can redistribute it and/or modify it# under the terms of the GNU Lesser General Public License as published by# the Free Software Foundation; either version 2.1 of the License, or# (at your option) any later version.## Entries in this file show the compile time defaults.# You can change settings by editing this file.# Defaults can be restored by simply deleting this file.## See timesyncd.conf(5) for details.[Time]NTP=192.168.0.4FallbackNTP=time.cloudflare.com#RootDistanceMaxSec=5#PollIntervalMinSec=32#PollIntervalMaxSec=2048Installing the latest version of AnsibleMost distributions have an older version of Ansible installed.This is usually fine except sometimes you may need to use features from the latest Ansible.Use the following commands to update Ansible to the latest version.Check versionansible --versionIf it’s not the version you are looking for, check to see where it is installedwhich ansibleIf it lives somewhere like/usr/bin/ansiblethis is most likely due to your distribution installing it there.Remove previous versionsudo apt remove ansibleCheck to be sure it is removedwhich ansibleYou should seeansible not foundcheck to see that you have python3 and pippython3 -m pip -VYou should see something likepip 22.3.1 from /home/user/.local/lib/python3.8/site-packages/pip (python 3.8)Install pip if the previous couldn’t find the pip modulecurl https://bootstrap.pypa.io/get-pip.py -o get-pip.pyInstall ansiblepython3 -m pip install --user ansibleConfirm your version withansible --versionLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "HIGH AVAILABILITY k3s (Kubernetes) in minutes!", "url": "/posts/k3s-ha-install/", "categories": "kubernetes, k3s", "tags": "homelab, rancher, kubernetes, k3s, mysql, nginx", "date": "2020-12-19 08:00:00 -0600", "snippet": "Are you running Kubernetes in your homelab or in the enterprise? Do you want an easy way to manage and create Kubernetes clusters? Do you want high availability Rancher? Join me as we walk through...", "content": "Are you running Kubernetes in your homelab or in the enterprise? Do you want an easy way to manage and create Kubernetes clusters? Do you want high availability Rancher? Join me as we walk through stalling Rancher on an existing high availability k3s cluster in this step-by-step tutorial.We install Rancher, configure a load balancer, install and configure helm, install cert-manager, configure Rancher, walk through the GUI, scale up our cluster, and set up a health check and liveness check! Join me, it’s easy in this straightforward guide.📺 Watch VideoLoad BalancerCreate a load balancer using nginxnginx.conf#uncomment this next line if you are NOT running nginx in docker#load_module /usr/lib/nginx/modules/ngx_stream_module.so;events {}stream { upstream k3s_servers { server 192.168.60.20:6443; server 192.168.60.21:6443; } server { listen 6443; proxy_pass k3s_servers; }}k3s serversOn your k3s serversexport K3S_DATASTORE_ENDPOINT='mysql://username:password@tcp(database_ip_or_hostname:port)/database'Note: It’s advised you consult the Rancher Support Matrixto get the recommended version for all Rancher dependencies.thencurl -sfL https://get.k3s.io | sh -s - server --node-taint CriticalAddonsOnly=true:NoExecute --tls-san load_balancer_ip_or_hostnametest withsudo k3s kubectl get nodesto add additional servers, get token from first serversudo cat /var/lib/rancher/k3s/server/node-tokenthen run the same command but add the token (replace SECRET with token from previous command)curl -sfL https://get.k3s.io | sh -s - server --token=SECRET --node-taint CriticalAddonsOnly=true:NoExecute --tls-san load_balancer_ip_or_hostnameon agents / workersto run without sudosudo chmod 644 /etc/rancher/k3s/k3s.yaml` on the serversget tokensudo cat /var/lib/rancher/k3s/server/node-tokenk3s agents / workerscurl -sfL https://get.k3s.io | K3S_URL=https://load_balancer_ip_or_hostname:6443 K3S_TOKEN=mynodetoken sh -otherTo install kubectl see this linkkubeconfig location on server/etc/rancher/k3s/k3s.yamlsudo cat /etc/rancher/k3s/k3s.yamlcopy contents to your dev machine~/.kube/configBe sure to update the server: to your load balancer ip or hostnamekubernetes dashboardcheck releases for the command to use. At time or filming it’s:kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.4/aio/deploy/recommended.yamlDashboard RBAC Configurationdashboard.admin-user.ymlapiVersion: v1kind: ServiceAccountmetadata: name: admin-user namespace: kubernetes-dashboarddashboard.admin-user-role.ymlapiVersion: rbac.authorization.k8s.io/v1kind: ClusterRoleBindingmetadata: name: admin-userroleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-adminsubjects:- kind: ServiceAccount name: admin-user namespace: kubernetes-dashboardDeploy the admin-user configuration:(if you’re doing this from your dev machine, remove sudo k3s and just use kubectl)sudo k3s kubectl create -f dashboard.admin-user.yml -f dashboard.admin-user-role.ymlget bearer tokensudo k3s kubectl -n kubernetes-dashboard create token admin-userstart dashboard locallysudo k3s kubectl proxyThen you can sign in at this URL using your token we got in the previous step:http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/here’s testdeploy.yml you can useapiVersion: apps/v1kind: Deploymentmetadata: name: mysite labels: app: mysitespec: replicas: 1 selector: matchLabels: app: mysite template: metadata: labels: app : mysite spec: containers: - name : mysite image: nginx ports: - containerPort: 80Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "High Availability Rancher on Kubernetes", "url": "/posts/rancher-ha-install/", "categories": "kubernetes, rancher", "tags": "homelab, rancher, kubernetes, k3s", "date": "2020-12-19 08:00:00 -0600", "snippet": "Are you running Kubernetes in your homelab or in the enterprise?Do you want an easy way to manage and create Kubernetes clusters?Join me as we walk through installing Rancher on an existing high av...", "content": "Are you running Kubernetes in your homelab or in the enterprise?Do you want an easy way to manage and create Kubernetes clusters?Join me as we walk through installing Rancher on an existing high availability k3s cluster in this step-by-step tutorial.We install Rancher, configure a load balancer, install and configure helm, install cert-manager, configure Rancher, walk through the GUI, scale up our cluster, and set up a health check and liveness check! Join me, it’s easy in this straightforward guide.📺 Watch VideoinstallNote:It’s advised you consult the Rancher Support Matrixto get the recommended version for all Rancher dependencies.https://rancher.com/docs/rancher/v2.x/en/installation/install-rancher-on-k8s/#1-install-the-required-cli-toolskubectlinstall helmcurl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bashadd helm repo, stablehelm repo add rancher-stable https://releases.rancher.com/server-charts/stablecreate rancher namespacekubectl create namespace cattle-systemssl configurationuser rancher generated (default)install cert-managerkubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.7.1/cert-manager.crds.yamlcreate name-space for cert-managerkubectl create namespace cert-managerAdd the Jetstack Helm repository helm repo add jetstack https://charts.jetstack.ioupdate helm repohelm repo updateinstall cert-manager helm chart*Note: If you receive an “Error: Kubernetes cluster unreachable” message when installing cert-manager, try copyingthe contents of “/etc/rancher/k3s/k3s.yaml” to “~/.kube/config” to resolve the issue.*helm install \\ cert-manager jetstack/cert-manager \\ --namespace cert-manager \\ --version v1.7.1check rollout of cert-managerkubectl get pods --namespace cert-managerBe sure each pod is fully running before proceedingInstall Rancher with Helm Note: If you have “.local” for your private TLD then Rancher will NOT finish the setup within the webUIhelm install rancher rancher-stable/rancher \\ --namespace cattle-system \\ --set hostname=rancher.example.comcheck rolloutkubectl -n cattle-system rollout status deploy/rancheryou should seeWaiting for deployment \"rancher\" rollout to finish: 0 of 3 updated replicas are available...Waiting for deployment \"rancher\" rollout to finish: 1 of 3 updated replicas are available...Waiting for deployment \"rancher\" rollout to finish: 2 of 3 updated replicas are available...deployment \"rancher\" successfully rolled outcheck statuskubectl -n cattle-system rollout status deploy/rancheryou should seedeployment \"rancher\" successfully rolled outload balancerIf you are using k3s you can use the traefik ingress controller that ships with k3srunkubectl get svc --all-namespaces -o widelook forkube-system traefik LoadBalancer 10.43.202.72 192.168.100.10 80:32003/TCP,443:32532/TCP 5d23h app=traefik,release=traefikthen create a DNS entry for rancher.example.com 192.168.100.10This can be a host entry on your machine, or a DNS entry in your local DNS system (router, pi hole, etc…)otherwise you can use nginxnginx lbhttps://rancher.com/docs/rancher/v2.x/en/installation/resources/k8s-tutorials/infrastructure-tutorials/nginx/other considerationsSeparating Rancher Cluster from your User Clusterhttps://rancher.com/docs/rancher/v2.x/en/overview/architecture-recommendations/#separation-of-rancher-and-user-clustersLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "High Availability Pi-Hole? Yes please!", "url": "/posts/ha-pi-hold-gravity-sync/", "categories": "self-hosted", "tags": "homelab, rancher, kubernetes, docker, portainer, self-hosted, pi-hole, gravity-sync, keepalived", "date": "2020-12-12 08:00:00 -0600", "snippet": "Dear Pi-Hole,We love your product.It keeps our network safe from malware and other unwanted domains. While we love what is there so far, please add a feature to your core product to keep multiple ...", "content": "Dear Pi-Hole,We love your product.It keeps our network safe from malware and other unwanted domains. While we love what is there so far, please add a feature to your core product to keep multiple servers in sync and provide high availability DNS to our whole entire network.Then, we won’t have people asking us “Is the internet down?” every time we reboot our Pi-Hole server.Until then, we will use Gravity Sync.Sincerely,Techno Tim (and probably thousands of other lovers of Pi-Hole).P.S.Keep up the good work!Thank you Gravity Sync!(don’t forget to star the repo!)https://github.com/vmstan/gravity-sync📺 Watch VideoGreat Raspberry Pi - Pi-Hole Servers!► Raspberry Pi Zero W Kit - https://amzn.to/3qOl9yS► Raspberry Pi 4 Kit - https://amzn.to/3nophDmIf you’re looking to have your PiHole instances failover automatically, be sure to check out the documentation on keepalivedMeet keepalived - High Availability and Load Balancing in OneLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Before I do anything on Proxmox, I do this first...", "url": "/posts/first-11-things-proxmox/", "categories": "proxmox", "tags": "homelab, proxmox, homelab", "date": "2020-11-28 08:00:00 -0600", "snippet": "After setting up my Proxmox servers, there are a few things I do before I use them for their intended purpose.This ranges from updates, to storage, to networking and VLANS, to uploading ISOs, to cl...", "content": "After setting up my Proxmox servers, there are a few things I do before I use them for their intended purpose.This ranges from updates, to storage, to networking and VLANS, to uploading ISOs, to clustering, and more.Join me as we pick up where the rest of the proxmox tutorials stop, and that’s everything you need to do to make these production ready (and maybe a bonus item too).📺 Watch VideoUpdatesEdit /etc/apt/sources.listProxmox Version 6.Xdeb http://ftp.us.debian.org/debian buster main contribdeb http://ftp.us.debian.org/debian buster-updates main contrib# security updatesdeb http://security.debian.org buster/updates main contrib# not for production usedeb http://download.proxmox.com/debian buster pve-no-subscriptionProxmox Version 7.X(for a full guide on Proxmox 7, please see this link)deb http://ftp.debian.org/debian bullseye main contribdeb http://ftp.debian.org/debian bullseye-updates main contrib# security updatesdeb http://security.debian.org/debian-security bullseye-security main contrib# PVE pve-no-subscription repository provided by proxmox.com,# NOT recommended for production usedeb http://download.proxmox.com/debian/pve bullseye pve-no-subscriptionEdit /etc/apt/sources.list.d/pve-enterprise.list# deb https://enterprise.proxmox.com/debian/pve buster pve-enterpriseProxmox Version 8.XCreate a file at /etc/apt/sources.list.d/pve-no-enterprise.list with the following contents:# not for production usedeb http://download.proxmox.com/debian/pve bookworm pve-no-subscriptionIf you are using cephCreate a file at /etc/apt/sources.list.d/ceph.list with the following contents:# not for production usedeb http://download.proxmox.com/debian/ceph-quincy bookworm no-subscriptionIf you’re looking to upgrade to Proxmox 8, see this postRunapt-get updateapt dist-upgraderebootStorageBE CAREFUL.This will wipe your disks.fdisk /dev/sdaThen P for partition, then D for delete, then W for write.Check SMART Monitoringsmartctl -a /dev/sdaIOMMU (PCI Passthrough)You’ll first want to be sure that Vt-d / IOMMU is enabled in your BIOS before continuing. If see “No IOMMU detected, please activate it.See Documentation for further information.” It means that IOMMU is not enabled in your BIOS or that it has not been enabled in Proxmox yet. If you’re seeing this and you’ve enabled it in your BIOS, you can enable it in Proxmox below.Checking your boot managerEnabling PCI passthrough depends on your boot manager. You can check to see which one you are using by runningefibootmgr -vIf it returns an errors, it’s running in Legacy/BIOS with GRUB, skip to GRUB sectionif it returns something like this, it’s running system-boot, skip to system-d section sectionBoot0002* proxmox\tHD(2,GPT,b0f10348-020c-4bd6-b002-dc80edcf1899,0x800,0x100000)/File(\\EFI\\proxmox\\shimx64.efi)if it returns something like this.Boot0006 * Linux Boot Manager [...] File(EFI\\systemd\\systemd-bootx64.efi)GRUBIf you’re using GRUB, use the following commands:nano /etc/default/grubadd iommu=pt to GRUB_CMDLINE_LINUX_DEFAULT like so:GRUB_CMDLINE_LINUX_DEFAULT=\"quiet intel_iommu=on iommu=pt\"If you aren’t using an intel processor, remove intel_iommu=onsystem-bootIf you’re using system-boot use the following commands.nano /etc/kernel/cmdlineadd intel_iommu=on iommu=pt to the end of this line without line breaksroot=ZFS=rpool/ROOT/pve-1 boot=zfs intel_iommu=on iommu=ptIf you aren’t using an intel processor, remove intel_iommu=onrunpve-efiboot-tool refreshthen rebootrebootVFIO modulesEdit /etc/modulesvfiovfio_iommu_type1vfio_pcivfio_virqfdrunupdate-initramfs -u -k allthen rebootrebootNVIDIAIf you’re planning on using an NVIDIA card, I’ve found this helps prevent some apps like GPUz from crashing on the VM.echo \"options kvm ignore_msrs=1 report_ignored_msrs=0\" > /etc/modprobe.d/kvm.confStill having trouble?See Proxmox PCI PassthroughVLAN AwareIf you want to restrict your VLANSnano /etc/network/interfacesSet your VLAN herebridge-vlan-aware yesbridge-vids 20NIC Team Examplenano /etc/network/interfacesauto eno1iface eno1 inet manualauto eno2iface eno2 inet manualauto bond0iface bond0 inet manual bond-slaves eno1 eno2 bond-miimon 100 bond-mode 802.3ad bond-xmit-hash-policy layer2+3auto vmbr0iface vmbr0 inet static address 192.168.0.11/24 gateway 192.168.0.1 bridge-ports bond0 bridge-stp off bridge-fd 0 bridge-vlan-aware yes bridge-vids 2-4094#lacp nic teamIf you’re running Proxmox 7, see the modified config here for LAGG / LACPCloningThese are the commands I run after cloning a Linux machine so that it resets all information for the machine it was cloned from.(Note: If you use cloud-init-aware OS images as described under Cloud-Init Support on https://pve.proxmox.com/pve-docs/chapter-qm.html, these steps won’t be necessary!)change hostnamesudo nano /etc/hostname find your hostname and change itchange hosts file find your hostname and change itsudo nano /etc/hostsreset machine IDrm -f /etc/machine-id /var/lib/dbus/machine-iddbus-uuidgen --ensure=/etc/machine-iddbus-uuidgen --ensureregenerate ssh keysregen ssh keyssudo rm /etc/ssh/ssh_host_*sudo dpkg-reconfigure openssh-serverrebootAlertsI’ve added yet another item to my list when setting up a new Proxmox server, and that’s setting up alerts!Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "My HUGE (but small) 1U Server Upgrade", "url": "/posts/1u-server-upgrade/", "categories": "homelab", "tags": "homelab, hardware", "date": "2020-11-21 08:00:00 -0600", "snippet": "I’ve been making great use of some older, bigger servers but I decided to try and build, upgrade, and migrate to some 1U servers.Join me as we unbox and build my 2 new virtualization servers!📺 Watc...", "content": "I’ve been making great use of some older, bigger servers but I decided to try and build, upgrade, and migrate to some 1U servers.Join me as we unbox and build my 2 new virtualization servers!📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Meet WireGuard, the new hotness in VPN...", "url": "/posts/wiregaurd-setup/", "categories": "self-hosted", "tags": "homelab, rancher, kubernetes, docker, wireguard, self-hosted, vpn, portainer", "date": "2020-11-14 08:00:00 -0600", "snippet": "Self hosting a VPN has traditionally been hard to set up and we’ve had very few options.That is until WireGuard came about. WireGuard is an extremely simple yet fast and modern VPN that utilizes st...", "content": "Self hosting a VPN has traditionally been hard to set up and we’ve had very few options.That is until WireGuard came about. WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography.It also supports running inside of a Docker container and that’s exactly what we’ll be using in this tutorial!📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "I think I found a Dropbox replacement with Nextcloud...", "url": "/posts/nextcloud-setup/", "categories": "self-hosted", "tags": "homelab, rancher, kubernetes, docker, self-hosted, nextcloud, portainer", "date": "2020-11-07 08:00:00 -0600", "snippet": "Are you thinking about ditching Google apps or looking for a Dropbox replacement? Are you ready to self host your own productivity platform? Well, Nextcloud may be for you! In today’s tutorial w...", "content": "Are you thinking about ditching Google apps or looking for a Dropbox replacement? Are you ready to self host your own productivity platform? Well, Nextcloud may be for you! In today’s tutorial we’ll walk though setting up Nextcloud with Docker and Kubernetes.We’ll also walk through some of the new features, installing apps from the app store, exposing this Nextcloud publicly, as well as setting up 2FA (2 factor authentication) with TOTP clients like Google Authenticator and Authy.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Before I do anything on Linux, I do these first...", "url": "/posts/fist-13-things-linux/", "categories": "homelab", "tags": "homelab, linux, ubuntu", "date": "2020-10-31 09:00:00 -0500", "snippet": "After setting up my Linux servers, there are a few things I do before I use them for their intended purpose.This ranges from security, to tools, to config.Join me as we set up our first Linux serve...", "content": "After setting up my Linux servers, there are a few things I do before I use them for their intended purpose.This ranges from security, to tools, to config.Join me as we set up our first Linux server in this tutorial and walk through setting it up proper (and maybe some bonus items sprinkled in).📺 Watch VideoUpdatesudo apt-get updatesudo apt-get upgradeReconfigure unattended-upgradessudo dpkg-reconfigure --priority=low unattended-upgradesVerify unattended upgrades configuration file in your text editor of choice/etc/apt/apt.conf.d/20auto-upgradesTo disable automatic reboots by the automatic upgrades configuration edit the following file:/etc/apt/apt.conf.d/50unattended-upgradesand uncomment the following line by removing the leading slashes://Unattended-Upgrade::Automatic-Reboot \"false\";Accountadd usersudo adduser someuseradd to sudoerssudo usermod -aG sudo someuserSSH Serverinstallsudo apt-get install openssh-servercopy key from client to serverssh-copy-id someuser@192.168.0.100switch to key based authsudo nano /etc/ssh/sshd_configAdd these attributesPasswordAuthentication noChallengeResponseAuthentication noNetworkingstatic IPsudo nano /etc/netplan/01-netcfg.yamlnetwork: version: 2 renderer: networkd ethernets: ens18: dhcp4: no addresses: - 192.168.0.222/24 gateway4: 192.168.0.1 nameservers: addresses: [192.168.0.4]Install oh-my-zshsudo apt-get updatesudo apt-get install zshsudo apt-get install powerline fonts-powerlinesh -c \"$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)\"Fix LVMsudo lvmlvscanYou should see your logical volumeslvm> lvscan ACTIVE '/dev/vgubuntu-server/root' [<168.54 GiB] inherit ACTIVE '/dev/vgubuntu-server/swap_1' [980.00 MiB] inheritresize the logical volume group, usually the first one in the list but check to be sure!lvextend -l +100%FREE /dev/vgubuntu-server/rootYou should see: Size of logical volume vgubuntu-server/root changed from <138.54 GiB (35466 extents) to <168.54 GiB (43146 extents). Logical volume vgubuntu-server/root successfully resizedexitresize the file systemsudo resize2fs /dev/vgubuntu-server/rootCheck to see file system sizedf -hYou should see:Filesystem Size Used Avail Use% Mounted ontmpfs 1.6G 3.9M 1.6G 1% /run/dev/mapper/vgubuntu--server-root 166G 89G 70G 56% /tmpfs 7.9G 0 7.9G 0% /dev/shmtmpfs 5.0M 0 5.0M 0% /run/lock/dev/sda1 511M 4.0K 511M 1% /boot/efitmpfs 1.6G 0 1.6G 0% /run/user/1000You should see:resize2fs 1.46.5 (30-Dec-2021)Filesystem at /dev/vgubuntu-server/root is mounted on /; on-line resizing requiredold_desc_blocks = 18, new_desc_blocks = 22The filesystem on /dev/vgubuntu-server/root is now 44181504 (4k) blocks long.hostnamesudo hostnamectl set-hostnamesudo nano /etc/hostsTime ZoneCheck time zone:timedatectlChange time zone:sudo timedatectl set-timezoneYou can also use if you want a menu.sudo dpkg-reconfigure tzdata NTP Timesudo nano /etc/systemd/timesyncd.confNTP=192.168.0.4sudo timedatectl set-ntp offsudo timedatectl set-ntp oninstall kvm agentsudo apt-get install qemu-guest-agentfirewallsudo ufw default deny incomingsudo ufw default allow outgoingsudo ufw allow sshsudo ufw enablefail2bansudo apt-get install fail2bansudo cp /etc/fail2ban/fail2ban.{conf,local}sudo cp /etc/fail2ban/jail.{conf,local}sudo nano /etc/fail2ban/jail.localbackend = systemdcheck statussudo fail2ban-client statussudo fail2ban-client status sshdLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Huge Network Upgrade for My Homelab", "url": "/posts/home-network-upgrade/", "categories": "homelab", "tags": "homelab, network, hardware, unifi", "date": "2020-10-24 09:00:00 -0500", "snippet": "I decided to give my Home Lab a proper upgrade for 2020 and in to 2021! I finally took the plunge and went all in with a UniFi UDM Pro and a UniFi Switch PRO 24 PoE switch and they are awesome!📺 W...", "content": "I decided to give my Home Lab a proper upgrade for 2020 and in to 2021! I finally took the plunge and went all in with a UniFi UDM Pro and a UniFi Switch PRO 24 PoE switch and they are awesome!📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Migrate Your Databases to Kubernetes and Docker", "url": "/posts/migrate-database-docker-kubernetes/", "categories": "self-hosted", "tags": "homelab, rancher, kubernetes, docker, self-hosted, mysql, database, portainer", "date": "2020-10-17 09:00:00 -0500", "snippet": "Have you been putting off migrating your database to Docker and Kubernetes like I have? Well wait no longer.It’s simple using this step-by-step tutorial.Today, we’ll move a database that’s on a vi...", "content": "Have you been putting off migrating your database to Docker and Kubernetes like I have? Well wait no longer.It’s simple using this step-by-step tutorial.Today, we’ll move a database that’s on a virtual machine to a container that’s running in kubernetes.Oh yeah, this will also work if it’s a bare metal server too, duh.🙂📺 Watch Videomysql_backup.sh#! /bin/bashBACKUP_DIR=\"/home\"MYSQL_USER=\"root\"MYSQL=/usr/bin/mysqlMYSQL_PASSWORD=\"your my sql password\"MYSQLDUMP=/usr/bin/mysqldumpMYSQL_HOST=\"mysql\"MYSQL_PORT=\"3306\"databases=`$MYSQL --user=$MYSQL_USER --host $MYSQL_HOST --port $MYSQL_PORT -p$MYSQL_PASSWORD -e \"SHOW DATABASES;\" | grep -Ev \"(Database|information_schema|performance_schema)\"`for db in $databases; do $MYSQLDUMP --host $MYSQL_HOST --port $MYSQL_PORT --force --opt --user=$MYSQL_USER -p$MYSQL_PASSWORD --databases $db | gzip > \"$BACKUP_DIR/$db.gz\"doneLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "I Heard You Like GPUs in Servers... GPU Passthrough on Linux and Docker", "url": "/posts/gpu-passthrough-linux/", "categories": "homelab", "tags": "homelab, rancher, kubernetes, docker, portainer, nvidia, hardware", "date": "2020-10-10 09:00:00 -0500", "snippet": "We’ve already figured out how to pass through a GPU to Windows machine but why let Windows have all the fun? Today, we do it on an Ubuntu headless server that’s virtualized, run some AI and Deep L...", "content": "We’ve already figured out how to pass through a GPU to Windows machine but why let Windows have all the fun? Today, we do it on an Ubuntu headless server that’s virtualized, run some AI and Deep Learning workloads, then turn up the transcoding on Plex to 11.📺 Watch Video88 88 88 \"\" 88 88,dPPYba, 88 8b,dPPYba, ,adPPYb,d8 ,adPPYba, 88P' \"8a 88 88P' `\"8a a8\" `Y88 a8\" \"8a 88 d8 88 88 88 8b 88 8b d8 88b, ,a8\" 88 88 88 \"8a, ,d88 \"8a, ,a8\" 8Y\"Ybbd8\"' 88 88 88 `\"YbbdP\"Y8 `\"YbbdP\"' aa, ,88 \"Y8bbdP\" If you need to passthrough a GPU, follow this guide but install Ubuntu instead.ProxmoxShut down your VM in proxmox, edit your conf file, it should be here (note, change path to your VM’s ID)/etc/pve/qemu-server/100.confadd cpu: host,hidden=1,flags=+pcid to that filestart the server.Linux Guestsudo apt-get updatesudo apt-get upgradesudo apt-get install qemu-guest-agent # this is optional if you are virtualizing this machinesudo apt-get install build-essential # build-essential is required for nvidia drivers to compilesudo apt install --no-install-recommends nvidia-cuda-toolkit nvidia-headless-450 nvidia-utils-450 libnvidia-encode-450Then reboot.Then install nvtopsudo apt-get install nvtoptensorflow workloadnvidia-docker run --rm -ti tensorflow/tensorflow:r0.9-devel-gpuRancher / KubernetesIn your Rancher server (or kubernetes host)distribution=$(. /etc/os-release;echo $ID$VERSION_ID)curl -s -L https://nvidia.github.io/nvidia-docker/gpgkey | sudo apt-key add -curl -s -L https://nvidia.github.io/nvidia-docker/$distribution/nvidia-docker.list | sudo tee /etc/apt/sources.list.d/nvidia-docker.listsudo apt-get update && sudo apt-get install -y nvidia-container-toolkitsudo apt-get install nvidia-container-runtimeupdate daemon.jsonsudo nano /etc/docker/daemon.jsonReplace with:{ \"default-runtime\": \"nvidia\", \"runtimes\": { \"nvidia\": { \"path\": \"/usr/bin/nvidia-container-runtime\", \"runtimeArgs\": [] } }}Install one more util for nvidia:sudo apt-get install -y nvidia-docker2RebootThen, using kubectl on your kubernetes / rancher hostkubectl create -f https://raw.githubusercontent.com/NVIDIA/k8s-device-plugin/master/nvidia-device-plugin.ymlLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "I Built Something for Your Homelab...", "url": "/posts/broadlink-control/", "categories": "self-hosted", "tags": "homelab, rancher, kubernetes, docker, portainer, broadlink, iot, hardware", "date": "2020-10-03 09:00:00 -0500", "snippet": "I am betting you have at least 3 infrared remote controls in your house.I am also willing to be you would love to automate some of these from time to time.Well don’t worry I have the solution for y...", "content": "I am betting you have at least 3 infrared remote controls in your house.I am also willing to be you would love to automate some of these from time to time.Well don’t worry I have the solution for you! In this video we walk through setting up a self-hosted /local only Broadlink Wifi Smart Home Hub that you can use within your own home without connecting to the cloud.Added bonus, I built a Docker container you can pull down and add to your Rancher, Portainer, Synology, QNAP, or any server running Docker or Kubernetes.This includes a python backend and API as well as a ReactJS frontend so that you can discover, learn, and send commands from the web UI or even from the web API.I hope you enjoy it!📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Meet Guacamole, Your Remote Access Gateway", "url": "/posts/guacamole-remote-access-gateway/", "categories": "self-hosted", "tags": "homelab, rancher, kubernetes, self-hosted, guacamole, portainer, docker, vnc, ssh, rdp", "date": "2020-09-26 09:00:00 -0500", "snippet": "Do you have a lot of virtual machines? Are you running Windows, Linux, and Mac and need remote access from a single UI? Well, Apache Guacamole is for you! Apache Guacamole is a clientless remote...", "content": "Do you have a lot of virtual machines? Are you running Windows, Linux, and Mac and need remote access from a single UI? Well, Apache Guacamole is for you! Apache Guacamole is a clientless remote access gateway that give you a web portal to access any of your clients over standard protocols like VNC, RDP, SSH, TELNET, and more. Join me in this step by step tutorial as we set up a self-hosted version of Guacamole in your homelab.As an added bonus, we’ll set up 2FA (multifactor authentication) to help secure Guacamole.Oh, yeah, and we’ll do this all in Docker and or Kubernetes, it’s up to you! :)📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Bridge Mode with UniFi Access Points", "url": "/posts/unifi-ap-bridge-mode/", "categories": "homelab", "tags": "homelab, network, unifi, hardware", "date": "2020-09-19 09:00:00 -0500", "snippet": "Do you have some places where you can’t run ethernet? Do want to extend your ethernet without pulling more cable? Well this is the guide for you.In this step-by-step tutorial we’ll use a Ubiquiti...", "content": "Do you have some places where you can’t run ethernet? Do want to extend your ethernet without pulling more cable? Well this is the guide for you.In this step-by-step tutorial we’ll use a Ubiquiti UniFi AP AC PRO and connect a second as a guest, giving use remote ethernet to a remote site! This is the pro tip guide to setting up a wireless bridge! Bonus, we’ll even do a live throughput test to see how much bandwidth we get running in bridge mode with 2 AC Pros!📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Build & Deploy Your Own Code in Your Homelab!", "url": "/posts/self-hosted-devops-stack/", "categories": "self-hosted, homelab", "tags": "homelab, rancher, kubernetes, gitlab", "date": "2020-09-12 09:00:00 -0500", "snippet": "So you’re a software engineer or a developer who wants to self-host your own code in your own homelab? Well this is the tutorial for you! In this step-by-step guide we’ll walk through setting up ...", "content": "So you’re a software engineer or a developer who wants to self-host your own code in your own homelab? Well this is the tutorial for you! In this step-by-step guide we’ll walk through setting up a repo, building and testing our own code (with unit tests) in a self-hosted Gitlab CI runner in our CI pipeline, then we’ll build a Docker image and push it up to a container registry, then we’ll use kubectl in our CD pipeline to deploy our Docker container to our self-hosted kubernetes cluster! This all happens in a couple of minutes and then we’ll truly have continuous integration and continuous delivery in our homelab!📺 Watch VideoHelpful videos1 - Set Up Kubernetes with Rancher2 - Set up a reverse proxy and SSL with Traefik3 - Expose Rancher and Kubernetes API SecurelyGitLab react appSee the app here:https://github.com/techno-tim/techno-reactDocker file:https://github.com/techno-tim/techno-react/blob/master/DockerfileKubernetes deployment yamlhttps://github.com/techno-tim/techno-react/blob/master/kubernetes/deployment.yamlnginx config for your react applicationhttps://github.com/techno-tim/techno-react/blob/master/nginx.confpbcopy for WSL on Windowshttps://www.techtronic.us/pbcopy-pbpaste-for-wsl/https://www.techtronic.us/pbcopy-pbpaste-for-wsl/Example config.toml for your GitLab runner.concurrent = 1check_interval = 0[session_server] session_timeout = 1800[[runners]] name = \"rancher-gitlab-runner\" url = \"https://gitlab.com\" token = \"your-gitlab-runner-token\" executor = \"docker\" [runners.custom_build_dir] [runners.cache] [runners.cache.s3] [runners.cache.gcs] [runners.docker] tls_verify = false image = \"docker:stable\" privileged = false disable_entrypoint_overwrite = false oom_kill_disable = false disable_cache = false volumes = [\\\"/var/run/docker.sock:/var/run/docker.sock\\\", \\\"/cache\\\"] shm_size = 0example ~/.kube/config for your GitLab secretapiVersion: v1kind: Configclusters:- name: \"cluster1\" cluster: server: \"https://your.rancher.url/k8s/clusters/c-cluster-id\"users:- name: \"cluster1\" user: token: \"your kubernetes token\"contexts:- name: \"cluster1\" context: user: \"cluster1\" cluster: \"cluster1\"current-context: \"cluster1\"Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "SSL, Traefik, and OAuth for Rancher! (Google, GitHub, Keycloak, Azure, and more!)", "url": "/posts/host-rancher-securely/", "categories": "kubernetes, rancher", "tags": "homelab, rancher, kubernetes, github", "date": "2020-09-05 09:00:00 -0500", "snippet": "Do you want to self host your Rancher UI securely in your homelab? Have you thought about putting your Rancher UI behind Traefik and your reverse proxy to get free SSL certificates using Let’s Encr...", "content": "Do you want to self host your Rancher UI securely in your homelab? Have you thought about putting your Rancher UI behind Traefik and your reverse proxy to get free SSL certificates using Let’s Encrypt? Do you want to make your Rancher UI available publicly and secure it using 3rd party OAuth providers like Google, GitHub, Keycloak, Okta, Shibboleth, and more? Well this is the guide for you.In this step-by-step tutorial we’ll walk through setting up the Rancher UI to use Traefik reverse proxy, get SSL certificates using Let’s Encrypt, host our UI publicly, and then add 3rd party OAuth providers so that we can use 2 factor authentication (2FA) and all of the other security features auth providers give us.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Portainer 2.0 -- Now with more Kubernetes!", "url": "/posts/portainer-2/", "categories": "portainer", "tags": "homelab, kubernetes, portainer", "date": "2020-08-29 09:00:00 -0500", "snippet": "What’s new in Portainer 2.0? Well, a ton.With the release of Portainer 2 you now have the option to install Kubernetes.This makes installing, managing, and deploying Kubenetes really easy.In this ...", "content": "What’s new in Portainer 2.0? Well, a ton.With the release of Portainer 2 you now have the option to install Kubernetes.This makes installing, managing, and deploying Kubenetes really easy.In this step by step tutorial, we’ll start with nothing and end up with a fully working Portainer 2 server running Kubernetes.We’ll set up k3s using k3d, install kubectl, and then spin up Portainer.As an added bonus, we’ll also run a Minecraft server in Kubernetes as a proof of work.Double bonus, we’ll cover how to pronounce kubectl…📺 Watch VideoLet’s get startedHere are the commands used in the video.Be sure to use them appropriately.Install ubuntuhttps://ubuntu.com/Install DockerTo install docker, see this postInstall kubectlhttps://kubernetes.io/docs/tasks/tools/install-kubectl/curl -LO \"https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl\"chmod +x ./kubectlsudo mv ./kubectl /usr/local/bin/kubectlkubectl version --clientInstall k3dhttps://github.com/rancher/k3dcurl -s https://raw.githubusercontent.com/rancher/k3d/main/install.sh | bashInstall k3sk3d cluster create portainer --api-port 6443 --servers 1 --agents 1 -p \"30000-32767:30000-32767@server:0\"k3d cluster create portainer --api-port 6443 --servers 1 --agents 1 -p \"30000-32767:30000-32767@server:0\"Install Portainerhttps://github.com/portainer/k8skubectl create namespace portainerkubectl apply -n portainer -f https://raw.githubusercontent.com/portainer/k8s/master/deploy/manifests/portainer/portainer.yamlThe Portainer UI is hosted on port `30777` Example: `http://192.168.0.1:30777`Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Self-Host All Your Homelab Services with DuckDNS -- Free Dynamic DNS Running on Docker", "url": "/posts/duck-dns/", "categories": "self-hosted", "tags": "homelab, rancher, kubernetes, docker, portainer, duckdns", "date": "2020-08-22 09:00:00 -0500", "snippet": "Are you trying to access your self-hosted services outside of your firewall? Are you tired of trying to remember your IP when away, or worse yet, having your ISP change your IP address? Have you ...", "content": "Are you trying to access your self-hosted services outside of your firewall? Are you tired of trying to remember your IP when away, or worse yet, having your ISP change your IP address? Have you not purchased a domain yet but want to access your own personal VPN? If you answered “YES” to any of these, join me as we walk through this step-by-step tutorial and set up DuckDNS, the free dynamic DNS service, using Docker and then move on to use Rancher and Kubernetes.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Self-Hosting Your Homelab Services with SSL -- Let's Encrypt, MetalLB, Traefik, Rancher, Kubernetes", "url": "/posts/reverse-proxy-kubernetes/", "categories": "kubernetes, rancher", "tags": "homelab, rancher, kubernetes, traefik, wsl, metal-lb", "date": "2020-08-15 09:00:00 -0500", "snippet": "Are you self-hosting lots of services at home in your homelab? Have you been port forwarding or using VPN to access your self-hosted services wishing you had certificates so that you can access th...", "content": "Are you self-hosting lots of services at home in your homelab? Have you been port forwarding or using VPN to access your self-hosted services wishing you had certificates so that you can access them securely over SSL? Well after this video, you can! In this step by step tutorial we’ll walk through setting up Rancher and Kubernetes with a reverse proxy, Kubernetes Ingress, MetalLB, Traefik, Let’s Encrypt, and DNS giving you free certificates.📺 Watch VideoInstall WSL on Windows 10https://www.youtube.com/watch?v=kL8iGErULiwInstall kubectlhttps://kubernetes.io/docs/tasks/tools/install-kubectl/Install MetalLBhttps://metallb.universe.tf/installation/kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.9.5/manifests/namespace.yamlkubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.9.5/manifests/metallb.yamlYou should only ever run this step once.kubectl create secret generic -n metallb-system memberlist --from-literal=secretkey=\"$(openssl rand -base64 128)\"sample config.yamlapiVersion: v1kind: ConfigMapmetadata: namespace: metallb-system name: configdata: config: | address-pools: - name: default protocol: layer2 addresses: - 192.168.1.240-192.168.1.250kubectl apply -f config.yamlTraefiktraefik sample answers yamlchange “staging: true” to “staging: false” once you confirm its all working to get the live certs--- defaultImage: true imageTag: \"1.7.14\" serviceType: \"LoadBalancer\" debug: enabled: false rbac: enabled: true ssl: enabled: true enforced: true permanentRedirect: false acme: enabled: true email: \"you@example.com\" onHostRule: true staging: true logging: true challengeType: \"dns-01\" dnsProvider: name: \"cloudflare\" existingSecretName: \"cloudflare-dns\" persistence: enabled: true dashboard: enabled: true domain: \"traefik.example.com\" auth: basic: \"\"Traefik Helmhttps://hub.helm.sh/charts/stable/traefikTraefik DNS Providershttps://docs.traefik.io/https/acme/#providersTroubleshootingBe sure that your Traefik yaml matches the code above exactly, including whitespace.Yaml is whitespace sensitive.Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Self-Host Code Server in Your Homelab -- VS Code in a Browser!", "url": "/posts/code-server-self-host/", "categories": "self-hosted", "tags": "homelab, rancher, kubernetes, docker, portainer, self-hosted, vscode", "date": "2020-08-08 09:00:00 -0500", "snippet": "Have you ever wanted to run VS Code in your browser? What if you had access to your terminal and could pull and commit code as well as push it up to GitHub all from a browser or tablet? That’s ex...", "content": "Have you ever wanted to run VS Code in your browser? What if you had access to your terminal and could pull and commit code as well as push it up to GitHub all from a browser or tablet? That’s exactly what code server does! In this tutorial we’ll walk through step by step of how to install and configure code server to get it self-hosted in your homelab.We’ll start with bare metal and virtualization and then work our way up to Docker, Kubernetes, and Rancher.Then, you don’t have to carry around your laptop anymore! You can preserve battery life on the go and leave the intensive tasks to your homelab server.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "How to Upgrade FreeNAS to TrueNAS", "url": "/posts/upgrade-freenas-to-truenas/", "categories": "truenas", "tags": "homelab, truenas", "date": "2020-08-01 09:00:00 -0500", "snippet": "Want to migrate FreeNAS to TrueNAS today? It’s simple using this step by step tutorial.We’ll walk through how to upgrade FreeNAS to TreNAS CORE.We’ll cover upgrading FreeNAS to TrueNAS on a physic...", "content": "Want to migrate FreeNAS to TrueNAS today? It’s simple using this step by step tutorial.We’ll walk through how to upgrade FreeNAS to TreNAS CORE.We’ll cover upgrading FreeNAS to TrueNAS on a physical machine (bare metal) as well as a virtualized install of FreeNAS. We’ll prepare our services, jails, plugins, virtual machines, pools, and disks for the migration and then upgrade each.We’ll even show you how to do an offline upgrade of TrueNAS and then how to upgrade a ZFS pool with newer feature flags.Finally we’ll walk through what’s different between TrueNAS and FreeNAS.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Proxmox Backup Server Install Tutorial", "url": "/posts/proxmox-backup-server/", "categories": "proxmox", "tags": "homelab, proxmox", "date": "2020-07-25 09:00:00 -0500", "snippet": "Proxmox Backup Server is an enterprise-class client-server backup software that backs up virtual machines, containers, and physical hosts.In this step by step tutorial, we install and configure Pro...", "content": "Proxmox Backup Server is an enterprise-class client-server backup software that backs up virtual machines, containers, and physical hosts.In this step by step tutorial, we install and configure Proxmox Backup Server (PBS) and back up all of our virtual machines. We’ll start with nothing and end up with a fully functional Proxmox Backup Server with a ZFS datastore you can use to back up and restore your machines today.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Homelab Services Tour -- What am I running on my Homelab?", "url": "/posts/homelab-services-tour-2020/", "categories": "homelab", "tags": "homelab, rancher, kubernetes, proxmox, truenas, docker", "date": "2020-07-18 09:00:00 -0500", "snippet": "In my homelab tour, I showed you my hardware and network setup that powers all the infrastructure at home.Then, many of you asked which services I am hosting on this hardware.Well, here it is.This...", "content": "In my homelab tour, I showed you my hardware and network setup that powers all the infrastructure at home.Then, many of you asked which services I am hosting on this hardware.Well, here it is.This is a tour of all the self hosted services I have running in my Homelab.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Techno Tim Homelab Tour -- Server Rack and Network", "url": "/posts/homelab-hardware-tour/", "categories": "homelab", "tags": "homelab, hardware", "date": "2020-07-11 09:00:00 -0500", "snippet": "You asked for a tour of my homelab, well here it is.In this tour I will take you through my home server rack and network setup.This includes my all of my home networking equipment, my servers, dis...", "content": "You asked for a tour of my homelab, well here it is.In this tour I will take you through my home server rack and network setup.This includes my all of my home networking equipment, my servers, disk array, and everything else in my server rack.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "How to Build a Slack Bot", "url": "/posts/slack-bot/", "categories": "coding", "tags": "coding, self-hosted, slack", "date": "2020-07-04 09:00:00 -0500", "snippet": "Slack is a great chat and communication tool used by small and large businesses as well as personal use.Slack has a great API and great official Node JS clients that help you automate many features...", "content": "Slack is a great chat and communication tool used by small and large businesses as well as personal use.Slack has a great API and great official Node JS clients that help you automate many features of Slack. If you’re thinking of building a bot for Slack, be sure to follow this step by step tutorial on how to build a Slack bot in JavaScript using the Slack API and the Node Slack SDK.With this SDK, we can connect to the Slack Web API and event hook into events using the RTM API and build a bot in just a few minutes that you can add to your Slack server today.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "How to Upgrade, Backup, and Restore Rancher 2", "url": "/posts/rancher-2-upgrade-backup-restore/", "categories": "kubernetes, rancher", "tags": "homelab, rancher, kubernetes", "date": "2020-06-27 09:00:00 -0500", "snippet": "It use to be hard to back up Rancher, but with Rancher 2 it’s super simple.Upgrading, backing up, and restoring your Rancher server should be part of your regular routine.Join me in this tutorial a...", "content": "It use to be hard to back up Rancher, but with Rancher 2 it’s super simple.Upgrading, backing up, and restoring your Rancher server should be part of your regular routine.Join me in this tutorial as we walk through backing up, upgrading, and restoring a single node Rancher Docker install in just a couple of minutes.Trust me, you’ll feel better after you do.📺 Watch Video Need to install Rancher? See my guide https://www.youtube.com/watch?v=YWqBxCIfxw4 See the full guide from Rancher https://rancher.com/docs/rancher/v2.x/en/upgrades/upgrades/single-node/ Upgrade & Backup Outline Create a copy of the data from your Rancher server container Create a backup tarball Pull the new Docker image Start the new Rancher server container Verify the Upgrade Clean up your old Rancher server containerSee all containersdocker psSee all containers including stopped onesdocker ps -aStop the containerdocker stop <RANCHER_CONTAINER_NAME>Create a data containerdocker create --volumes-from <RANCHER_CONTAINER_NAME> --name rancher-data-<DATE> rancher/rancher:<RANCHER_CONTAINER_TAG>Create a backup tarballdocker run --volumes-from rancher-data-<DATE> -v $PWD:/backup:z busybox tar pzcvf /backup/rancher-data-backup-<RANCHER_VERSION>-<DATE>.tar.gz /var/lib/rancherRun ls and you should see your tarballrancher-data-backup-v2.4.3-2020-06-21.tar.gzPull a new docker imagedocker pull rancher/rancher:<RANCHER_VERSION_TAG>Start your new rancher server container.Use the command you used to create your initial container, it looks something like this.docker run -d --restart=unless-stopped -p 9090:80 -p 9091:443 --privileged -v /opt/rancher:/var/lib/rancher --name=rancher_docker_server rancher/rancher:<RANCHER_VERSION>Check to see if it’s runningdocker psRestoring Rancher from BackupUse the command you used to create your initial container, it looks something like this.docker run -d --restart=unless-stopped -p 9090:80 -p 9091:443 --privileged -v /opt/rancher:/var/lib/rancher --name=rancher_docker_server rancher/rancher:<RANCHER_VERSION>Stop the containerdocker stop <RANCHER_CONTAINER_NAME>Delete state data and replace from backupdocker run --volumes-from <RANCHER_CONTAINER_NAME> -v $PWD:/backup \\busybox sh -c \"rm /var/lib/rancher/* -rf && \\tar pzxvf /backup/rancher-data-backup-<RANCHER_VERSION>-<DATE>.tar.gz\"Start the containerdocker start <RANCHER_CONTAINER_NAME>Unofficial WayBackupcd /optdocker stop rancher_docker_serverif this fails it means you named your container something else, find it by running docker pssudo tar czpf rancher-data-backup-VERSION-DATE-unofficial.tar.gz ranchersudo mv rancher-data-backup-VERSION-DATE-unofficial.tar.gz ~/ docker start rancher_docker_serverRestorecd /optdocker stop rancher_docker_serverif this fails it means you named your container something else, find it by running docker pssudo tar xzpf rancher-data-backup-VERSION-DATE-unofficial.tar.gz docker start rancher_docker_serverBackup scriptYour rancher server must be named similar to rancher_docker_server_v2.4.5 otherwise you’ll need to modify this.This will not work with latest tag, so be sure to pin your version.It will need to be run with sudo or scheduled in sudo crontab -erancher_backup.sh# go to rancher dircd /opt# get current rancher tagRANCHER_TAG=$(docker ps | grep rancher/rancher | grep -Eio 'rancher/rancher:.{0,6}' | sed 's/rancher\\/rancher://g')# date formatTODAY=`date -I`# stop docker containerdocker stop rancher_docker_server_$RANCHER_TAG# create tartar czpf rancher-data-backup-$RANCHER_TAG-$TODAY-unofficial.tar.gz rancher# move tarmv rancher-data-backup-$RANCHER_TAG-$TODAY-unofficial.tar.gz /home/USERNAME/backups/rancher_backups/# start serverdocker start rancher_docker_server_$RANCHER_TAGupgrading to a new versionNEW_VERSION_TAG=v2.4.8docker run -d --restart=unless-stopped -p 9090:80 -p 9091:443 --privileged -v /opt/rancher:/var/lib/rancher --name=rancher_docker_server_$NEW_VERSION_TAG rancher/rancher:$NEW_VERSION_TAGLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Meet Heimdall, Your Homelab Application Dashboard", "url": "/posts/heimdall-dashboard/", "categories": "self-hosted", "tags": "homelab, rancher, kubernetes, portainer, docker, heimdall, self-hosted", "date": "2020-06-20 09:00:00 -0500", "snippet": "Tired of bookmarking all of your self-hosted services only to lose them? Want access to all your sites from anywhere in the world? Well, Heimdall can help with a clean, responsive, and beautiful d...", "content": "Tired of bookmarking all of your self-hosted services only to lose them? Want access to all your sites from anywhere in the world? Well, Heimdall can help with a clean, responsive, and beautiful dashboard for all of your Homelab services. So join me in this tutorial as we install and configure Heimdall on Docker and Kubernetes and build a dashboard with live icons.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Home Assistant on Docker and Kubernetes (Open Source Home Automation)", "url": "/posts/home-assistant/", "categories": "self-hosted", "tags": "homelab, rancher, kubernetes, docker, portainer, self-hosted, home-assistant", "date": "2020-06-13 09:00:00 -0500", "snippet": "Are you ready to start automating your smart home with the power of open source? Do you already have Home Assistant running but need a little more power than a Raspberry Pi? If so, join me in thi...", "content": "Are you ready to start automating your smart home with the power of open source? Do you already have Home Assistant running but need a little more power than a Raspberry Pi? If so, join me in this easy to follow, step by step tutorial on installing Home Assistant on Docker, Kubernetes, and Rancher. We’ll set it up, walk through and configure the UI, and then move on to configure some Wemo smart switches, Phillips Hue bulbs, Google Home / Chromecast devices, and even create a Dark Mode / Light mode automation script using Phillips Hue Scenes!📺 Watch Videoconfiguration.yaml# Configure a default setup of Home Assistant (frontend, api, etc)default_config:# Text to speechtts: - platform: google_translategroup: !include groups.yamlautomation: !include automations.yamlscript: !include scripts.yamlscene: !include scenes.yamlwemo: discovery: truescripts.yaml'1591564249617': alias: Dark Mode sequence: - data: group_name: Office scene_name: Gaming service: hue.hue_activate_scene - device_id: f41ccf86433148dcbd8e932d1412f12a domain: switch entity_id: switch.gaming_lights type: turn_on'1591564322588': alias: Light Mode sequence: - data: group_name: Office scene_name: Energize service: hue.hue_activate_scene - device_id: f41ccf86433148dcbd8e932d1412f12a domain: switch entity_id: switch.gaming_lights type: turn_offLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Virtualize vs. Containerize (Which should I choose?)", "url": "/posts/virtualize-vs-containerize/", "categories": "homelab", "tags": "homelab, rancher, kubernetes, proxmox, docker, portainer", "date": "2020-06-06 09:00:00 -0500", "snippet": "Should I virtualize this? Should I containerize this? These are great questions to ask yourself when spinning up self-hosted services in your Homelab environment.We’ll review my previous video (2...", "content": "Should I virtualize this? Should I containerize this? These are great questions to ask yourself when spinning up self-hosted services in your Homelab environment.We’ll review my previous video (20 Ways to Use a Virtual Machine (and other ideas for your homelab) and decide which should run in a Docker container, which should be virtualized with Proxmox, and which should run on hardware as bare metal.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "PiHole on Docker and Kubernetes (I almost gave up)", "url": "/posts/pihole-containerized/", "categories": "self-hosted", "tags": "homelab, rancher, kubernetes, docker, portainer, self-hosted, pi-hole", "date": "2020-05-30 09:00:00 -0500", "snippet": "We know you’ve heard of Pihole and we know you are probably aware of how to install it but… have you tried running it on Docker and Kubernetes using Rancher? Have you configured it for pfSense? D...", "content": "We know you’ve heard of Pihole and we know you are probably aware of how to install it but… have you tried running it on Docker and Kubernetes using Rancher? Have you configured it for pfSense? Don’t worry, I figured out all the hard stuff for you.So let’s consolidate some hardware and services.📺 Watch VideoUbuntu Fixsudo apt-get updatesudo apt-get install resolvconfsudo nano /etc/resolvconf/resolv.conf.d/headenabled & start servicesudo systemctl enable resolvconf.servicesudo systemctl start resolvconf.serviceadd your upstream DNS (I use Quad9)nameserver 9.9.9.9update resolv.conf after adding nameserversudo resolvconf -uSet pi-hole passwordsudo pihole -a -pLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "4 Ways to Install Plex (one is unexpected)", "url": "/posts/plex-containerized/", "categories": "self-hosted", "tags": "homelab, rancher, kubernetes, portainer, docker, plex, self-hosted", "date": "2020-05-23 09:00:00 -0500", "snippet": "I’m a huge fan of virtualization and containerization (if you couldn’t tell already)! Today, we’ll walk though the various ways to install Plex step-by-step.We also see how easy it is to get Plex ...", "content": "I’m a huge fan of virtualization and containerization (if you couldn’t tell already)! Today, we’ll walk though the various ways to install Plex step-by-step.We also see how easy it is to get Plex running on Docker and Kubernetes using Rancher.📺 Watch VideoId for ContainerGet Id and Group Idid yourusernameShould see something like this:uid=1001(technotim) gid=1001(technotim) groups=1001(technotim),27(sudo),999(docker)Mount Shares During BootInstall cifs-utilssudo apt-get install cifs-utilsCreate credentials files for sharesudo nano /home/technotim/.smbcredentialsSet permissionschmod 600 ~/.smbcredentialsusername=yourUsyourusernameername password=yourPasswordEdit /etc/fstab//192.168.0.22/plex_media/movies /mnt/movies cifs credentials=/home/technotim/.smbcredentials 0 0//192.168.0.22/plex_media/music /mnt/music cifs credentials=/home/technotim/.smbcredentials 0 0Then reboot orsudo mount -ato mountLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "How to Virtualize Your Home Router / Firewall Using pfSense", "url": "/posts/proxmox-pfsense/", "categories": "homelab", "tags": "homelab, rancher, kubernetes", "date": "2020-05-16 09:00:00 -0500", "snippet": "It’s time to say goodbye to your home router and start virtualizing it using Proxmox and pfSense.pfSense Community Edition Download: https://www.pfsense.org/download/Get started with Proxmox today:...", "content": "It’s time to say goodbye to your home router and start virtualizing it using Proxmox and pfSense.pfSense Community Edition Download: https://www.pfsense.org/download/Get started with Proxmox today: https://www.youtube.com/watch?v=hdoBQNI_Ab8📺 Watch VideoEnable PCI Passthroughhttps://pve.proxmox.com/wiki/PCI(e)_PassthroughLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Setup and Best Settings for Streamlabs OBS on Mac", "url": "/posts/streamlabs-mac/", "categories": "streaming", "tags": "streaming, mac, streamlabs, obs", "date": "2020-05-09 09:00:00 -0500", "snippet": "Streamlabs OBS for MacOS is here! In this video we’ll walk through setting up Streamlabs step by step.We’ll install Streamlabs OBS, set up desktop audio with iShowU Audio Capture so you can captur...", "content": "Streamlabs OBS for MacOS is here! In this video we’ll walk through setting up Streamlabs step by step.We’ll install Streamlabs OBS, set up desktop audio with iShowU Audio Capture so you can capture desktop audio, configure our webcam and game capture with a Cam Link, set up our alerts, configure the best possible streaming settings for Streamlabs, adjust our streaming layout, and go live.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "How to Build a Twitch Bot Using TMI.JS (a moderator bot)", "url": "/posts/twitch-bot/", "categories": "coding", "tags": "coding, self-hosted, twitch, javascript", "date": "2020-05-03 09:00:00 -0500", "snippet": "Let’s build a bot! Not a bad bot like a view bot, but bot for good.Let’s build a Twitch moderator bot using tmi.js! The Twitch API is powerful and and already has lots of great bots however no bo...", "content": "Let’s build a bot! Not a bad bot like a view bot, but bot for good.Let’s build a Twitch moderator bot using tmi.js! The Twitch API is powerful and and already has lots of great bots however no bot has the flexibility of creating your own! In this video I will show you how to build a Twitch bot using TMI.JS from start to finish.You’ll see how to use the developer portal, set up oauth, set the correct scopes, get an access token, create a bot using JavaScript, NodeJS, and NPM, invite the bot to your Twitch channel, and have it moderate your chat.Also, We have made this bot open source and will continue to contribute to this bot.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "20 Ways to Use a Virtual Machine (and other ideas for your homelab)", "url": "/posts/20-ways-virtual-machine/", "categories": "homelab", "tags": "homelab, rancher, kubernetes", "date": "2020-04-26 09:00:00 -0500", "snippet": "Looking for new ideas on how to use your virtual machines? Well, here’s the top 20 ways to use your virtual machines in your homelab.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l....", "content": "Looking for new ideas on how to use your virtual machines? Well, here’s the top 20 ways to use your virtual machines in your homelab.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Convert ANY Desk to a STANDING Desk: Home Office Upgrade", "url": "/posts/office-upgrade/", "categories": "vlog", "tags": "homelab, office, hardware", "date": "2020-04-19 09:00:00 -0500", "snippet": "I decided to tear apart our office and convert my old Ikea hack table tops into a standing desk.Oh, and I also clamped on 3 - 27” 1440p gaming monitors while I was at it 😉📺 Watch VideoLinks🛍️ Check...", "content": "I decided to tear apart our office and convert my old Ikea hack table tops into a standing desk.Oh, and I also clamped on 3 - 27” 1440p gaming monitors while I was at it 😉📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Docker, Rancher, Kubernetes... Minecraft? (Setup and Install Tutorial)", "url": "/posts/docker-rancher-kubernetes/", "categories": "homelab", "tags": "homelab, rancher, kubernetes, docker, minecraft, gaming", "date": "2020-04-09 09:00:00 -0500", "snippet": "If you want to set up Kubernetes at home using Rancher to run Docker containers, this is the guide for you. This is a step by step tutorial of how to install and configure Rancher, Docker, and Kube...", "content": "If you want to set up Kubernetes at home using Rancher to run Docker containers, this is the guide for you. This is a step by step tutorial of how to install and configure Rancher, Docker, and Kubernetes for your homelab.In this video we set up and configure a Minecraft server in just a matter of minutes with some enterprise like features.You can use this same process to spin up other Docker containers at home on your server or desktop.📺 Watch VideoSee all the hardware I recommend at https://l.technotim.live/gearInstall DockerTo install docker, see this postInstall RancherThe two paths in the workload configuration need to be reversed: Path on the Node should be mc Mount Point should be /dataYou’ll want to use a command similar to this so that there aren’t any port conflicts with other services or kubernetes itself.Also, you may want to consider pinning your docker tag to a version other than latest to make backing up and upgrading easier. See here for the latest version.docker run -d --restart=unless-stopped -p 9090:80 -p 9091:443 --privileged -v /opt/rancher:/var/lib/rancher --name=rancher_docker_server rancher/rancher:latestTroubleshooting Make sure you have a static IP on your Rancher host Be sure to use the ports above if you want to add SSL later and use commands in future videos The new UI is now the “Cluster Explorer”.You can toggle between this and the “Cluser Manager” UI by clicking the button. Do not create workloads in the local cluster.This is a management cluster for Rancher.You should create new cluster for your workload, just like in this video.Links🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "How to Update Proxmox VE (No subscription required)", "url": "/posts/proxmox-update/", "categories": "proxmox", "tags": "homelab, proxmox", "date": "2020-04-02 09:00:00 -0500", "snippet": "Have you been thinking about updating your Proxmox VE server? Well, what are you waiting for? Upgrade your Proxmox server in your home lab in just a few minutes with this step-by-step tutorial!📺 ...", "content": "Have you been thinking about updating your Proxmox VE server? Well, what are you waiting for? Upgrade your Proxmox server in your home lab in just a few minutes with this step-by-step tutorial!📺 Watch VideoSee all the hardware I recommend at https://l.technotim.live/gearEdit /etc/apt/sources.listdeb http://ftp.us.debian.org/debian buster main contribdeb http://ftp.us.debian.org/debian buster-updates main contrib# security updatesdeb http://security.debian.org buster/updates main contrib# not for production usedeb http://download.proxmox.com/debian buster pve-no-subscriptionRunapt-get updateapt dist-upgradeLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Remote Gaming! (and Video Encoding using Proxmox and GPU Passthrough)", "url": "/posts/gpu-passthrough/", "categories": "homelab", "tags": "homelab, rancher, kubernetes", "date": "2020-03-26 09:00:00 -0500", "snippet": "Are you looking to build a remote gaming machine and passthrough your GPU to a virtual machine? Do you want to use GPU acceleration for transcoding Plex or Adobe Media Encoder? Do you dream of se...", "content": "Are you looking to build a remote gaming machine and passthrough your GPU to a virtual machine? Do you want to use GPU acceleration for transcoding Plex or Adobe Media Encoder? Do you dream of setting up Steam Link or Remote Play In Home Streaming and streaming games to any screen in your house? If so, this complete step-by-step guide of how to passthrough your Nvidia or AMD video card through to a guest VM using Proxmox VE! If not, well, please watch this anyway.📺 Watch Videoedit grub/etc/default/grubChange this line:GRUB_CMDLINE_LINUX_DEFAULT=\"quiet intel_iommu=on pcie_acs_override=downstream,multifunction video=efifb:eek:ff\"runupdate-grubrebootrebootEdit/etc/modulesvfiovfio_iommu_type1vfio_pcivfio_virqfdrebootreboot/etc/pve/qemu-server/qm.conf (will be something like 100.conf)agent: 1balloon: 4096bios: ovmfboot: cdnbootdisk: virtio0cores: 8cpu: host,hidden=1,flags=+pcidefidisk0: fast1:vm-100-disk-1,size=128Khostpci0: 02:00,pcie=1,x-vga=1hostpci1: 04:00.0,rombar=0ide0: none,media=cdrommachine: q35memory: 14336name: beamnuma: 0ostype: win10scsihw: virtio-scsi-pcismbios1: uuid=d6febb0d-4242-4bdb-8aea-7c03e7b5df0esockets: 1unused0: storage1:vm-100-disk-0unused1: slow1:vm-100-disk-0virtio0: fast1:vm-100-disk-0,size=80Gvmgenid: 524a58dd-7e3e-44f4-abf4-9de0f490d936Add your PCI deviceedit /etc/modprobe.d/pve-blacklist.confblacklist nvidiafbblacklist nvidiablacklist radeonblacklist nouveauTroubleshootingIf your Windows machine fails to boot, you may want to create a new Windows VM using UEFI rather than BIOS.If your motherboard has onboard GPU set in BIOS to use the onboard primarily or exclusively to free up PCIE GPULinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Virtualize Ubuntu Server with Proxmox VE", "url": "/posts/proxmox-ubuntu-server/", "categories": "proxmox", "tags": "proxmox, ubuntu, linux", "date": "2020-03-20 09:00:00 -0500", "snippet": "Do you need to virtualize Ubuntu Server with Proxmox? Join me as we install and configure Ubuntu Server LTS on Proxmox VE step-by-step using the best performance options.📺 Watch VideoLinks🛍️ Check ...", "content": "Do you need to virtualize Ubuntu Server with Proxmox? Join me as we install and configure Ubuntu Server LTS on Proxmox VE step-by-step using the best performance options.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Virtualize Windows 10 with Proxmox VE", "url": "/posts/proxmox-windows/", "categories": "proxmox", "tags": "proxmox, windows", "date": "2020-03-18 09:00:00 -0500", "snippet": "Do you need to virtualize Windows 10 with Proxmox? Join me as we install and configure Windows 10 on Proxmox VE step-by-step using the best performance options.📺 Watch VideoLinks🛍️ Check out the ne...", "content": "Do you need to virtualize Windows 10 with Proxmox? Join me as we install and configure Windows 10 on Proxmox VE step-by-step using the best performance options.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Proxmox VE Install and Setup Tutorial", "url": "/posts/proxmox-setup/", "categories": "homelab", "tags": "homelab, rancher, kubernetes", "date": "2020-03-14 09:00:00 -0500", "snippet": "Do you need to virtualize something at home? Thinking of building your own Homelab? (The answer is YES).Join me as we install and configure Proxmox VE step-by-step.📺 Watch VideoLinks🛍️ Check out t...", "content": "Do you need to virtualize something at home? Thinking of building your own Homelab? (The answer is YES).Join me as we install and configure Proxmox VE step-by-step.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Setting Up Windows for JavaScript Development THE RIGHT WAY (WSL Terminal NVM Node Yarn VS Code ZSH)", "url": "/posts/windows-developer-setup/", "categories": "coding", "tags": "windows, coding, javascript, wsl, nvm, zsh, node, windows, linux, ubuntu", "date": "2020-03-12 09:00:00 -0500", "snippet": "You want to get started developing JavaScript with NodeJS, ReactJS, or AngularJS but you’re not sure how to get started? This is a complete, step by step guide on how to configure your Windows mac...", "content": "You want to get started developing JavaScript with NodeJS, ReactJS, or AngularJS but you’re not sure how to get started? This is a complete, step by step guide on how to configure your Windows machines for JavaScript development the right way.You’ll learn how to install and configure Windows, the new Windows Terminal, WSL, Ubuntu, ZSH with Oh My ZSH, yarn, NPM, NVM, NodeJS, and VS Code.We’ll also configure our git client for SSH access to GitHub.This is the perfect beginner tutorial for anyone trying to develop software on a Windows PC.📺 Watch VideoUpdate Ubuntusudo apt-get updatesudo apt-get upgradeinstall zshellsudo apt-get install zshoh-my-zshCheck this site for the command https://ohmyz.sh/#installIt should be something like this:sh -c \"$(curl -fsSL https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh)\"nvmBe sure zshell and oh-my-zsh are working before continuingCheck this site for the command https://github.com/nvm-sh/nvmIt should be something like this, but be sure to use the version from the link abovecurl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.38.0/install.sh | bashIf nvm doesn’t work, check this https://youtu.be/kL8iGErULiw?t=507Close all terminals and all VS Code instances after doing this stepInstall Nodenvm install 12.16.1Install yarnBe sure nvm and node are working before continuingCheck this site for the latest command https://classic.yarnpkg.com/en/docs/install/#alternatives-stableIt should be something like this, but be sure to use the version from the link abovecurl -o- -L https://yarnpkg.com/install.sh | bashConfigure GitYou’ll want to follow this guide for configuring git.Be sure to follow the LINUX versionhttps://docs.github.com/en/github/using-git/getting-started-with-git-and-githubgit config --global user.name \"Techno Tim\"git config --global user.email \"your_email@example.com\"ssh-keygen -t rsa -b 4096 -C \"your_email@example.com\"eval $(ssh-agent -s)Cloning a repomkdir code && cd codeBe sure you choose the right repo before cloning, this is just an examplegit clone git@github.com:techno-tim/techno-boto-discord.gitcd techno-boto-discordyarnContinuing with the bot turotials Discord Bot https://www.youtube.com/watch?v=YSZcyz2-twQ Twitch Bot https://www.youtube.com/watch?v=7uSjKbAUHXg Slack Bot https://www.youtube.com/watch?v=AajBk59nOgwLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "How To Create an iSCSI Target with TrueNAS", "url": "/posts/iscsi-truenas/", "categories": "truenas", "tags": "homelab, rancher, kubernetes", "date": "2020-03-06 08:00:00 -0600", "snippet": "Setting up iSCSI with TrueNAS and Windows 10 is super simple with TrueNAS.This is an easy way to have a hard drive installed on your machine that isn’t really attached, it lives on the network.📺 Wa...", "content": "Setting up iSCSI with TrueNAS and Windows 10 is super simple with TrueNAS.This is an easy way to have a hard drive installed on your machine that isn’t really attached, it lives on the network.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "How to Install and Virtualize TrueNAS with Proxmox", "url": "/posts/virtualize-truenas/", "categories": "truenas", "tags": "truenas, proxmox, windows", "date": "2020-03-01 08:00:00 -0600", "snippet": "Do you want a DIY NAS? Do you want to set up TrueNAS? Have you considered virtualizing TrueNAS with Proxmox? In this video we’ll walk through installing and setting up TrueNAS and configure a sa...", "content": "Do you want a DIY NAS? Do you want to set up TrueNAS? Have you considered virtualizing TrueNAS with Proxmox? In this video we’ll walk through installing and setting up TrueNAS and configure a samba share for Windows.We’ll also install it on a virtual server using ProxmoxVE that’s running in my Homelab.Both are free and open source.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Let's Build a Discord Bot Using DiscordJS - Moderator Bot", "url": "/posts/discord-bot/", "categories": "coding", "tags": "coding, javascript, discord, self-hosted", "date": "2020-02-17 08:00:00 -0600", "snippet": "Let’s build a bot! Not a bad bot like a view bot, but bot for good.Let’s build a discord moderator bot using discord.js! Discord is powerful chat + video client and already has lots of great bots...", "content": "Let’s build a bot! Not a bad bot like a view bot, but bot for good.Let’s build a discord moderator bot using discord.js! Discord is powerful chat + video client and already has lots of great bots however no bot has the flexibility of creating your own! In this video I will show you how to build a discord bot using DiscordJS from start to finish.You’ll see how to use the developer portal, create a bot using JavaScript, NodeJS, and NPM, invite the bot to your Discord server and have it moderate some of your channels.We have made this bot open source and will continue to contribute to this bot.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Touch Portal vs. Stream Deck", "url": "/posts/touchportal-vs-streamdeck/", "categories": "streaming", "tags": "touch-portal, stream-deck, streaming, hardware", "date": "2020-02-02 08:00:00 -0600", "snippet": "Let’s compare Touch Portal to Stream Deck.We’ll walk through some of the similarities and differences between the free software Touch Portal and the Stream Deck hardware/software combination.We’ll ...", "content": "Let’s compare Touch Portal to Stream Deck.We’ll walk through some of the similarities and differences between the free software Touch Portal and the Stream Deck hardware/software combination.We’ll see if we can set up, configure in a step by step guide, and clone our Stream Deck interface for OBS using Touch Portal and a mobile device, we’ll review features and experiences, then we’ll choose a winner in the Touch Portal vs. Stream Deck face off!📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "Upgrade Your ROOM (One of the most OVERLOOKED stream upgrades!)", "url": "/posts/upgrade-your-room/", "categories": "streaming", "tags": "office, hardware, twitch", "date": "2020-01-20 08:00:00 -0600", "snippet": "There are so many upgrades out there for streaming, what do I start with? Video card? Microphone? Audio? CPU? RAM? Lights? I started with one that is overlooked by many streamers, and it’s the roo...", "content": "There are so many upgrades out there for streaming, what do I start with? Video card? Microphone? Audio? CPU? RAM? Lights? I started with one that is overlooked by many streamers, and it’s the room I stream in.So come along with me as give a tour of my stream room makeover! Hopefully this video gives you some stream background ideas for sofas, lights, smart LED lights, accent lighting, coffee tables, plants, rugs, bookshelves, and even Hyrule Historia as I walk through my stream studio setup!📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "BEST OBS Streaming Settings 2021! 🔴 (Quality, Frame Rate, Bit Rate, Audio, 1080p 60/FPS & MORE!)", "url": "/posts/obs-best-settings/", "categories": "streaming", "tags": "obs, twitch, streaming", "date": "2020-01-14 08:00:00 -0600", "snippet": "Do you want the best settings for OBS in 2020? This is the ultimate OBS settings guide with the BEST OBS settings for streaming Fortnite, Just Chatting APEX Legends, PUBG, or really ANY game.This v...", "content": "Do you want the best settings for OBS in 2020? This is the ultimate OBS settings guide with the BEST OBS settings for streaming Fortnite, Just Chatting APEX Legends, PUBG, or really ANY game.This video includes the best settings for quality, frame rate, bit rate, and audio for streaming at 60 frames per second (FPS) at 1080p (max settings for streamers).This guide works with OBS Studio, Streamlabs OBS (SLOBS), and OBS.LIVE (from StreamElements).I also include various Windows settings and tweaks to give you the best performance while streaming.I even cover the new NVENC settings (NVIDIA NVENC H.264 (new) ) for NVidia graphics cards with Turing Architecture. This is a great guide for anyone who wants to tweak their existing settings or have just installed it for the first time with the default settings.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" }, { "title": "GoXLR WITH WIRELESS HEADSET - Connect ANY wireless bluetooth headphones", "url": "/posts/goxlr-wireless/", "categories": "streaming", "tags": "goxlr, streaming, twitch, hardware", "date": "2020-01-07 08:00:00 -0600", "snippet": "Connect any wireless headset to a GoXLR or GoXLR mini. In this video, I show you how you can connect any pair of wireless bluetooth headphones to a GoXLR or GoXLR mini.They can be AirPods, Beats, B...", "content": "Connect any wireless headset to a GoXLR or GoXLR mini. In this video, I show you how you can connect any pair of wireless bluetooth headphones to a GoXLR or GoXLR mini.They can be AirPods, Beats, Beats Wireless Pro, Bose, or any other wireless bluetooth headset.You can use this bluetooth adapter transmitter to stream while using the GoXLR or GoXLR mini.I bought these products with my own money because I thought they were cool.Nothing in this video was sponsored.📺 Watch VideoLinks🛍️ Check out the new Merch Shop at https://l.technotim.live/shop⚙️ See all the hardware I recommend at https://l.technotim.live/gear🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files" } ] diff --git a/assets/js/data/swconf.js b/assets/js/data/swconf.js new file mode 100644 index 0000000000..940a5ea2ed --- /dev/null +++ b/assets/js/data/swconf.js @@ -0,0 +1 @@ +const swconf = { purge: true }; diff --git a/assets/js/dist/app.min.js b/assets/js/dist/app.min.js new file mode 100644 index 0000000000..91623ebcea --- /dev/null +++ b/assets/js/dist/app.min.js @@ -0,0 +1 @@ +if ('serviceWorker' in navigator) { const isEnabled = 'false' === 'true'; if (isEnabled) { const swUrl = '/sw.min.js'; const $notification = $('#notification'); const $btnRefresh = $('#notification .toast-body>button'); navigator.serviceWorker.register(swUrl).then((registration) => { if (registration.waiting) { $notification.toast('show'); } registration.addEventListener('updatefound', () => { registration.installing.addEventListener('statechange', () => { if (registration.waiting) { if (navigator.serviceWorker.controller) { $notification.toast('show'); } } }); }); $btnRefresh.on('click', () => { if (registration.waiting) { registration.waiting.postMessage('SKIP_WAITING'); } $notification.toast('hide'); }); }); let refreshing = false; navigator.serviceWorker.addEventListener('controllerchange', () => { if (!refreshing) { window.location.reload(); refreshing = true; } }); } else { navigator.serviceWorker.getRegistrations().then(function (registrations) { for (let registration of registrations) { registration.unregister(); } }); } } diff --git a/assets/js/dist/categories.min.js b/assets/js/dist/categories.min.js new file mode 100644 index 0000000000..6c2db9db8d --- /dev/null +++ b/assets/js/dist/categories.min.js @@ -0,0 +1,4 @@ +/*! + * Chirpy v6.5.5 | © 2019 Cotes Chung | MIT Licensed | https://github.com/cotes2020/jekyll-theme-chirpy/ + */ +!function(){"use strict";const o=$(".mode-toggle");function s(o){var s=function(o,s){if("object"!=typeof o||!o)return o;var t=o[Symbol.toPrimitive];if(void 0!==t){var e=t.call(o,s||"default");if("object"!=typeof e)return e;throw new TypeError("@@toPrimitive must return a primitive value.")}return("string"===s?String:Number)(o)}(o,"string");return"symbol"==typeof s?s:s+""}function t(o,t,e){return(t=s(t))in o?Object.defineProperty(o,t,{value:e,enumerable:!0,configurable:!0,writable:!0}):o[t]=e,o}const e=$("body"),a="sidebar-display";class r{static toggle(){!1===r.isExpanded?e.attr(a,""):e.removeAttr(a),r.isExpanded=!r.isExpanded}}t(r,"isExpanded",!1);const l=$("#sidebar-trigger"),n=$("#search-trigger"),i=$("#search-cancel"),c=$("#main-wrapper>.container>.row"),f=$("#topbar-title"),d=$("search"),u=$("#search-result-wrapper"),p=$("#search-results"),b=$("#search-input"),m=$("#search-hints"),g=$("html,body"),C="loaded",v="unloaded",h="input-focus",w="d-flex";class y{static on(){y.offset=window.scrollY,g.scrollTop(0)}static off(){g.scrollTop(y.offset)}}t(y,"offset",0),t(y,"resultVisible",!1);class k{static on(){l.addClass(v),f.addClass(v),n.addClass(v),d.addClass(w),i.addClass(C)}static off(){i.removeClass(C),d.removeClass(w),l.removeClass(v),f.removeClass(v),n.removeClass(v)}}class T{static on(){y.resultVisible||(y.on(),u.removeClass(v),c.addClass(v),y.resultVisible=!0)}static off(){y.resultVisible&&(p.empty(),m.hasClass(v)&&m.removeClass(v),u.addClass(v),c.removeClass(v),y.off(),b.val(""),y.resultVisible=!1)}}function x(){return i.hasClass(C)}const E=$(".collapse");$(".code-header>button").children().attr("class"),function(){const o=$(window),s=$("#back-to-top");o.on("scroll",(()=>{o.scrollTop()>50?s.fadeIn():s.fadeOut()})),s.on("click",(()=>{o.scrollTop(0)}))}(),[...document.querySelectorAll('[data-bs-toggle="tooltip"]')].map((o=>new bootstrap.Tooltip(o))),0!==o.length&&o.off().on("click",(o=>{const s=$(o.target);let t=s.prop("tagName")==="button".toUpperCase()?s:s.parent();modeToggle.flipMode(),t.trigger("blur")})),$("#sidebar-trigger").on("click",r.toggle),$("#mask").on("click",r.toggle),n.on("click",(function(){k.on(),T.on(),b.trigger("focus")})),i.on("click",(function(){k.off(),T.off()})),b.on("focus",(function(){d.addClass(h)})),b.on("focusout",(function(){d.removeClass(h)})),b.on("input",(()=>{""===b.val()?x()?m.removeClass(v):T.off():(T.on(),x()&&m.addClass(v))})),E.on("hide.bs.collapse",(function(){const o="h_"+$(this).attr("id").substring(2);o&&($("#".concat(o," .far.fa-folder-open")).attr("class","far fa-folder fa-fw"),$("#".concat(o," i.fas")).addClass("rotate"),$("#".concat(o)).removeClass("hide-border-bottom"))})),E.on("show.bs.collapse",(function(){const o="h_"+$(this).attr("id").substring(2);o&&($("#".concat(o," .far.fa-folder")).attr("class","far fa-folder-open fa-fw"),$("#".concat(o," i.fas")).removeClass("rotate"),$("#".concat(o)).addClass("hide-border-bottom"))}))}(); diff --git a/assets/js/dist/commons.min.js b/assets/js/dist/commons.min.js new file mode 100644 index 0000000000..c3552d55f2 --- /dev/null +++ b/assets/js/dist/commons.min.js @@ -0,0 +1,4 @@ +/*! + * Chirpy v6.5.5 | © 2019 Cotes Chung | MIT Licensed | https://github.com/cotes2020/jekyll-theme-chirpy/ + */ +!function(){"use strict";const e=$(".mode-toggle");function s(e){var s=function(e,s){if("object"!=typeof e||!e)return e;var o=e[Symbol.toPrimitive];if(void 0!==o){var t=o.call(e,s||"default");if("object"!=typeof t)return t;throw new TypeError("@@toPrimitive must return a primitive value.")}return("string"===s?String:Number)(e)}(e,"string");return"symbol"==typeof s?s:s+""}function o(e,o,t){return(o=s(o))in e?Object.defineProperty(e,o,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[o]=t,e}const t=$("body"),r="sidebar-display";class a{static toggle(){!1===a.isExpanded?t.attr(r,""):t.removeAttr(r),a.isExpanded=!a.isExpanded}}o(a,"isExpanded",!1);const l=$("#sidebar-trigger"),i=$("#search-trigger"),n=$("#search-cancel"),c=$("#main-wrapper>.container>.row"),d=$("#topbar-title"),f=$("search"),u=$("#search-result-wrapper"),p=$("#search-results"),g=$("#search-input"),m=$("#search-hints"),b=$("html,body"),v="loaded",C="unloaded",h="input-focus",y="d-flex";class w{static on(){w.offset=window.scrollY,b.scrollTop(0)}static off(){b.scrollTop(w.offset)}}o(w,"offset",0),o(w,"resultVisible",!1);class k{static on(){l.addClass(C),d.addClass(C),i.addClass(C),f.addClass(y),n.addClass(v)}static off(){n.removeClass(v),f.removeClass(y),l.removeClass(C),d.removeClass(C),i.removeClass(C)}}class T{static on(){w.resultVisible||(w.on(),u.removeClass(C),c.addClass(C),w.resultVisible=!0)}static off(){w.resultVisible&&(p.empty(),m.hasClass(C)&&m.removeClass(C),u.addClass(C),c.removeClass(C),w.off(),g.val(""),w.resultVisible=!1)}}function x(){return n.hasClass(v)}!function(){const e=$(window),s=$("#back-to-top");e.on("scroll",(()=>{e.scrollTop()>50?s.fadeIn():s.fadeOut()})),s.on("click",(()=>{e.scrollTop(0)}))}(),[...document.querySelectorAll('[data-bs-toggle="tooltip"]')].map((e=>new bootstrap.Tooltip(e))),0!==e.length&&e.off().on("click",(e=>{const s=$(e.target);let o=s.prop("tagName")==="button".toUpperCase()?s:s.parent();modeToggle.flipMode(),o.trigger("blur")})),$("#sidebar-trigger").on("click",a.toggle),$("#mask").on("click",a.toggle),i.on("click",(function(){k.on(),T.on(),g.trigger("focus")})),n.on("click",(function(){k.off(),T.off()})),g.on("focus",(function(){f.addClass(h)})),g.on("focusout",(function(){f.removeClass(h)})),g.on("input",(()=>{""===g.val()?x()?m.removeClass(C):T.off():(T.on(),x()&&m.addClass(C))}))}(); diff --git a/assets/js/dist/home.min.js b/assets/js/dist/home.min.js new file mode 100644 index 0000000000..a11fedb4ce --- /dev/null +++ b/assets/js/dist/home.min.js @@ -0,0 +1,4 @@ +/*! + * Chirpy v6.5.5 | © 2019 Cotes Chung | MIT Licensed | https://github.com/cotes2020/jekyll-theme-chirpy/ + */ +!function(){"use strict";const t=$(".mode-toggle");function e(t){var e=function(t,e){if("object"!=typeof t||!t)return t;var a=t[Symbol.toPrimitive];if(void 0!==a){var s=a.call(t,e||"default");if("object"!=typeof s)return s;throw new TypeError("@@toPrimitive must return a primitive value.")}return("string"===e?String:Number)(t)}(t,"string");return"symbol"==typeof e?e:e+""}function a(t,a,s){return(a=e(a))in t?Object.defineProperty(t,a,{value:s,enumerable:!0,configurable:!0,writable:!0}):t[a]=s,t}const s=$("body"),o="sidebar-display";class r{static toggle(){!1===r.isExpanded?s.attr(o,""):s.removeAttr(o),r.isExpanded=!r.isExpanded}}a(r,"isExpanded",!1);const i=$("#sidebar-trigger"),l=$("#search-trigger"),n=$("#search-cancel"),c=$("#main-wrapper>.container>.row"),d=$("#topbar-title"),u=$("search"),m=$("#search-result-wrapper"),f=$("#search-results"),p=$("#search-input"),g=$("#search-hints"),h=$("html,body"),b="loaded",v="unloaded",C="input-focus",y="d-flex";class w{static on(){w.offset=window.scrollY,h.scrollTop(0)}static off(){h.scrollTop(w.offset)}}a(w,"offset",0),a(w,"resultVisible",!1);class T{static on(){i.addClass(v),d.addClass(v),l.addClass(v),u.addClass(y),n.addClass(b)}static off(){n.removeClass(b),u.removeClass(y),i.removeClass(v),d.removeClass(v),l.removeClass(v)}}class k{static on(){w.resultVisible||(w.on(),m.removeClass(v),c.addClass(v),w.resultVisible=!0)}static off(){w.resultVisible&&(f.empty(),g.hasClass(v)&&g.removeClass(v),m.addClass(v),c.removeClass(v),w.off(),p.val(""),w.resultVisible=!1)}}function x(){return n.hasClass(b)}$(".collapse");$(".code-header>button").children().attr("class");const E="data-src",j="data-lqip",M={SHIMMER:"shimmer",BLUR:"blur"};function A(t){$(this).parent().removeClass(t)}function F(){this.complete&&(this.hasAttribute(j)?A.call(this,M.BLUR):A.call(this,M.SHIMMER))}function R(){const t=$(this),e=t.attr(E);t.attr("src",encodeURI(e)),t.removeAttr(E)}class S{static get attrTimestamp(){return"data-ts"}static get attrDateFormat(){return"data-df"}static get locale(){return $("html").attr("lang").substring(0,2)}static getTimestamp(t){return Number(t.attr(S.attrTimestamp))}static getDateFormat(t){return t.attr(S.attrDateFormat)}}!function(){const t=$(window),e=$("#back-to-top");t.on("scroll",(()=>{t.scrollTop()>50?e.fadeIn():e.fadeOut()})),e.on("click",(()=>{t.scrollTop(0)}))}(),[...document.querySelectorAll('[data-bs-toggle="tooltip"]')].map((t=>new bootstrap.Tooltip(t))),0!==t.length&&t.off().on("click",(t=>{const e=$(t.target);let a=e.prop("tagName")==="button".toUpperCase()?e:e.parent();modeToggle.flipMode(),a.trigger("blur")})),$("#sidebar-trigger").on("click",r.toggle),$("#mask").on("click",r.toggle),l.on("click",(function(){T.on(),k.on(),p.trigger("focus")})),n.on("click",(function(){T.off(),k.off()})),p.on("focus",(function(){u.addClass(C)})),p.on("focusout",(function(){u.removeClass(C)})),p.on("input",(()=>{""===p.val()?x()?g.removeClass(v):k.off():(k.on(),x()&&g.addClass(v))})),dayjs.locale(S.locale),dayjs.extend(window.dayjs_plugin_localizedFormat),$("[".concat(S.attrTimestamp,"]")).each((function(){const t=dayjs.unix(S.getTimestamp($(this))),e=t.format(S.getDateFormat($(this)));$(this).text(e),$(this).removeAttr(S.attrTimestamp),$(this).removeAttr(S.attrDateFormat);const a=$(this).attr("data-bs-toggle");if(void 0===a||"tooltip"!==a)return;const s=t.format("llll");$(this).attr("data-bs-title",s),new bootstrap.Tooltip($(this))})),function(){const t=$("article img");t.length&&t.on("load",F),$('article img[loading="lazy"]').each((function(){this.complete&&A.call(this,M.SHIMMER)}));const e=$("article img[".concat(j,'="true"]'));e.length&&e.each(R)}()}(); diff --git a/assets/js/dist/misc.min.js b/assets/js/dist/misc.min.js new file mode 100644 index 0000000000..faf631fb0b --- /dev/null +++ b/assets/js/dist/misc.min.js @@ -0,0 +1,4 @@ +/*! + * Chirpy v6.5.5 | © 2019 Cotes Chung | MIT Licensed | https://github.com/cotes2020/jekyll-theme-chirpy/ + */ +!function(){"use strict";const t=$(".mode-toggle");function e(t){var e=function(t,e){if("object"!=typeof t||!t)return t;var a=t[Symbol.toPrimitive];if(void 0!==a){var s=a.call(t,e||"default");if("object"!=typeof s)return s;throw new TypeError("@@toPrimitive must return a primitive value.")}return("string"===e?String:Number)(t)}(t,"string");return"symbol"==typeof e?e:e+""}function a(t,a,s){return(a=e(a))in t?Object.defineProperty(t,a,{value:s,enumerable:!0,configurable:!0,writable:!0}):t[a]=s,t}const s=$("body"),o="sidebar-display";class r{static toggle(){!1===r.isExpanded?s.attr(o,""):s.removeAttr(o),r.isExpanded=!r.isExpanded}}a(r,"isExpanded",!1);const l=$("#sidebar-trigger"),i=$("#search-trigger"),n=$("#search-cancel"),c=$("#main-wrapper>.container>.row"),d=$("#topbar-title"),u=$("search"),f=$("#search-result-wrapper"),m=$("#search-results"),p=$("#search-input"),g=$("#search-hints"),b=$("html,body"),h="loaded",v="unloaded",C="input-focus",y="d-flex";class w{static on(){w.offset=window.scrollY,b.scrollTop(0)}static off(){b.scrollTop(w.offset)}}a(w,"offset",0),a(w,"resultVisible",!1);class T{static on(){l.addClass(v),d.addClass(v),i.addClass(v),u.addClass(y),n.addClass(h)}static off(){n.removeClass(h),u.removeClass(y),l.removeClass(v),d.removeClass(v),i.removeClass(v)}}class k{static on(){w.resultVisible||(w.on(),f.removeClass(v),c.addClass(v),w.resultVisible=!0)}static off(){w.resultVisible&&(m.empty(),g.hasClass(v)&&g.removeClass(v),f.addClass(v),c.removeClass(v),w.off(),p.val(""),w.resultVisible=!1)}}function x(){return n.hasClass(h)}$(".collapse");$(".code-header>button").children().attr("class");class j{static get attrTimestamp(){return"data-ts"}static get attrDateFormat(){return"data-df"}static get locale(){return $("html").attr("lang").substring(0,2)}static getTimestamp(t){return Number(t.attr(j.attrTimestamp))}static getDateFormat(t){return t.attr(j.attrDateFormat)}}!function(){const t=$(window),e=$("#back-to-top");t.on("scroll",(()=>{t.scrollTop()>50?e.fadeIn():e.fadeOut()})),e.on("click",(()=>{t.scrollTop(0)}))}(),[...document.querySelectorAll('[data-bs-toggle="tooltip"]')].map((t=>new bootstrap.Tooltip(t))),0!==t.length&&t.off().on("click",(t=>{const e=$(t.target);let a=e.prop("tagName")==="button".toUpperCase()?e:e.parent();modeToggle.flipMode(),a.trigger("blur")})),$("#sidebar-trigger").on("click",r.toggle),$("#mask").on("click",r.toggle),i.on("click",(function(){T.on(),k.on(),p.trigger("focus")})),n.on("click",(function(){T.off(),k.off()})),p.on("focus",(function(){u.addClass(C)})),p.on("focusout",(function(){u.removeClass(C)})),p.on("input",(()=>{""===p.val()?x()?g.removeClass(v):k.off():(k.on(),x()&&g.addClass(v))})),dayjs.locale(j.locale),dayjs.extend(window.dayjs_plugin_localizedFormat),$("[".concat(j.attrTimestamp,"]")).each((function(){const t=dayjs.unix(j.getTimestamp($(this))),e=t.format(j.getDateFormat($(this)));$(this).text(e),$(this).removeAttr(j.attrTimestamp),$(this).removeAttr(j.attrDateFormat);const a=$(this).attr("data-bs-toggle");if(void 0===a||"tooltip"!==a)return;const s=t.format("llll");$(this).attr("data-bs-title",s),new bootstrap.Tooltip($(this))}))}(); diff --git a/assets/js/dist/page.min.js b/assets/js/dist/page.min.js new file mode 100644 index 0000000000..b3f3049464 --- /dev/null +++ b/assets/js/dist/page.min.js @@ -0,0 +1,4 @@ +/*! + * Chirpy v6.5.5 | © 2019 Cotes Chung | MIT Licensed | https://github.com/cotes2020/jekyll-theme-chirpy/ + */ +!function(){"use strict";const t=$(".mode-toggle");function e(t){var e=function(t,e){if("object"!=typeof t||!t)return t;var o=t[Symbol.toPrimitive];if(void 0!==o){var s=o.call(t,e||"default");if("object"!=typeof s)return s;throw new TypeError("@@toPrimitive must return a primitive value.")}return("string"===e?String:Number)(t)}(t,"string");return"symbol"==typeof e?e:e+""}function o(t,o,s){return(o=e(o))in t?Object.defineProperty(t,o,{value:s,enumerable:!0,configurable:!0,writable:!0}):t[o]=s,t}const s=$("body"),a="sidebar-display";class n{static toggle(){!1===n.isExpanded?s.attr(a,""):s.removeAttr(a),n.isExpanded=!n.isExpanded}}o(n,"isExpanded",!1);const r=$("#sidebar-trigger"),i=$("#search-trigger"),l=$("#search-cancel"),c=$("#main-wrapper>.container>.row"),u=$("#topbar-title"),d=$("search"),f=$("#search-result-wrapper"),p=$("#search-results"),m=$("#search-input"),g=$("#search-hints"),h=$("html,body"),b="loaded",v="unloaded",C="input-focus",w="d-flex";class y{static on(){y.offset=window.scrollY,h.scrollTop(0)}static off(){h.scrollTop(y.offset)}}o(y,"offset",0),o(y,"resultVisible",!1);class k{static on(){r.addClass(v),u.addClass(v),i.addClass(v),d.addClass(w),l.addClass(b)}static off(){l.removeClass(b),d.removeClass(w),r.removeClass(v),u.removeClass(v),i.removeClass(v)}}class S{static on(){y.resultVisible||(y.on(),f.removeClass(v),c.addClass(v),y.resultVisible=!0)}static off(){y.resultVisible&&(p.empty(),g.hasClass(v)&&g.removeClass(v),f.addClass(v),c.removeClass(v),y.off(),m.val(""),y.resultVisible=!1)}}function T(){return l.hasClass(b)}$(".collapse");const E=".code-header>button",A="fas fa-check",x="timeout",M="data-title-succeed",R="data-bs-original-title",I=2e3;function V(t){if($(t)[0].hasAttribute(x)){let e=$(t).attr(x);if(Number(e)>Date.now())return!0}return!1}function q(t){$(t).attr(x,Date.now()+I)}function N(t){$(t).removeAttr(x)}const P=$(E).children().attr("class");const U="data-src",j="data-lqip",B={SHIMMER:"shimmer",BLUR:"blur"};function H(t){$(this).parent().removeClass(t)}function O(){this.complete&&(this.hasAttribute(j)?H.call(this,B.BLUR):H.call(this,B.SHIMMER))}function z(){const t=$(this),e=t.attr(U);t.attr("src",encodeURI(e)),t.removeAttr(U)}!function(){const t=$(window),e=$("#back-to-top");t.on("scroll",(()=>{t.scrollTop()>50?e.fadeIn():e.fadeOut()})),e.on("click",(()=>{t.scrollTop(0)}))}(),[...document.querySelectorAll('[data-bs-toggle="tooltip"]')].map((t=>new bootstrap.Tooltip(t))),0!==t.length&&t.off().on("click",(t=>{const e=$(t.target);let o=e.prop("tagName")==="button".toUpperCase()?e:e.parent();modeToggle.flipMode(),o.trigger("blur")})),$("#sidebar-trigger").on("click",n.toggle),$("#mask").on("click",n.toggle),i.on("click",(function(){k.on(),S.on(),m.trigger("focus")})),l.on("click",(function(){k.off(),S.off()})),m.on("focus",(function(){d.addClass(C)})),m.on("focusout",(function(){d.removeClass(C)})),m.on("input",(()=>{""===m.val()?T()?g.removeClass(v):S.off():(S.on(),T()&&g.addClass(v))})),function(){const t=$("article img");t.length&&t.on("load",O),$('article img[loading="lazy"]').each((function(){this.complete&&H.call(this,B.SHIMMER)}));const e=$("article img[".concat(j,'="true"]'));e.length&&e.each(z)}(),$(".popup")<=0||$(".popup").magnificPopup({type:"image",closeOnContentClick:!0,showCloseBtn:!1,zoom:{enabled:!0,duration:300,easing:"ease-in-out"}}),function(){if($(E).length){const t=new ClipboardJS(E,{target:t=>t.parentNode.nextElementSibling.querySelector("code .rouge-code")});[...document.querySelectorAll(E)].map((t=>new bootstrap.Tooltip(t,{placement:"left"}))),t.on("success",(t=>{t.clearSelection();const e=t.trigger;V(e)||(!function(t){$(t).children().attr("class",A)}(e),function(t){const e=$(t).attr(M);$(t).attr(R,e).tooltip("show")}(e),q(e),setTimeout((()=>{!function(t){$(t).tooltip("hide").removeAttr(R)}(e),function(t){$(t).children().attr("class",P)}(e),N(e)}),I))}))}const t=$("#copy-link");t.on("click",(t=>{let e=$(t.target);V(e)||navigator.clipboard.writeText(window.location.href).then((()=>{const t=e.attr(R),o=e.attr(M);e.attr(R,o).tooltip("show"),q(e),setTimeout((()=>{e.attr(R,t),N(e)}),I)}))})),t.on("mouseleave",(function(t){$(t.target).tooltip("hide")}))}()}(); diff --git a/assets/js/dist/post.min.js b/assets/js/dist/post.min.js new file mode 100644 index 0000000000..5715b3c677 --- /dev/null +++ b/assets/js/dist/post.min.js @@ -0,0 +1,4 @@ +/*! + * Chirpy v6.5.5 | © 2019 Cotes Chung | MIT Licensed | https://github.com/cotes2020/jekyll-theme-chirpy/ + */ +!function(){"use strict";const t=$(".mode-toggle");function e(t){var e=function(t,e){if("object"!=typeof t||!t)return t;var o=t[Symbol.toPrimitive];if(void 0!==o){var a=o.call(t,e||"default");if("object"!=typeof a)return a;throw new TypeError("@@toPrimitive must return a primitive value.")}return("string"===e?String:Number)(t)}(t,"string");return"symbol"==typeof e?e:e+""}function o(t,o,a){return(o=e(o))in t?Object.defineProperty(t,o,{value:a,enumerable:!0,configurable:!0,writable:!0}):t[o]=a,t}const a=$("body"),r="sidebar-display";class s{static toggle(){!1===s.isExpanded?a.attr(r,""):a.removeAttr(r),s.isExpanded=!s.isExpanded}}o(s,"isExpanded",!1);const i=$("#sidebar-trigger"),n=$("#search-trigger"),l=$("#search-cancel"),c=$("#main-wrapper>.container>.row"),u=$("#topbar-title"),d=$("search"),m=$("#search-result-wrapper"),f=$("#search-results"),p=$("#search-input"),g=$("#search-hints"),h=$("html,body"),b="loaded",v="unloaded",C="input-focus",w="d-flex";class y{static on(){y.offset=window.scrollY,h.scrollTop(0)}static off(){h.scrollTop(y.offset)}}o(y,"offset",0),o(y,"resultVisible",!1);class T{static on(){i.addClass(v),u.addClass(v),n.addClass(v),d.addClass(w),l.addClass(b)}static off(){l.removeClass(b),d.removeClass(w),i.removeClass(v),u.removeClass(v),n.removeClass(v)}}class S{static on(){y.resultVisible||(y.on(),m.removeClass(v),c.addClass(v),y.resultVisible=!0)}static off(){y.resultVisible&&(f.empty(),g.hasClass(v)&&g.removeClass(v),m.addClass(v),c.removeClass(v),y.off(),p.val(""),y.resultVisible=!1)}}function k(){return l.hasClass(b)}$(".collapse");const x=".code-header>button",A="fas fa-check",E="timeout",j="data-title-succeed",D="data-bs-original-title",M=2e3;function F(t){if($(t)[0].hasAttribute(E)){let e=$(t).attr(E);if(Number(e)>Date.now())return!0}return!1}function R(t){$(t).attr(E,Date.now()+M)}function q(t){$(t).removeAttr(E)}const I=$(x).children().attr("class");const N="data-src",V="data-lqip",P={SHIMMER:"shimmer",BLUR:"blur"};function U(t){$(this).parent().removeClass(t)}function z(){this.complete&&(this.hasAttribute(V)?U.call(this,P.BLUR):U.call(this,P.SHIMMER))}function B(){const t=$(this),e=t.attr(N);t.attr("src",encodeURI(e)),t.removeAttr(N)}class H{static get attrTimestamp(){return"data-ts"}static get attrDateFormat(){return"data-df"}static get locale(){return $("html").attr("lang").substring(0,2)}static getTimestamp(t){return Number(t.attr(H.attrTimestamp))}static getDateFormat(t){return t.attr(H.attrDateFormat)}}0!==t.length&&t.off().on("click",(t=>{const e=$(t.target);let o=e.prop("tagName")==="button".toUpperCase()?e:e.parent();modeToggle.flipMode(),o.trigger("blur")})),$("#sidebar-trigger").on("click",s.toggle),$("#mask").on("click",s.toggle),n.on("click",(function(){T.on(),S.on(),p.trigger("focus")})),l.on("click",(function(){T.off(),S.off()})),p.on("focus",(function(){d.addClass(C)})),p.on("focusout",(function(){d.removeClass(C)})),p.on("input",(()=>{""===p.val()?k()?g.removeClass(v):S.off():(S.on(),k()&&g.addClass(v))})),function(){const t=$("article img");t.length&&t.on("load",z),$('article img[loading="lazy"]').each((function(){this.complete&&U.call(this,P.SHIMMER)}));const e=$("article img[".concat(V,'="true"]'));e.length&&e.each(B)}(),$(".popup")<=0||$(".popup").magnificPopup({type:"image",closeOnContentClick:!0,showCloseBtn:!1,zoom:{enabled:!0,duration:300,easing:"ease-in-out"}}),dayjs.locale(H.locale),dayjs.extend(window.dayjs_plugin_localizedFormat),$("[".concat(H.attrTimestamp,"]")).each((function(){const t=dayjs.unix(H.getTimestamp($(this))),e=t.format(H.getDateFormat($(this)));$(this).text(e),$(this).removeAttr(H.attrTimestamp),$(this).removeAttr(H.attrDateFormat);const o=$(this).attr("data-bs-toggle");if(void 0===o||"tooltip"!==o)return;const a=t.format("llll");$(this).attr("data-bs-title",a),new bootstrap.Tooltip($(this))})),function(){if($(x).length){const t=new ClipboardJS(x,{target:t=>t.parentNode.nextElementSibling.querySelector("code .rouge-code")});[...document.querySelectorAll(x)].map((t=>new bootstrap.Tooltip(t,{placement:"left"}))),t.on("success",(t=>{t.clearSelection();const e=t.trigger;F(e)||(!function(t){$(t).children().attr("class",A)}(e),function(t){const e=$(t).attr(j);$(t).attr(D,e).tooltip("show")}(e),R(e),setTimeout((()=>{!function(t){$(t).tooltip("hide").removeAttr(D)}(e),function(t){$(t).children().attr("class",I)}(e),q(e)}),M))}))}const t=$("#copy-link");t.on("click",(t=>{let e=$(t.target);F(e)||navigator.clipboard.writeText(window.location.href).then((()=>{const t=e.attr(D),o=e.attr(j);e.attr(D,o).tooltip("show"),R(e),setTimeout((()=>{e.attr(D,t),q(e)}),M)}))})),t.on("mouseleave",(function(t){$(t.target).tooltip("hide")}))}(),document.querySelector("main h2, main h3")&&tocbot.init({tocSelector:"#toc",contentSelector:".content",ignoreSelector:"[data-toc-skip]",headingSelector:"h2, h3, h4",orderedList:!1,scrollSmooth:!1}),function(){const t=$(window),e=$("#back-to-top");t.on("scroll",(()=>{t.scrollTop()>50?e.fadeIn():e.fadeOut()})),e.on("click",(()=>{t.scrollTop(0)}))}(),[...document.querySelectorAll('[data-bs-toggle="tooltip"]')].map((t=>new bootstrap.Tooltip(t)))}(); diff --git a/categories/apps/index.html b/categories/apps/index.html new file mode 100644 index 0000000000..a4d0f6b8d2 --- /dev/null +++ b/categories/apps/index.html @@ -0,0 +1 @@ + apps | Techno Tim
Category
diff --git a/categories/cloud/index.html b/categories/cloud/index.html new file mode 100644 index 0000000000..5e9cf1b78b --- /dev/null +++ b/categories/cloud/index.html @@ -0,0 +1 @@ + cloud | Techno Tim
Category
diff --git a/categories/coding/index.html b/categories/coding/index.html new file mode 100644 index 0000000000..3046879432 --- /dev/null +++ b/categories/coding/index.html @@ -0,0 +1 @@ + coding | Techno Tim
Category
diff --git a/categories/conferences/index.html b/categories/conferences/index.html new file mode 100644 index 0000000000..dda48556c7 --- /dev/null +++ b/categories/conferences/index.html @@ -0,0 +1 @@ + conferences | Techno Tim
Category
diff --git a/categories/docker/index.html b/categories/docker/index.html new file mode 100644 index 0000000000..bc5b1dec7a --- /dev/null +++ b/categories/docker/index.html @@ -0,0 +1 @@ + docker | Techno Tim
Category
diff --git a/categories/hardware/index.html b/categories/hardware/index.html new file mode 100644 index 0000000000..c2239a8cac --- /dev/null +++ b/categories/hardware/index.html @@ -0,0 +1 @@ + hardware | Techno Tim
Category
diff --git a/categories/home-automation/index.html b/categories/home-automation/index.html new file mode 100644 index 0000000000..6b16509965 --- /dev/null +++ b/categories/home-automation/index.html @@ -0,0 +1 @@ + home-automation | Techno Tim
Category
diff --git a/categories/homelab/index.html b/categories/homelab/index.html new file mode 100644 index 0000000000..c56856705d --- /dev/null +++ b/categories/homelab/index.html @@ -0,0 +1 @@ + homelab | Techno Tim
Category

homelab 86

diff --git a/categories/k3s/index.html b/categories/k3s/index.html new file mode 100644 index 0000000000..abf5fa3513 --- /dev/null +++ b/categories/k3s/index.html @@ -0,0 +1 @@ + k3s | Techno Tim
Category
diff --git a/categories/kubernetes/index.html b/categories/kubernetes/index.html new file mode 100644 index 0000000000..52d63a97d8 --- /dev/null +++ b/categories/kubernetes/index.html @@ -0,0 +1 @@ + kubernetes | Techno Tim
Category
diff --git a/categories/life/index.html b/categories/life/index.html new file mode 100644 index 0000000000..73415616aa --- /dev/null +++ b/categories/life/index.html @@ -0,0 +1 @@ + life | Techno Tim
Category
diff --git a/categories/maas/index.html b/categories/maas/index.html new file mode 100644 index 0000000000..1999544ced --- /dev/null +++ b/categories/maas/index.html @@ -0,0 +1 @@ + maas | Techno Tim
Category
diff --git a/categories/network/index.html b/categories/network/index.html new file mode 100644 index 0000000000..9c567ad718 --- /dev/null +++ b/categories/network/index.html @@ -0,0 +1 @@ + network | Techno Tim
Category
diff --git a/categories/portainer/index.html b/categories/portainer/index.html new file mode 100644 index 0000000000..750b256557 --- /dev/null +++ b/categories/portainer/index.html @@ -0,0 +1 @@ + portainer | Techno Tim
Category
diff --git a/categories/proxmox/index.html b/categories/proxmox/index.html new file mode 100644 index 0000000000..cb302bbd27 --- /dev/null +++ b/categories/proxmox/index.html @@ -0,0 +1 @@ + proxmox | Techno Tim
Category
diff --git a/categories/rancher/index.html b/categories/rancher/index.html new file mode 100644 index 0000000000..d6d7e3c289 --- /dev/null +++ b/categories/rancher/index.html @@ -0,0 +1 @@ + rancher | Techno Tim
Category
diff --git a/categories/self-hosted/index.html b/categories/self-hosted/index.html new file mode 100644 index 0000000000..e4c579dcd5 --- /dev/null +++ b/categories/self-hosted/index.html @@ -0,0 +1 @@ + self-hosted | Techno Tim
Category

self-hosted 26

diff --git a/categories/streaming/index.html b/categories/streaming/index.html new file mode 100644 index 0000000000..4936da71a9 --- /dev/null +++ b/categories/streaming/index.html @@ -0,0 +1 @@ + streaming | Techno Tim
Category
diff --git a/categories/traefik/index.html b/categories/traefik/index.html new file mode 100644 index 0000000000..683ab1b8de --- /dev/null +++ b/categories/traefik/index.html @@ -0,0 +1 @@ + traefik | Techno Tim
Category
diff --git a/categories/truenas/index.html b/categories/truenas/index.html new file mode 100644 index 0000000000..45d675711b --- /dev/null +++ b/categories/truenas/index.html @@ -0,0 +1 @@ + truenas | Techno Tim
Category
diff --git a/categories/utilities/index.html b/categories/utilities/index.html new file mode 100644 index 0000000000..7fcf11168d --- /dev/null +++ b/categories/utilities/index.html @@ -0,0 +1 @@ + utilities | Techno Tim
Category
diff --git a/categories/vlog/index.html b/categories/vlog/index.html new file mode 100644 index 0000000000..3ce5adeac4 --- /dev/null +++ b/categories/vlog/index.html @@ -0,0 +1 @@ + vlog | Techno Tim
Category
diff --git a/feed.xml b/feed.xml new file mode 100644 index 0000000000..3d6e782bae --- /dev/null +++ b/feed.xml @@ -0,0 +1 @@ + https://technotim.live/Techno TimTechno Tim Home - Documentation and More 2024-10-03T13:19:59-05:00 Techno Tim https://technotim.live/ Jekyll © 2024 Techno Tim /assets/img/favicons/favicon.ico /assets/img/favicons/favicon-96x96.png I turned a gaming case into a living room NAS2024-09-28T08:00:00-05:00 2024-09-28T08:00:00-05:00 https://technotim.live/posts/living-room-nas/ Techno Tim This case was meant for gaming but I decided to do a little tinkering to see if I could truly turn this build into a NAS for a good-looking home server in your living room. 📺 Watch Video Info I originally built a standalone media server on Windows that focused on low energy use, but decided to take it one step further. 📦 Products in video (affiliate links): Fractal Design Terra Case: ... You should be using Proxmox Backup Server2024-09-28T08:00:00-05:00 2024-09-28T14:08:17-05:00 https://technotim.live/posts/proxmox-backup-server/ Techno Tim After years of ignoring it, I finally switched back to Proxmox Backup Server and reclaimed 6TB of disk space. Totally worth it. 📺 Watch Video Info The disk, network, and computational savings are incredible with Proxmox Backup Server and you should be using it if you are running Proxmox VE. I used NFS for years and only now do I realize how inefficient that is. This is why I started usi... Building a Low-Power, Fully Loaded Plex Server2024-09-16T08:00:00-05:00 2024-09-16T08:00:00-05:00 https://technotim.live/posts/plex-build-low-power-server/ Techno Tim I built an efficient, good looking, Mini ITX Plex server that doesn’t skimp on the processing power, storage, or features like transcoding all while using only 16 watts of power. Each part is hand-picked and every setting is tweaked with efficiency in mind. Oh, and it would even look nice in your living space too! If you already have a Plex server, you can still follow this guide to be sure y... How one company is "De-Microsoft-ifying" and pushing Linux on the desktop2024-09-05T08:00:00-05:00 2024-09-05T21:22:15-05:00 https://technotim.live/posts/creator-summit-2024-demicrosoftification/ Techno Tim 45Drives is De-Microsoft-ifying and leading the charge by replacing Windows with Linux desktops and replacing proprietary solutions with open source. This topic of “demicrosoftification” was discussed at the Creator Summit 2024 at 45Drives headquarters. I attended along with many other tech YouTubers in this space. They also gave us a sneak peek at some new hardware too and an early look at so... The Best HomeLab Service Dashboard Yet!2024-08-26T08:00:00-05:00 2024-09-02T13:43:36-05:00 https://technotim.live/posts/homelab-assistant/ Techno Tim Say goodbye to all of the other Home Lab Dashboards that you end up not using, it’s time to use something smarter, Home Assistant. 📺 Watch Video Disclosures Nothing in this video was sponsored Info Home Assistant: https://github.com/home-assistant/core HACS : https://github.com/hacs/integration System Monitor: https://www.home-assistant.io/integrations/systemmonitor/ TrueNAS... diff --git a/giscus.json b/giscus.json new file mode 100644 index 0000000000..89b28ada8d --- /dev/null +++ b/giscus.json @@ -0,0 +1,8 @@ +{ + "origins": [ + "https://technotim.live", + "https://www.technotim.live", + "https://docs.technotim.live/", + "https://techno-tim.github.io/" + ] +} diff --git a/index.html b/index.html new file mode 100644 index 0000000000..1f37729d58 --- /dev/null +++ b/index.html @@ -0,0 +1 @@ + Techno Tim
Techno Tim
diff --git a/norobots/index.html b/norobots/index.html new file mode 100644 index 0000000000..48d4cd4e30 --- /dev/null +++ b/norobots/index.html @@ -0,0 +1 @@ + | Techno Tim
Redirect
"/norobots/", "to"=>"https://technotim.live/404.html"}" />"/norobots/", "to"=>"https://technotim.live/404.html"}" /> Page Redirection If you are not redirected automatically, follow this link.
diff --git a/page10/index.html b/page10/index.html new file mode 100644 index 0000000000..6797133869 --- /dev/null +++ b/page10/index.html @@ -0,0 +1 @@ + Techno Tim
Techno Tim
diff --git a/page11/index.html b/page11/index.html new file mode 100644 index 0000000000..63ecdc234a --- /dev/null +++ b/page11/index.html @@ -0,0 +1 @@ + Techno Tim
Techno Tim
diff --git a/page12/index.html b/page12/index.html new file mode 100644 index 0000000000..b43ca7e821 --- /dev/null +++ b/page12/index.html @@ -0,0 +1 @@ + Techno Tim
Techno Tim
diff --git a/page13/index.html b/page13/index.html new file mode 100644 index 0000000000..6e05017fb8 --- /dev/null +++ b/page13/index.html @@ -0,0 +1 @@ + Techno Tim
Techno Tim
diff --git a/page14/index.html b/page14/index.html new file mode 100644 index 0000000000..36135428ed --- /dev/null +++ b/page14/index.html @@ -0,0 +1 @@ + Techno Tim
Techno Tim
diff --git a/page15/index.html b/page15/index.html new file mode 100644 index 0000000000..113c1d44ac --- /dev/null +++ b/page15/index.html @@ -0,0 +1 @@ + Techno Tim
Techno Tim
diff --git a/page16/index.html b/page16/index.html new file mode 100644 index 0000000000..12852823bb --- /dev/null +++ b/page16/index.html @@ -0,0 +1 @@ + Techno Tim
Techno Tim
diff --git a/page17/index.html b/page17/index.html new file mode 100644 index 0000000000..5b60967aa9 --- /dev/null +++ b/page17/index.html @@ -0,0 +1 @@ + Techno Tim
Techno Tim
diff --git a/page18/index.html b/page18/index.html new file mode 100644 index 0000000000..3f4fea25b9 --- /dev/null +++ b/page18/index.html @@ -0,0 +1 @@ + Techno Tim
Techno Tim
diff --git a/page2/index.html b/page2/index.html new file mode 100644 index 0000000000..0cf81776c9 --- /dev/null +++ b/page2/index.html @@ -0,0 +1 @@ + Techno Tim
Techno Tim
diff --git a/page3/index.html b/page3/index.html new file mode 100644 index 0000000000..3b7ef62172 --- /dev/null +++ b/page3/index.html @@ -0,0 +1 @@ + Techno Tim
Techno Tim
diff --git a/page4/index.html b/page4/index.html new file mode 100644 index 0000000000..6b99c1c2bf --- /dev/null +++ b/page4/index.html @@ -0,0 +1 @@ + Techno Tim
Techno Tim
diff --git a/page5/index.html b/page5/index.html new file mode 100644 index 0000000000..014a88b357 --- /dev/null +++ b/page5/index.html @@ -0,0 +1 @@ + Techno Tim
Techno Tim
diff --git a/page6/index.html b/page6/index.html new file mode 100644 index 0000000000..be4619370b --- /dev/null +++ b/page6/index.html @@ -0,0 +1 @@ + Techno Tim
Techno Tim
diff --git a/page7/index.html b/page7/index.html new file mode 100644 index 0000000000..56054d9d56 --- /dev/null +++ b/page7/index.html @@ -0,0 +1 @@ + Techno Tim
Techno Tim
diff --git a/page8/index.html b/page8/index.html new file mode 100644 index 0000000000..f2c54d24d7 --- /dev/null +++ b/page8/index.html @@ -0,0 +1 @@ + Techno Tim
Techno Tim
diff --git a/page9/index.html b/page9/index.html new file mode 100644 index 0000000000..3c16f68212 --- /dev/null +++ b/page9/index.html @@ -0,0 +1 @@ + Techno Tim
Techno Tim
diff --git a/posts/100-days-of-homelab-1-year-later/index.html b/posts/100-days-of-homelab-1-year-later/index.html new file mode 100644 index 0000000000..e2eda87937 --- /dev/null +++ b/posts/100-days-of-homelab-1-year-later/index.html @@ -0,0 +1 @@ + 100 Days of HomeLab - 1 Year Later | Techno Tim
Post

100 Days of HomeLab - 1 Year Later

A year ago I started a challenge that encouraged everyone to join the #100DaysOfHomeLab challenge, a challenge designed to help improve your skills in IT. This is similar to any of the “100 Days” challenges - pick a topic, stick with it for 100 days, and form a habit. Some of you might be asking what a “HomeLab” is, and I think in it’s simplest terms it’s a “lab environment” mostly at home. Think of this as a test environment to learn about technology without the fear of breaking anything. If you’d like to learn more about HomeLabs and how to get started, I summarized it in a video.

After creating the challenge, I had lots of folks join in on Twitter, Mastodon, YouTube, Instagram and many other social networks using the hashtag #100DaysOfHomeLab, and it’s still going today!

365 Days of HomeLab

I ended up sticking with it, posting on socials (when I remembered), and took it all the way to 1 year! While some posts seemed redundant and repetitive, I kept on building, breaking, learning, and posting. Once I hit 100 Days, I decided to see how long I could go. 100 days turned into 200 days, and 200 days turned into 300… and today I hit 365 days. Looking back at my very first tweet, it seems I missed a few days of sharing, or I am really bad at math. If you can spot where I missed or messed up, let me me know in the comments below! 😀

So what did you learn?

Over the last year I learned so much about HomeLabbing, but specifically Docker, Kubernetes, networking, ZFS, GitOps, and many other related technologies. You can see all of my 100 Days of HomeLab tweets here however I will summarize some of the topics.

Bots & Website

I started out by creating a Twitter bot that would retweet everyone who was joining the challenge. I felt like this was important to build and grow a community around HomeLab and a simple way to bringing people together. This is a self-hosted bot that I wrote myself, and even open sourced the code!

I also decided to create a 100 Days of HomeLab website so people could learn more about the challenge and even showcase some of the creators I worked with to make this possible. Huge thanks to all creators, featured on this page or not, who joined in on the fun!

What not to do

Another bucket of learnings were what not to do. This can be seen as mistakes but I looked at them as opportunities. These were things like:

  • Backup everything you can’t recreate (even if you think you don’t need it)
  • Test your backups
  • Don’t run beta firmware in production
  • Don’t run early access firmware in production (I had to list this twice in case I think about it again)
  • Don’t deploy and walk away (for hours)
  • Try not to test in production (although sometimes there isn’t any way around it)
  • Don’t over buy or over build hardware, unless you think you can repurpose or sell it easily in the future
  • You may not always need the fastest connection like 10G (things will just take a little longer)
  • Don’t delete CRDs in k8s unless you are certain you don’t need any of the resources

What to do

It wasn’t all bad, I also picked up some good habits and learned what I should continue doing in the future:

  • Build a small test environment, even if it’s hard
  • Create good documentation and write it as if someone other than yourself will have to follow the steps
  • Write tests, when you can, even even when you think you can’t
  • Have just enough hardware, repurpose what you can
  • A little battery backup goes a long way
  • Use DNS when possible (even if it’s painful)
  • Use certificates, always
  • Use strong randomized passwords
  • Set up monitoring & alerting, even if it’s just to yourself!
  • Keep it simple. Seems like an oxymoron for HomeLab, but the simpler you keep it, the easier it will be to support

Hardware

I made lots of changes to my HomeLab over the past year, from a pile of machines on a shelf, to an open post rack, to a fully enclosed server rack in a room I converted to a server room. With this came new challenges like networking, power, and even RGB. I was sent a Storinator from 45 Drives and really expanded my storage while deprecating my old Disk Shelf. I also picked up a handful of low power devices and built a small low power cluster of Intel NUCs and rack mounted them in my server rack!

Automation

I also got to dive into Ansible deeper than ever before! Ansible is a powerful tool for automating things, especially infrastructure. I automated things like updates, configuration of my machines, password changes, and even building a fully HA Kubernetes cluster with k3s. The time spent learning this tool has already paid back in dividends compared to the time I would put into doing these task manually or even worse, pile up tech debt because I would skip them.

I also picked up Terraform too! Terraform is one of those things you may not ever learn until you need to. It’s definitely been eye opening building up new infrastructure with Terraform. Every time I see a form or a UI to create some sort of Infra, I automatically think about how I can automate this with Terraform… but thinking and doing are two different things and I need to start doing this more often. I’ve already figured out how to apply Terraform to Cloudflare DNS and will be applying to more systems in the future.

Networking

Once of the biggest changes to networking wasn’t new hardware or network speed, but VLANs. I implemented VLANs here to keep all of my network traffic segmented according to the roles these devices fill. For instance I created an IoT vlan for all of my IoT devices, a Camera VLAN just for secure video devices, and Server VLAN for my servers that are used for public facing services. This helps ensure that not only am I not mixing traffic, but also minimizing the blast radius if one of my devices were to become compromised. I talked about this and more security recommendations in a video here. Highly recommended if you are going to self-host anything.

Kubernetes

The next big theme is Kubernetes and has been a theme on my channel almost since the beginning. I now run 3 HA Kubernetes clusters at home. That might sound crazy, but it’s true. It’s taught me so much about how to build, support, and maintain one of the most popular technologies in the world. It’s been challenging but rewarding at the same time. I ended up going all in and migrating all of my Docker only hosts to Kubernetes. I no longer have single Docker hosts (pets) and now have more Kubernetes nodes (cattle). Once I moved everything to Kubernetes, I quickly learned that I needed a better way to manage it than just a UI or applying manifests from the CLI.

(GitOps has entered the chat)

GitOps

Git Ops, such a such a huge term and people have varying opinions on where it starts and where it ends - but it’s the idea that Git is the source of truth to deliver infrastructure as code. What does that mean for me and in my HomeLab? For me it means that my Kubernetes cluster (and custom code) is source controlled in Git and the only way to get those changes applied is through CI. This was one of the most rewarding things I have learned about during my 100 Days of HomeLab. All 3 of my Kubernetes clusters are defined in code (YAML) in a Git repository and when I need to make changes I just commit them to my repo and push them up and FLUX takes care of the rest. It has not only taught me how to deliver infrastructure as code but also taught me about secret management with SOPS which is such a valuable lesson, Kubernetes or not. I will be looking to expand into more IaC this year and beyond because this is truly the future of infrastructure.

Community

Last but definitely not least is community. Doing this challenge has taught me that there are so many other people out there just like me, trying to build/break/fix/learn with a lab environment at home. There are countless times where I have been inspired from others or even found better, more efficient way to accomplish things by interacting with the HomeLab community. I have even picked up new tech all thanks to you. I have met lots of people on socials and will continue to follow your journey!

So, what are you waiting for? Want to join the 100 Days of HomeLab Challenge? You’re just one click away!

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/100-days-of-homelab/index.html b/posts/100-days-of-homelab/index.html new file mode 100644 index 0000000000..acdd67325f --- /dev/null +++ b/posts/100-days-of-homelab/index.html @@ -0,0 +1 @@ + 100 Days of HomeLab - The HomeLab Challenge | Techno Tim
Post

100 Days of HomeLab - The HomeLab Challenge

It’s here. The #100DaysOfHomeLab challenge! This challenge is meant to accelerate your knowledge in servers, networking, infrastructure, automation, storage, containerization, orchestration, virtualization, Windows, Linux, and more.It can even possibly accelerate your IT career! So, commit to the Hundred Days of HomeLab challenge, share your progress, and encourage others along the way!

So, to celebrate my 100k subs, I brought in some of the biggest names in the HomeLab community and some new faces too! A hue thanks to everyone that took part in this video.I can’t thank you enough!

📺 Watch Video

Take the challenge! https://100daysofhomelab.com/

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/10gbe-cat5e-homelab-network/index.html b/posts/10gbe-cat5e-homelab-network/index.html new file mode 100644 index 0000000000..732607df94 --- /dev/null +++ b/posts/10gbe-cat5e-homelab-network/index.html @@ -0,0 +1,9 @@ + Will 10 Gigabit work with Cat5e? - 10Gbe HomeLab Network Upgrade! | Techno Tim
Post

Will 10 Gigabit work with Cat5e? - 10Gbe HomeLab Network Upgrade!

After deciding to upgrade my “old” 24 PoE switch to a new 48 port PoE switch with 4 SFP+ ports, I decided to check to see if my old house with old Cat5e network wiring will work at 10 gigabit speeds! If this works, I will have a 10 Gbe network connection from my PCs to my HomeLab server rack!

📺 Watch Video

A HUGE thank you to Micro Center for sponsoring today’s video!

New Customer Exclusive, Receive a FREE 256GB SSD in Store: https://micro.center/6af2da

Check Out Micro Center’s PC Builder: https://micro.center/f65221

Visit the Micro Center Community: https://micro.center/e64c4c

Items in this video

Intel Server Adapter X540-T1 - https://ebay.us/mQCVfl

USW-PRO-48-POE - https://amzn.to/3PbuFYf

Patch Panel - https://amzn.to/3yuBduk

Slim Patch Cables - https://amzn.to/3yvdmdO

10GBase-T SFP+ Transceiver - https://amzn.to/3atGdHB

Server Rack - https://amzn.to/3AKfj8S

Cat5e Spool (you should buy cat 6) - https://amzn.to/3PwNeX9

Cat6 Spool - https://amzn.to/3Pgk6TC

RJ45 Keystone Jacks - https://amzn.to/3IxwMDG

SFP+ DAC - https://amzn.to/3Pg96py

iperf

Install

1
+2
+
sudo apt update
+sudo apt install iperf
+

on the remote machine

1
+
iperf -s
+

then on another machine

1
+
iperf -c 192.168.0.104 # ip of the remote machine
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/1u-server-upgrade/index.html b/posts/1u-server-upgrade/index.html new file mode 100644 index 0000000000..cadaa2f2d3 --- /dev/null +++ b/posts/1u-server-upgrade/index.html @@ -0,0 +1 @@ + My HUGE (but small) 1U Server Upgrade | Techno Tim
Post

My HUGE (but small) 1U Server Upgrade

I’ve been making great use of some older, bigger servers but I decided to try and build, upgrade, and migrate to some 1U servers.Join me as we unbox and build my 2 new virtualization servers!

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/20-ways-virtual-machine/index.html b/posts/20-ways-virtual-machine/index.html new file mode 100644 index 0000000000..f12ae73384 --- /dev/null +++ b/posts/20-ways-virtual-machine/index.html @@ -0,0 +1 @@ + 20 Ways to Use a Virtual Machine (and other ideas for your homelab) | Techno Tim
Post

20 Ways to Use a Virtual Machine (and other ideas for your homelab)

Looking for new ideas on how to use your virtual machines? Well, here’s the top 20 ways to use your virtual machines in your homelab.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/3090-machine-learning/index.html b/posts/3090-machine-learning/index.html new file mode 100644 index 0000000000..4ea86456fb --- /dev/null +++ b/posts/3090-machine-learning/index.html @@ -0,0 +1 @@ + RTX 3090 for Machine Learning? | Techno Tim
Post

RTX 3090 for Machine Learning?

The NVIDIA RTX 3090 is a beast.We all know it can beat the benchmarks in gaming, but how about machine learning and neural networks? Today we walk through the RTX 3090 and then compile and run Darknet, an open source neural network, on Windows and then Ubuntu Linux and run object detection on pictures, images, and real-time video.You will be amazed at how much more you can get out of your video card than just gaming!

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/45-drives-storinator/index.html b/posts/45-drives-storinator/index.html new file mode 100644 index 0000000000..59350d4870 --- /dev/null +++ b/posts/45-drives-storinator/index.html @@ -0,0 +1 @@ + NEW SERVER! Deploying 100 TB of Storage to my HomeLab! | Techno Tim
Post

NEW SERVER! Deploying 100 TB of Storage to my HomeLab!

Check out my new server! It’s an Storinator AV15 from 45 Drives loaded with lots of great upgrades! Will it be my new high performance storage server and replace TrueNAS? Will it be my new hypervisor and replace one of my Proxmox servers? Or will I cluster this server and do something else? Let’s see what this server is made of first!

A HUGE thank you to Micro Center for sponsoring this video!

New Customers Exclusive – FREE Redragon GS500 Gaming Stereo Speakers: https://micro.center/mkp

Check out Micro Center’s PC Builder: https://micro.center/njw

Submit your build to Micro Center’s Build Showcase: https://micro.center/gov

📺 Watch Video

Check out 45Drives Storinators and other servers - https://www.45drives.com/

Seagate Exos X16 14TB Drives and more - https://kit.co/TechnoTim/best-ssd-hard-drive-flash-storage

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/45drives-creator-summit-day-1/index.html b/posts/45drives-creator-summit-day-1/index.html new file mode 100644 index 0000000000..2d90e24a6e --- /dev/null +++ b/posts/45drives-creator-summit-day-1/index.html @@ -0,0 +1 @@ + 45Drives Creators Summit on Data Storage - Day 1 | Techno Tim
Post

45Drives Creators Summit on Data Storage - Day 1

45Drives HQ 45Drives HQ Located in Sydney, Nova Scotia, Canada

I was invited to 45Drives Headquarters in Sydney Nova Scotia Canada for a Creator Summit on Data Storage. 45Drives invited Tech YouTubers like Jeff Geerling, Wendell Wilson, Jeff from Craft Computing, Tom Lawrence, and myself for a 3 day event to meet the 45Drives team and other experts in the storage space and discuss the future of storage.

If you want to see the video of this tour, you can check it out here!

The Tour

45Drives Labs We got a tour of the labs where they are cooking up some new storage systems

Day 1 started out with a tour of the 45Drives HQ. The office is new, fully of natural light, and very modern. One of the last stops was to visit the labs area where they were testing hardware, cluster configurations, and even had some prototype devices.

45Drives Labs A Storinator that includes both 2.5” drives and 3.5” drives

Storage Solutions

The first stop was the Storiantor Hybrid F8 x1. This is an interesting configuration because it combines both 3.5” slots of high density drives and 2.5” slots for SSDs. THis something I have been particularly interested in because I’ve modified my Storinator to do just that. This one solution would allow me to keep my workloads that need fast storage, like virtual machines, on up to 8 SSDs, while still giving me 12 bays for HDDs that could store all of my “slow” data like videos, images, and documents.

45Drives Stornado Gen II 2U SATA All flash Storinator!

The next stop was the Stornado Gen II 2U SATA. This machine is specifically designed for speed and offers 32 slots for all flash storage. This is also something that I am interested in, not only because it would allow me to move to an all flash solution, but also because it comes in a 2U factor and would help reduce energy costs. THis does mean however that I will have to spend more on SSDs so not sure if there’s a real cost benefit for my specific application. (Still want all flash storage though! 😂)

45Drives Homelab The Storinator Homelab H15 (prototype)

The next stop was one of the most anticipated devices for me (being part of the HomeLab community) that was the 45 Homelab HL15. This device is meant to meet the needs of Homelab enthusiasts. This machine has the same build quality you would expect from a 45Drives system and has very similar parts and storage as their enterprise versions. One of the cool things about this version is that it can be rack mounted or stand alone as a desktop. One thing you’ll notice too is that it uses a standard ATX power supply which is a welcome addition for something that will be primarily used by consumers which will allow them to use commodity hardware. 45Drives have said that they will sell this devices in a few configurations, per their website:

The current server under development is a 15-bay, 4U chassis that will be offered in three options:

  1. Fully built system – including CPU, RAM, etc.
  2. Chassis with backplanes and PSU
  3. Chassis with only backplanes

If you’re interested I would highly recommend signing up for their newsletter

45Drives Storinator Jr. The Storinator Jr., a Raspberry Pi based storage server (prototype)

The next stop was the Storinator Jr. This device is only a prototype but was inspired by Jeff Geerling’s Petabyte Pi project. The idea is simple, create a “mini” Storinator that is backed by a Raspberry Pi, but the technical limitations of the Pu were almost insurmountable. You’ll have to check out Jeff’s video for all of the challenges he had to overcome. To be clear, this was only a R&D Project and this product may never come to market, cool nonetheless.

45Drives Mitcha Hall Mitch Hall discussing Ceph at 45 Drives_

Creator Led Discussions

With the tour out of the way it was time to hop into our tech discussions. 45Drives kicked it off with talks from their CO-founder, architects, sales, and more. The topics ranged from the history of 45Drives, Ceph Clustering and “Cluster for Everyone”, to even ransomware protection using Snapshield which can quickly terminate connections from a suspected infected device.

Timothy Stewart (Techno Tim) Me (Timothy Stewart) discussing 45Drives at Home(Lab)

After that, it was my turn. For context, all creators were asked to share a topic related to storage, and I felt the most valuable thing I could talk about was my experience with a 45Drives Storinator at home. Also, in case you didn’t know, all current Storinators target enterprise customers and so I thought it was a rare opportunity to give them feedback about using and converting one of their storage servers for home use. This might be something that they would incorporate into their Homelab product. And yes, I did throw in the RGB idea. We’ll see how that goes…

Jeff Geerling) Jeff Geerling discussing the history of 45Drives & Content Creators

Up next was a discussion led by Jeff Geerling. This was an interesting talk about the history of 45Drives involvement with content creators raging from Linus, to MKBHD, to iJustine, and even their recent round of creators (all of us). Jeff also analyzed each of the videos and broke them down into why they were successful vs ones that weren’t particularly successful (from a YouTube views perspective). He talked about his process, script writing, and even storytelling and offered some feedback on how they could improve their reach on their own content if they focused more on story storytelling with a hook. This is something that I definitely need to work on too, so I will be trying to apply this more to my future content.

Alan Nagl) Alan Nagl giving a deep dive on hard drive technology

Next was Alan Nagl from HDStor who did a deep dive on hard drives, how they work, and how the “SSD will never replace the HDD”. I learned quite a bit about about hard drives, how they work, HAMR hard drives and as a bonus learned all about helium filled drives at dinner. Alan is a wealth of information when it comes to storage!

Tom Lawrence Tom Lawrence discussing ZFS and Ceph solutions

Last but not least was Tom Lawrence from Lawrence systems. He joined virtual because he couldn’t attend in person but his topic was a discussion on how to position clustering in the market vs single server solutions. Tom had a lot of the same questions I had about Ceph, when to use Ceph, and at what point does Ceph make sense over a large ZFS pool.

Outside of lunch, dinner, and lots of snacks, that pretty much summed up the day. Lots of great talked and more to come tomorrow!

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/45homelab-hl15-creator-summit/index.html b/posts/45homelab-hl15-creator-summit/index.html new file mode 100644 index 0000000000..1b040d4360 --- /dev/null +++ b/posts/45homelab-hl15-creator-summit/index.html @@ -0,0 +1 @@ + 45 HomeLab HL15 and more at the Creator Summit | Techno Tim
Post

45 HomeLab HL15 and more at the Creator Summit

I took a trip with 3 other Tech YouTubers to 45 Drives Headquarters to see the new 45 HomeLab HL15 and other devices during their first ever Creator Summit to discuss storage! We take a look at lots of Storinators, the HL15 HomeLab, all flash Stornados, and even the Storinator Jr.!

📺 Watch Video

Info

If you’re looking for details on the Creator Summit, you can read all about it in a previous post!

Thank you so much to 45Drives for paying for this trip to the Creator Summit!

Thank you to Jeff Geerling, Wendell, Jeff from Craft Computing, Tom Lawrence, Alan Nagl, and Dave Dickerson for teaching me so much during this trip!

Where to Buy

Pre-sales for the 45HomeLab here: https://presale.45homelab.com

You can check out the 45HomeLab here: https://45homelab.com

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/NUT-server-guide/index.html b/posts/NUT-server-guide/index.html new file mode 100644 index 0000000000..1dbf12968c --- /dev/null +++ b/posts/NUT-server-guide/index.html @@ -0,0 +1,535 @@ + Network UPS Tools (NUT) Ultimate Guide | Techno Tim
Post

Network UPS Tools (NUT) Ultimate Guide

Meet NUT Server, or Network UPS Tools.It’s an open UPS networking monitoring tool that runs on many different operating systems and processors.This means you can run the server on Linux, MacOS, or BSD and run the client on Windows, MacOS, Linux, and more.It’ perfect for your Pi, server, or desktop.It works with hundreds of UPS devices, PDUs, and many other power management systems.

This is the ultimate guide to configuring Network UPS Tools (NUT).We cover everything from installing and configuring the server on as Raspberry Pi, configuring the client on Windows and Linux, configure a charting and graphing website to visualize NUT data, spin up an additional web site use Docker, and finally set up monitoring and alerting to automate shutdowns of your machine.

https://networkupstools.org

Also, note to self, don’t eat a salad before you record a video….

📺 Watch Video

NUT UPS Server

plug in ups

1
+
lsusb
+

should see something like

1
+2
+3
+4
+
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
+Bus 001 Device 019: ID 09ae:2012 Tripp Lite
+Bus 001 Device 002: ID 2109:3431 VIA Labs, Inc. Hub
+Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
+
1
+2
+
sudo apt update
+sudo apt install nut nut-client nut-server
+
1
+
sudo nut-scanner -U
+

should see something like

tripp lite

1
+2
+3
+4
+5
+6
+7
+8
+
[nutdev1]
+        driver = "usbhid-ups"
+        port = "auto"
+        vendorid = "09AE"
+        productid = "2012"
+        product = "Tripp Lite UPS"
+        vendor = "Tripp Lite"
+        bus = "001"
+

apc 1500

1
+2
+3
+4
+5
+6
+7
+8
+9
+
[nutdev1]
+        driver = "usbhid-ups"
+        port = "auto"
+        vendorid = "051D"
+        productid = "0002"
+        product = "Back-UPS XS 1500M FW:947.d10 .D USB FW:d10"
+        serial = "3xxxxxxxxxxx"
+        vendor = "Tripp Lite"
+        bus = "001"
+

apc 850

1
+2
+3
+4
+5
+6
+7
+8
+9
+
[nutdev3]
+        driver = "usbhid-ups"
+        port = "auto"
+        vendorid = "051D"
+        productid = "0002"
+        product = "Back-UPS ES 850G2 FW:931.a10.D USB FW:a"
+        serial = "3xxxxxxxxxxx"
+        vendor = "American Power Conversion"
+        bus = "001"
+
1
+
sudo nano /etc/nut/ups.conf
+
1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+
pollinterval = 1
+maxretry = 3
+
+[tripplite]
+    driver = usbhid-ups
+    port = auto
+    desc = "Tripp Lite 1500VA SmartUPS"
+    vendorid = 09ae
+    productid = 2012
+
+[apc-network]
+    driver = usbhid-ups
+    port = auto
+    desc = "APC Back-UPS XS 1500"
+    vendorid = 051d
+    productid = 0002
+    serial = 3xxxxxxxxx
+
+[apc-modem]
+    driver = usbhid-ups
+    port = auto
+    desc = "APC 850 VA"
+    vendorid = 051d
+    productid = 0002
+    serial = 3xxxxxxxxx
+
1
+
sudo nano /etc/nut/upsmon.conf
+
1
+2
+3
+
MONITOR tripplite@localhost 1 admin secret master
+MONITOR apc-modem@localhost 1 admin secret master
+MONITOR apc-network@localhost 1 admin secret master
+
1
+
sudo nano /etc/nut/upsd.conf
+

Change 127.0.0.1

1
+
LISTEN 127.0.0.1 3493 
+

to all interface

1
+
LISTEN 0.0.0.0 3493 
+
1
+
sudo nano /etc/nut/nut.conf
+
1
+
MODE=netserver
+
1
+
sudo nano /etc/nut/upsd.users
+
1
+2
+3
+
[monuser]
+  password = secret
+  admin master
+
1
+
sudo nano /etc/udev/rules.d/99-nut-ups.rules
+
1
+2
+3
+4
+5
+6
+7
+
SUBSYSTEM!="usb", GOTO="nut-usbups_rules_end"
+
+# TrippLite
+#  e.g. TrippLite SMART1500LCD - usbhid-ups
+ACTION=="add|change", SUBSYSTEM=="usb|usb_device", SUBSYSTEMS=="usb|usb_device", ATTR{idVendor}=="09ae", ATTR{idProduct}=="2012", MODE="664", GROUP="nut", RUN+="/sbin/upsdrvctl stop; /sbin/upsdrvctl start"
+
+LABEL="nut-usbups_rules_end"
+

reboot (because it’s easy)

or

1
+2
+3
+4
+5
+
sudo service nut-server restart
+sudo service nut-client restart
+sudo systemctl restart nut-monitor
+sudo upsdrvctl stop
+sudo upsdrvctl start
+

APC UPS 950 va

list all usb devices

1
+
lsusb
+

query device by USB bus (replace with # from previous command)

1
+
lsusb -D /dev/bus/usb/001/057
+

You should see something like

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+54
+55
+56
+
Device Descriptor:
+  bLength                18
+  bDescriptorType         1
+  bcdUSB               2.00
+  bDeviceClass            0
+  bDeviceSubClass         0
+  bDeviceProtocol         0
+  bMaxPacketSize0        64
+  idVendor           0x051d American Power Conversion
+  idProduct          0x0002 Uninterruptible Power Supply
+  bcdDevice            0.90
+  iManufacturer           1
+  iProduct                2
+  iSerial                 3
+  bNumConfigurations      1
+  Configuration Descriptor:
+    bLength                 9
+    bDescriptorType         2
+    wTotalLength       0x0022
+    bNumInterfaces          1
+    bConfigurationValue     1
+    iConfiguration          0
+    bmAttributes         0xe0
+      Self Powered
+      Remote Wakeup
+    MaxPower                2mA
+    Interface Descriptor:
+      bLength                 9
+      bDescriptorType         4
+      bInterfaceNumber        0
+      bAlternateSetting       0
+      bNumEndpoints           1
+      bInterfaceClass         3 Human Interface Device
+      bInterfaceSubClass      0
+      bInterfaceProtocol      0
+      iInterface              0
+        HID Device Descriptor:
+          bLength                 9
+          bDescriptorType        33
+          bcdHID               1.00
+          bCountryCode           33 US
+          bNumDescriptors         1
+          bDescriptorType        34 Report
+          wDescriptorLength    1049
+         Report Descriptors:
+           ** UNAVAILABLE **
+      Endpoint Descriptor:
+        bLength                 7
+        bDescriptorType         5
+        bEndpointAddress     0x81  EP 1 IN
+        bmAttributes            3
+          Transfer Type            Interrupt
+          Synch Type               None
+          Usage Type               Data
+        wMaxPacketSize     0x0008  1x 8 bytes
+        bInterval             100
+

NUT CGI Server

1
+
sudo apt install apache2 nut-cgi
+
1
+
sudo nano /etc/nut/hosts.conf
+
1
+2
+3
+
MONITOR tripplite@localhost "Tripp Lite 1500VA SmartUPS - Rack"
+MONITOR apc-modem@localhost "APC 850 VA - Wall"
+MONITOR apc-network@localhost "APC Back-UPS XS 1500 - Rack"
+
1
+
sudo a2enmod cgi
+
1
+
sudo systemctl restart apache2
+
1
+
sudo nano /etc/nut/upsset.conf
+
1
+
I_HAVE_SECURED_MY_CGI_DIRECTORY
+

visit

http://your.ip.adddress/cgi-bin/nut/upsstats.cgi

Webnut Docker Container

1
+2
+3
+
mkdir webnut
+cd webnut
+nano docker-compose.yml
+

paste contents and save

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+
version: "3.1"
+services:
+  nut:
+    image: teknologist/webnut
+    container_name: webnut
+    environment:
+      - UPS_HOST=ip.address.of.nut.server
+      - UPS_PORT=3493
+      - UPS_USER=admin
+      - UPS_PASSWORD=secret
+    restart: unless-stopped
+    security_opt:
+      - no-new-privileges:true
+    networks:
+      - proxy
+    ports:
+      - 6543:6543
+networks:
+  proxy:
+    external: true
+
1
+
docker-compose up -d --force-recreate
+

Linux NUT Client (remote)

1
+
sudo apt install nut-client
+

then run

1
+
upsc
+

to verify

verify you can connect

1
+
upsc tripplite@ip.address.of.server
+
1
+
sudo nano /etc/nut/upsmon.conf
+
1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+
RUN_AS_USER root
+
+MONITOR apc-modem@ip.address.of.nut.server 1 admin secret slave
+
+MINSUPPLIES 1
+SHUTDOWNCMD "/sbin/shutdown -h"
+NOTIFYCMD /usr/sbin/upssched
+POLLFREQ 2
+POLLFREQALERT 1
+HOSTSYNC 15
+DEADTIME 15
+POWERDOWNFLAG /etc/killpower
+
+NOTIFYMSG ONLINE    "UPS %s on line power"
+NOTIFYMSG ONBATT    "UPS %s on battery"
+NOTIFYMSG LOWBATT   "UPS %s battery is low"
+NOTIFYMSG FSD       "UPS %s: forced shutdown in progress"
+NOTIFYMSG COMMOK    "Communications with UPS %s established"
+NOTIFYMSG COMMBAD   "Communications with UPS %s lost"
+NOTIFYMSG SHUTDOWN  "Auto logout and shutdown proceeding"
+NOTIFYMSG REPLBATT  "UPS %s battery needs to be replaced"
+NOTIFYMSG NOCOMM    "UPS %s is unavailable"
+NOTIFYMSG NOPARENT  "upsmon parent process died - shutdown impossible"
+
+NOTIFYFLAG ONLINE   SYSLOG+WALL+EXEC
+NOTIFYFLAG ONBATT   SYSLOG+WALL+EXEC
+NOTIFYFLAG LOWBATT  SYSLOG+WALL
+NOTIFYFLAG FSD      SYSLOG+WALL+EXEC
+NOTIFYFLAG COMMOK   SYSLOG+WALL+EXEC
+NOTIFYFLAG COMMBAD  SYSLOG+WALL+EXEC
+NOTIFYFLAG SHUTDOWN SYSLOG+WALL+EXEC
+NOTIFYFLAG REPLBATT SYSLOG+WALL
+NOTIFYFLAG NOCOMM   SYSLOG+WALL+EXEC
+NOTIFYFLAG NOPARENT SYSLOG+WALL
+
+RBWARNTIME 43200
+
+NOCOMMWARNTIME 600
+
+FINALDELAY 5
+

set net client

1
+
sudo nano /etc/nut/nut.conf
+
1
+
MODE=netclient
+

restart service

1
+
sudo systemctl restart nut-client
+

check status

1
+
sudo systemctl status nut-client
+

Windows NUT Client

https://github.com/gawindx/WinNUT-Client/releases

scheduling on the remote system

1
+
sudo nano /etc/nut/upssched.conf
+
1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+
CMDSCRIPT /etc/nut/upssched-cmd
+PIPEFN /etc/nut/upssched.pipe
+LOCKFN /etc/nut/upssched.lock
+
+AT ONBATT * START-TIMER onbatt 30
+AT ONLINE * CANCEL-TIMER onbatt online
+AT ONBATT * START-TIMER earlyshutdown 30
+AT LOWBATT * EXECUTE onbatt
+AT COMMBAD * START-TIMER commbad 30
+AT COMMOK * CANCEL-TIMER commbad commok
+AT NOCOMM * EXECUTE commbad
+AT SHUTDOWN * EXECUTE powerdown
+AT SHUTDOWN * EXECUTE powerdown
+
1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+
sudo nano /etc/nut/upssched-cmd
+``
+
+```bash
+#!/bin/sh
+ case $1 in
+       onbatt)
+          logger -t upssched-cmd "UPS running on battery"
+          ;;
+       earlyshutdown)
+          logger -t upssched-cmd "UPS on battery too long, early shutdown"
+          /usr/sbin/upsmon -c fsd
+          ;;
+       shutdowncritical)
+          logger -t upssched-cmd "UPS on battery critical, forced shutdown"
+          /usr/sbin/upsmon -c fsd
+          ;;
+       upsgone)
+          logger -t upssched-cmd "UPS has been gone too long, can't reach"
+          ;;
+       *)
+          logger -t upssched-cmd "Unrecognized command: $1"
+          ;;
+ esac
+

make it executable (should already be)

1
+
chmod +x /etc/nut/upssched-cmd
+

Be sure PIPEFN and LOCKFN point to a folder that esists, I’ve seen it point to /etc/nut/upssched/ instead of /etc/nut If it does, create the folder or update these variables.

1
+
mkdir /etc/nut/upssched/
+

test

1
+
systemctl restart nut-client
+

then pull the plug on the ups connected to the master, check syslogs

1
+
tail /var/log/syslog
+

should see the logs

machine should shutdown

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/advanced-kubernetes-networking/index.html b/posts/advanced-kubernetes-networking/index.html new file mode 100644 index 0000000000..8f2d099924 --- /dev/null +++ b/posts/advanced-kubernetes-networking/index.html @@ -0,0 +1,771 @@ + Advanced Kubernetes Networking with Multus (It's easier than you think) | Techno Tim
Post

Advanced Kubernetes Networking with Multus (It's easier than you think)

I just discovered Multus and it fixed Kubernetes networking! In this video we cover a lot of Kubernetes networking topics from beginner topics like CNIs, to advanced topics like adding Multus for more traditional networking within Kubernetes - which fixes a lot of problems you see with Kubernetes networking. Also, I had to turn the nerd up to 11 on this one.

📺 Watch Video

Disclosures:

  • Nothing in this video was sponsored

Installing Multus

Multus can be installed a few different ways. The best thing to do is check with your Kubernetes distribution if they support enabling this with configuration. If they do, this is much easier than installing it yourself

Be sure to apply any additional config mentioned in the above links. This will most likely include configuration for your CNI to allow multus to plug into it.

Since I was using RKE2, I needed to apply this HelmChartConfig to configure Cilium to work with Multus

Do not apply this unless you are also using Cilium and RKE2/

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+
# /var/lib/rancher/rke2/server/manifests/rke2-cilium-config.yaml
+---
+apiVersion: helm.cattle.io/v1
+kind: HelmChartConfig
+metadata:
+  name: rke2-cilium
+  namespace: kube-system
+spec:
+  valuesContent: |-
+    cni:
+      exclusive: false
+

Configuring Multus

First check to see that it’s installed

1
+
kubectl get pods --all-namespaces | grep -i multus
+

You should see something similar to the output below. This will vary depending on how you installed multus.

1
+2
+3
+4
+5
+6
+
kube-system           rke2-multus-4kbbv                                       1/1     Running     0              30h
+kube-system           rke2-multus-qbhrb                                       1/1     Running     0              30h
+kube-system           rke2-multus-rmh9l                                       1/1     Running     0              30h
+kube-system           rke2-multus-vbpr5                                       1/1     Running     0              30h
+kube-system           rke2-multus-x4bpg                                       1/1     Running     0              30h
+kube-system           rke2-multus-z22sq                                       1/1     Running     0              30h
+

We will need to create a NetworkAttachmentDefinition

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+
# network-attachment-definition.yaml
+---
+apiVersion: "k8s.cni.cncf.io/v1"
+kind: NetworkAttachmentDefinition
+metadata:
+  name: multus-iot
+  namespace: default
+spec:
+  config: |-
+    {
+      "cniVersion": "0.3.1",
+      "type": "ipvlan",
+      "master": "eth1",
+      "ipam": {
+        "type": "static",
+        "routes": [
+          { "dst": "192.168.0.0/16", "gw": "192.168.20.1" }
+        ]
+      }
+    }
+

Then apply this NetworkAttachmentDefinition

1
+
kubectl apply -f network-attachment-definition.yaml
+

Then check to see if it was created

1
+
kubectl get network-attachment-definitions.k8s.cni.cncf.io multus-iot
+

Should see something like:

1
+2
+
NAME         AGE
+multus-iot   30h
+

You can also describe it to see it contents

1
+
kubectl describe network-attachment-definitions.k8s.cni.cncf.io multus-iot
+

You should see something like:

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+
Name:         multus-iot
+Namespace:    default
+Labels:       <none>
+Annotations:  <none>
+API Version:  k8s.cni.cncf.io/v1
+Kind:         NetworkAttachmentDefinition
+Metadata:
+  Creation Timestamp:  2024-04-14T04:56:02Z
+  Generation:          1
+  Resource Version:    3215172
+  UID:                 89b7f3d0-c094-4831-9b94-5ecdf6b38232
+Spec:
+  Config:  {
+  "cniVersion": "0.3.1",
+  "type": "ipvlan",
+  "master": "eth1",
+  "ipam": {
+    "type": "static",
+    "routes": [
+      { "dst": "192.168.0.0/16", "gw": "192.168.20.1" }
+    ]
+  }
+}
+Events:  <none>
+

Creating a Sample Workload

Let’s create a sample pod and see if it gets our IP

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+
# sample-pod.yaml
+
+apiVersion: v1
+kind: Pod
+metadata:
+  name: sample-pod
+  namespace: default
+  annotations:
+    k8s.v1.cni.cncf.io/networks: |
+      [{
+        "name": "multus-iot",
+        "namespace": "default",
+        "mac": "c6:5e:a4:8e:7a:59",
+        "ips": ["192.168.20.202/24"]
+      }]
+spec:
+  containers:
+  - name: sample-pod
+    command: ["/bin/ash", "-c", "trap : TERM INT; sleep infinity & wait"]
+    image: alpine
+

Check to see if it’s running

1
+
kubectl get pod sample-pod
+

You should see something like:

1
+2
+
NAME         READY   STATUS    RESTARTS   AGE
+sample-pod   1/1     Running   0          30h
+

Now let’s describe the pod to see if it got our IP

1
+
kubectl describe pod sample-pod
+

You should see something like:

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+54
+55
+56
+57
+58
+59
+60
+61
+62
+63
+64
+65
+66
+67
+68
+69
+70
+71
+72
+73
+74
+75
+76
+77
+78
+79
+80
+81
+82
+83
+84
+85
+86
+
➜  home-ops git:(master) k describe pod sample-pod
+Name:             sample-pod
+Namespace:        default
+Priority:         0
+Service Account:  default
+Node:             k8s-home-worker-01/192.168.20.70
+Start Time:       Sun, 14 Apr 2024 00:01:28 -0500
+Labels:           <none>
+Annotations:      k8s.v1.cni.cncf.io/network-status:
+                    [{
+                        "name": "portmap",
+                        "interface": "eth0",
+                        "ips": [
+                            "10.42.4.89"
+                        ],
+                        "mac": "1a:af:f2:3f:32:f8",
+                        "default": true,
+                        "dns": {},
+                        "gateway": [
+                            "10.42.4.163"
+                        ]
+                    },{
+                        "name": "default/multus-iot",
+                        "interface": "net1",
+                        "ips": [
+                            "192.168.20.202"
+                        ],
+                        "mac": "bc:24:11:a0:4b:35",
+                        "dns": {}
+                    }]
+                  k8s.v1.cni.cncf.io/networks:
+                    [{
+                      "name": "multus-iot",
+                      "namespace": "default",
+                      "mac": "c6:5e:a4:8e:7a:59",
+                      "ips": ["192.168.20.202/24"]
+                    }]
+Status:           Running
+IP:               10.42.4.89
+IPs:
+  IP:  10.42.4.89
+Containers:
+  sample-pod:
+    Container ID:  containerd://fdd56e2fcdb3d587d792878285ef0fe50d076167d2b283dbf42aeb1b210d36cf
+    Image:         alpine
+    Image ID:      docker.io/library/alpine@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b
+    Port:          <none>
+    Host Port:     <none>
+    Command:
+      /bin/ash
+      -c
+      trap : TERM INT; sleep infinity & wait
+    State:          Running
+      Started:      Sun, 14 Apr 2024 00:01:29 -0500
+    Ready:          True
+    Restart Count:  0
+    Environment:    <none>
+    Mounts:
+      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-lggfv (ro)
+Conditions:
+  Type              Status
+  Initialized       True
+  Ready             True
+  ContainersReady   True
+  PodScheduled      True
+Volumes:
+  kube-api-access-lggfv:
+    Type:                    Projected (a volume that contains injected data from multiple sources)
+    TokenExpirationSeconds:  3607
+    ConfigMapName:           kube-root-ca.crt
+    ConfigMapOptional:       <nil>
+    DownwardAPI:             true
+QoS Class:                   BestEffort
+Node-Selectors:              <none>
+Tolerations:                 node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
+                             node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
+Events:
+  Type    Reason          Age   From               Message
+  ----    ------          ----  ----               -------
+  Normal  Scheduled       8s    default-scheduler  Successfully assigned default/sample-pod to k8s-home-worker-01
+  Normal  AddedInterface  7s    multus             Add eth0 [10.42.4.89/32] from portmap
+  Normal  AddedInterface  7s    multus             Add net1 [192.168.20.202/24] from default/multus-iot
+  Normal  Pulling         7s    kubelet            Pulling image "alpine"
+  Normal  Pulled          7s    kubelet            Successfully pulled image "alpine" in 388.090289ms (388.099785ms including waiting)
+  Normal  Created         7s    kubelet            Created container sample-pod
+  Normal  Started         7s    kubelet            Started container sample-pod
+

You should see an adapter added to the pod as well as an IP:

1
+2
+3
+
...
+Normal  AddedInterface  7s    multus             Add net1 [192.168.20.202/24] from default/multus-iot
+...
+

Testing the Workload

Be sure you can ping that new IP

1
+2
+3
+4
+5
+6
+
➜  home-ops git:(master) ping 192.168.20.202
+PING 192.168.20.202 (192.168.20.202): 56 data bytes
+64 bytes from 192.168.20.202: icmp_seq=0 ttl=63 time=0.839 ms
+64 bytes from 192.168.20.202: icmp_seq=1 ttl=63 time=0.876 ms
+64 bytes from 192.168.20.202: icmp_seq=2 ttl=63 time=0.991 ms
+64 bytes from 192.168.20.202: icmp_seq=3 ttl=63 time=0.812 ms
+

exec into the pod and test connectivity and DNS

1
+
kubectl exec -it pods/sample-pod -- /bin/sh
+

Once in ping your gateway, ping another device on the network, and ping something on the internet

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+
/ # ping 192.168.20.1
+PING 192.168.20.1 (192.168.20.1): 56 data bytes
+64 bytes from 192.168.20.1: seq=0 ttl=64 time=0.318 ms
+64 bytes from 192.168.20.1: seq=1 ttl=64 time=0.230 ms
+64 bytes from 192.168.20.1: seq=2 ttl=64 time=0.531 ms
+^C
+--- 192.168.20.1 ping statistics ---
+3 packets transmitted, 3 packets received, 0% packet loss
+round-trip min/avg/max = 0.230/0.359/0.531 ms
+/ # ping 192.168.20.52
+PING 192.168.20.52 (192.168.20.52): 56 data bytes
+64 bytes from 192.168.20.52: seq=0 ttl=255 time=88.498 ms
+64 bytes from 192.168.20.52: seq=1 ttl=255 time=3.375 ms
+64 bytes from 192.168.20.52: seq=2 ttl=255 time=25.688 ms
+^C
+--- 192.168.20.52 ping statistics ---
+3 packets transmitted, 3 packets received, 0% packet loss
+round-trip min/avg/max = 3.375/39.187/88.498 ms
+/ # ping google.com
+PING google.com (142.250.191.238): 56 data bytes
+64 bytes from 142.250.191.238: seq=0 ttl=111 time=8.229 ms
+64 bytes from 142.250.191.238: seq=1 ttl=111 time=8.578 ms
+64 bytes from 142.250.191.238: seq=2 ttl=111 time=8.579 ms
+^C
+--- google.com ping statistics ---
+3 packets transmitted, 3 packets received, 0% packet loss
+round-trip min/avg/max = 8.229/8.462/8.579 ms
+/ #
+

Now test DNS by looking up something on the internet, something on your local network, and something inside of your cluster

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+
/ # nslookup google.com
+Server:  10.43.0.10
+Address: 10.43.0.10:53
+
+Non-authoritative answer:
+Name: google.com
+Address: 142.250.191.238
+
+Non-authoritative answer:
+Name: google.com
+Address: 2607:f8b0:4009:81b::200e
+
+/ # nslookup k8s-home-worker-01.local.techtronic.us
+Server:  10.43.0.10
+Address: 10.43.0.10:53
+
+Name: k8s-home-worker-01.local.techtronic.us
+Address: 192.168.60.53
+
+Non-authoritative answer:
+
+/ # nslookup homepage
+Server:  10.43.0.10
+Address: 10.43.0.10:53
+
+** server can't find homepage.cluster.local: NXDOMAIN
+
+** server can't find homepage.svc.cluster.local: NXDOMAIN
+
+** server can't find homepage.cluster.local: NXDOMAIN
+
+** server can't find homepage.svc.cluster.local: NXDOMAIN
+
+
+Name: homepage.default.svc.cluster.local
+Address: 10.43.143.7
+

If all of the tests passed, you should be good!

You can now do the same thing for your other workloads that need to use Multus!

Gotchas

RKE2

If you’re using RKE2 and you notice that your worker nodes are using the wrong IP address after adding an additional NIC, you can override the Node IP with config:

1
+2
+3
+
# /etc/rancher/rke2/config.yaml
+node-ip: 192.168.60.53 # the node's primary IP used for kubernetes
+node-external-ip: 192.168.60.53 # the node's primary IP used for kubernetes
+

You will need to restart the rke service or reboot.

Check with

1
+
kubectl get nodes -o wide
+

You should then see the IP on the node (note my k8s-home-worker-01 has the fix, but k8s-home-worker-02 and k8s-home-worker-03 don’t)

1
+2
+3
+4
+5
+6
+7
+
NAME                 STATUS   ROLES                       AGE   VERSION          INTERNAL-IP     EXTERNAL-IP     OS-IMAGE             KERNEL-VERSION       CONTAINER-RUNTIME
+k8s-home-01          Ready    control-plane,etcd,master   5d    v1.28.8+rke2r1   192.168.60.50   <none>          Ubuntu 22.04.4 LTS   5.15.0-102-generic   containerd://1.7.11-k3s2
+k8s-home-02          Ready    control-plane,etcd,master   5d    v1.28.8+rke2r1   192.168.60.51   <none>          Ubuntu 22.04.4 LTS   5.15.0-102-generic   containerd://1.7.11-k3s2
+k8s-home-03          Ready    control-plane,etcd,master   5d    v1.28.8+rke2r1   192.168.60.52   <none>          Ubuntu 22.04.4 LTS   5.15.0-102-generic   containerd://1.7.11-k3s2
+k8s-home-worker-01   Ready    worker                      5d    v1.28.8+rke2r1   192.168.60.53   192.168.60.53   Ubuntu 22.04.4 LTS   5.15.0-102-generic   containerd://1.7.11-k3s2
+k8s-home-worker-02   Ready    worker                      5d    v1.28.8+rke2r1   192.168.20.71   <none>          Ubuntu 22.04.4 LTS   5.15.0-102-generic   containerd://1.7.11-k3s2
+k8s-home-worker-03   Ready    worker                      5d    v1.28.8+rke2r1   192.168.20.72   <none>          Ubuntu 22.04.4 LTS   5.15.0-102-generic   containerd://1.7.11-k3s2
+

You can see more flags on the RKE2 documentation page

cloud-init and routing

I have also seen odd issues when with routing and using cloud init. I’ve had to override some settings using netplan

You can see there is a misplaced route in your tables

1
+2
+3
+4
+5
+6
+7
+8
+9
+
➜  ~ ip route
+192.168.20.0/24 dev eth1 proto kernel scope link src 192.168.20.72 metric 100
+192.168.20.1 dev eth1 proto dhcp scope link src 192.168.20.72 metric 100
+192.168.60.0/24 dev eth0 proto kernel scope link src 192.168.60.55 metric 100
+192.168.60.1 dev eth0 proto dhcp scope link src 192.168.60.55 metric 100
+192.168.60.10 via 192.168.20.1 dev eth1 proto dhcp src 192.168.20.72 metric 100 # wrong
+192.168.60.10 dev eth0 proto dhcp scope link src 192.168.60.55 metric 100
+192.168.60.22 via 192.168.20.1 dev eth1 proto dhcp src 192.168.20.72 metric 100 #wrong
+192.168.60.22 dev eth0 proto dhcp scope link src 192.168.60.55 metric 100
+

To fix this, we need to override the routes with netplan

1
+
sudo nano /etc/netplan/50-cloud-init.yaml
+
1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+
# This file is generated from information provided by the datasource.  Changes
+# to it will not persist across an instance reboot.  To disable cloud-init's
+# network configuration capabilities, write a file
+# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
+# network: {config: disabled}
+network:
+    version: 2
+    ethernets:
+        eth0:
+            addresses:
+            - 192.168.60.55/24
+            match:
+                macaddress: bc:24:11:f1:2a:e7
+            nameservers:
+                addresses:
+                - 192.168.60.10
+                - 192.168.60.22
+            routes:
+            -   to: default
+                via: 192.168.60.1
+            set-name: eth0
+        eth1:
+            addresses:
+            - 192.168.20.65/24
+            match:
+                macaddress: bc:29:71:9a:01:29
+            nameservers:
+                addresses:
+                - 192.168.60.10
+                - 192.168.60.22
+            routes:
+            -   to: 192.168.20.0/24
+                via: 192.168.20.1
+            set-name: eth1
+        eth2:
+            addresses:
+            - 192.168.40.52/24
+            match:
+                macaddress: bc:24:11:3d:c9:f7
+            nameservers:
+                addresses:
+                - 192.168.60.10
+                - 192.168.60.22
+            routes:
+            -   to: 192.168.40.0/24
+                via: 192.168.40.1
+            set-name: eth2
+

If you know of a better way to do this, please let me know in the comments.

k3s

You will have to make some changes for this to work with k3s. Thanks ThePCGeek!

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+
 # k3s multus install
+apiVersion: helm.cattle.io/v1
+kind: HelmChart
+metadata:
+  name: multus
+  namespace: kube-system
+spec:
+  repo: https://rke2-charts.rancher.io
+  chart: rke2-multus
+  targetNamespace: kube-system
+  # createNamespace: true
+  valuesContent: |-
+    config:
+      cni_conf:
+        confDir: /var/lib/rancher/k3s/agent/etc/cni/net.d
+        clusterNetwork: /var/lib/rancher/k3s/agent/etc/cni/net.d/10-flannel.conflist
+        binDir: /var/lib/rancher/k3s/data/current/bin/
+        kubeconfig: /var/lib/rancher/k3s/agent/etc/cni/net.d/multus.d/multus.kubeconfig
+

mac-vlan

I have also used this mac-vlan config below successfully

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+
---
+apiVersion: "k8s.cni.cncf.io/v1"
+kind: NetworkAttachmentDefinition
+metadata:
+  name: multus-iot
+  namespace: default
+spec:
+  config: |-
+    {
+      "cniVersion": "0.3.1",
+      "name": "multus-iot",
+      "plugins": [
+        {
+          "type": "macvlan",
+          "master": "eth1",
+          "mode": "bridge",
+          "capabilities": {
+            "ips": true
+          },
+          "ipam": {
+            "type": "static",
+            "routes": [{
+              "dst": "192.168.0.0/16",
+              "gw": "192.168.20.1"
+            }]
+          }
+        }
+      ]
+    }
+

Sample Pods

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+
apiVersion: v1
+kind: Pod
+metadata:
+  name: sample-pod
+  namespace: default
+  annotations:
+    k8s.v1.cni.cncf.io/networks: |
+      [{
+        "name": "multus-iot",
+        "namespace": "default",
+        "mac": "c6:5e:a4:8e:7a:59",
+        "ips": ["192.168.20.210/24"],
+        "gateway": [ "192.168.20.1" ]
+      }]
+spec:
+  containers:
+  - name: sample-pod
+    command: ["/bin/ash", "-c", "trap : TERM INT; sleep infinity & wait"]
+    image: alpine
+

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/ai-stack-tutorial/index.html b/posts/ai-stack-tutorial/index.html new file mode 100644 index 0000000000..2c7d633657 --- /dev/null +++ b/posts/ai-stack-tutorial/index.html @@ -0,0 +1,1271 @@ + How to Self-Host Your Own Private AI Stack | Techno Tim
Post

How to Self-Host Your Own Private AI Stack

In this tutorial we’ll walk through my local, private, self-hosted AI stack so that you can run it too.

📺 Watch Video

Disclosures

  • Nothing in this video was sponsored

Info

If you’re looking for the overview of this stack, you can out the video here Self-Hosted AI That’s Actually Useful

Hardware

GPUs

Here are some cards that are good for local AI. Keep in mind that it’s always better to get a newer one for better CUDA support and more RAM. 8GB of RAM should be good for small models like the ones in this stack, however 12-24 is probably best.

NVIDIA RTX 3000 Series

NVIDIA RTX 4000 Series

CPU

You’ll want a modern CPU, if you are going desktop class here are a few I would choose

Storage

For flash storage, I always go with these SSDs

Operating System

I am running Ubuntu Server 24.04 LTS

Drivers

Installing NVIDIA Drivers

If you need help, you can check out this article but here are the commands I ran.

Install the best desktop graphics card for your machine.

1
+
sudo ubuntu-drivers install
+

Install NVIDIA tools

Be sure you install the version that matches your driver from above

1
+
sudo apt install nvidia-utils-535
+

Then reboot your machine

1
+
sudo reboot
+

Once the machine is back up, check to be sure your drivers are functioning properly

1
+
nvidia-smi 
+

Software Overview

Here are the packages and repo’s we’re be using

Traefik

Using

I am using Traefik as the only entry point into this stack. No ports are exposed on the host. If you don’t want to use traefik, just comment out the labels (and optionally rename the network named traefik). You will then need to expose ports for open-webui, stable-diffusion-webui, and whisper in your Docker compose file.

If you need help installing Traefik, see this post on installing traefik 3 on Docker

DNS

Note: If using traefik (or any reverse proxy, remember that all of your internal DNS records will point to this machine! e.g. If the machine running this stack’s ip is 192.168.0.100 you’ll need a DNS record like chat.local.example.com that points to 192.168.0.100

Auth Middleware

This stack contains middleware for basic auth so that the Ollama so that it is secure with a username and password. This is optional. If you don’t want to use basic auth, just remove the auth middleware labels from the ollama service in your compose.

Otherwise, here’s how you create the credential:

Hashing your password for traefik middleware

1
+
echo $(htpasswd -nB ollamauser) | sed -e s/\\$/\\$\\$/g
+

You’ll then want to place this in your .env here using the OLLAMA_API_CREDENTIALS variable. This is then used in the ollama service in your compose file.

Basic Auth Hash

If you want to create a hash value for Basic Auth (Used for Continue extension). You’ll need to use the credential from above.

1
+
echo 'ollamauser:ollamapassword!' | base64
+

NVIDIA Container Toolkit

If you run into issues, you can always visit the NVIDIA Container Toolkit

Configure the production repository

1
+2
+3
+4
+
curl -fsSL https://nvidia.github.io/libnvidia-container/gpgkey | sudo gpg --dearmor -o /usr/share/keyrings/nvidia-container-toolkit-keyring.gpg \
+  && curl -s -L https://nvidia.github.io/libnvidia-container/stable/deb/nvidia-container-toolkit.list | \
+    sed 's#deb https://#deb [signed-by=/usr/share/keyrings/nvidia-container-toolkit-keyring.gpg] https://#g' | \
+    sudo tee /etc/apt/sources.list.d/nvidia-container-toolkit.list
+

Update the packages list from the repository:

1
+
sudo apt-get update
+

Install the NVIDIA Container Toolkit packages

1
+
sudo apt-get install -y nvidia-container-toolkit
+

Configure the container runtime by using the nvidia-ctk command and restart docker

1
+2
+
sudo nvidia-ctk runtime configure --runtime=docker
+sudo systemctl restart docker
+

This will fail if you don’t have Docker installed yet.

Docker

If you need to install Docker see this post on how to install docker and docker compose

After installing Docker you will need to reconfigure the runtime

1
+2
+
sudo nvidia-ctk runtime configure --runtime=docker
+sudo systemctl restart docker
+

Testing

This will test to make sure that the NVIDIA container toolkit can access the NVidia driver.

1
+
sudo docker run --rm --runtime=nvidia --gpus all ubuntu nvidia-smi
+

You should see the same output as running nvidia-smi without Docker.

Folder Structure

Stacks live in /opt/stacks

Here is the folder structure. Most subfolders are created when binding volumes.

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+
├── ai-stack
+│   ├── .env
+│   ├── compose.yaml
+│   ├── ollama
+│   ├── open-webui
+│   ├── searxng
+│   ├── stable-diffusion-webui-docker
+│   └── whisper
+├── home-assistant-stack
+│   ├── compose.yaml
+│   ├── faster-whisper
+│   ├── home-assistant
+│   └── wyoming-piper
+

Folder Permissions

If you run into any folder permission errors while running any of this, you can simple change the owner to yourself using the command. Please replace the user and group with your own user and group.

1
+
sudo chown serveradmin:serveradmin -R /opt/stacks
+

Variables with .env

My ai-stack .envis pretty minimal

1
+2
+3
+4
+5
+6
+7
+
OLLAMA_API_CREDENTIALS=
+DB_USER=
+DB_PASS=
+WHISHPER_HOST=https://whisper.local.example.com
+WHISPER_MODELS=tiny,small
+PUID=
+PGID=
+

AI Stack (Docker Compose)

Here is my compose.yaml

You’ll want to create this in the root of your stack folder (see folder structure above)

The command I use to start, build, and remove orphans is:

1
+
docker compose up -d --build --force-recreate --remove-orphans
+

otherwise you can use

1
+
docker compose up -d --build
+

There are additional steps you’ll need to do before starting this stack. Please continue on to the end.

Here are 2 Docker compose files that you can use on your system.

My Docker Compose Stack

The stack is the one I use in the video as well as at home. If you want to use the general stack without traefik and macvlan, see the general Docker compose stack

Before running this, you will need to create the network for Docker to use.

This might already exist if you are using traefik. If so skip this step.

1
+
docker network create traefik
+

This will create the macvlan network. Adjust accordingly.

1
+2
+3
+4
+5
+
docker network create -d macvlan \
+--subnet=192.168.20.0/24 \
+--gateway=192.168.20.1 \
+-o parent=eth1 \
+iot_macvlan
+

compose.yaml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+54
+55
+56
+57
+58
+59
+60
+61
+62
+63
+64
+65
+66
+67
+68
+69
+70
+71
+72
+73
+74
+75
+76
+77
+78
+79
+80
+81
+82
+83
+84
+85
+86
+87
+88
+89
+90
+91
+92
+93
+94
+95
+96
+97
+98
+99
+100
+101
+102
+103
+104
+105
+106
+107
+108
+109
+110
+111
+112
+113
+114
+115
+116
+117
+118
+119
+120
+121
+122
+123
+124
+125
+126
+127
+128
+129
+130
+131
+132
+133
+134
+135
+136
+137
+138
+139
+140
+141
+142
+143
+144
+145
+146
+147
+148
+149
+150
+151
+152
+153
+154
+155
+156
+157
+158
+159
+160
+161
+162
+163
+164
+165
+166
+167
+168
+169
+170
+171
+172
+173
+174
+175
+176
+177
+178
+179
+180
+181
+182
+183
+184
+185
+186
+187
+188
+189
+190
+191
+192
+193
+194
+195
+196
+197
+198
+199
+200
+201
+202
+203
+204
+205
+206
+207
+208
+209
+210
+211
+212
+213
+214
+215
+216
+217
+218
+219
+220
+221
+222
+223
+224
+225
+226
+227
+228
+229
+230
+
services:
+
+# Ollama
+
+  ollama:
+    image: ollama/ollama:latest
+    container_name: ollama
+    restart: unless-stopped
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+      - OLLAMA_KEEP_ALIVE=24h
+      - ENABLE_IMAGE_GENERATION=True
+      - COMFYUI_BASE_URL=http://stable-diffusion-webui:7860
+    networks:
+      - traefik
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./ollama:/root/.ollama
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.ollama.rule=Host(`ollama.local.example.com`)"
+      - "traefik.http.routers.ollama.entrypoints=https"
+      - "traefik.http.routers.ollama.tls=true"
+      - "traefik.http.routers.ollama.tls.certresolver=cloudflare"
+      - "traefik.http.routers.ollama.middlewares=default-headers@file"
+      - "traefik.http.routers.ollama.middlewares=ollama-auth"
+      - "traefik.http.services.ollama.loadbalancer.server.port=11434"
+      - "traefik.http.routers.ollama.middlewares=auth"
+      - "traefik.http.middlewares.auth.basicauth.users=${OLLAMA_API_CREDENTIALS}"
+    deploy:
+      resources:
+        reservations:
+          devices:
+            - driver: nvidia
+              count: 1
+              capabilities: [gpu]
+
+# open web ui
+  open-webui:
+    image: ghcr.io/open-webui/open-webui:latest
+    container_name: open-webui
+    restart: unless-stopped
+    networks:
+      - traefik
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+      - 'OLLAMA_BASE_URL=http://ollama:11434'
+      - ENABLE_RAG_WEB_SEARCH=True
+      - RAG_WEB_SEARCH_ENGINE=searxng
+      - RAG_WEB_SEARCH_RESULT_COUNT=3
+      - RAG_WEB_SEARCH_CONCURRENT_REQUESTS=10
+      - SEARXNG_QUERY_URL=http://searxng:8080/search?q=<query>
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./open-webui:/app/backend/data
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.open-webui.rule=Host(`chat.local.example.com`)"
+      - "traefik.http.routers.open-webui.entrypoints=https"
+      - "traefik.http.routers.open-webui.tls=true"
+      - "traefik.http.routers.open-webui.tls.certresolver=cloudflare"
+      - "traefik.http.routers.open-webui.middlewares=default-headers@file"
+      - "traefik.http.services.open-webui.loadbalancer.server.port=8080"
+    depends_on:
+      - ollama
+    extra_hosts:
+      - host.docker.internal:host-gateway
+
+  searxng:
+    image: searxng/searxng:latest
+    container_name: searxng
+    networks:
+      - traefik
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./searxng:/etc/searxng
+    depends_on:
+      - ollama
+      - open-webui
+    restart: unless-stopped
+
+# stable diffusion
+
+  stable-diffusion-download:
+    build: ./stable-diffusion-webui-docker/services/download/
+    image: comfy-download
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./stable-diffusion-webui-docker/data:/data
+
+  stable-diffusion-webui:
+    build: ./stable-diffusion-webui-docker/services/comfy/
+    image: comfy-ui
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+      - CLI_ARGS=
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./stable-diffusion-webui-docker/data:/data
+      - ./stable-diffusion-webui-docker/output:/output
+
+    stop_signal: SIGKILL
+    tty: true
+    deploy:
+      resources:
+        reservations:
+          devices:
+              - driver: nvidia
+                device_ids: ['0']
+                capabilities: [compute, utility]
+    restart: unless-stopped
+    networks:
+      - traefik
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.stable-diffusion.rule=Host(`stable-diffusion.local.example.com`)"
+      - "traefik.http.routers.stable-diffusion.entrypoints=https"
+      - "traefik.http.routers.stable-diffusion.tls=true"
+      - "traefik.http.routers.stable-diffusion.tls.certresolver=cloudflare"
+      - "traefik.http.services.stable-diffusion.loadbalancer.server.port=7860"
+      - "traefik.http.routers.stable-diffusion.middlewares=default-headers@file"
+
+# whisper
+  mongo:
+    image: mongo
+    env_file:
+      - .env
+    networks:
+      - traefik
+    restart: unless-stopped
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./whisper/db_data:/data/db
+      - ./whisper/db_data/logs/:/var/log/mongodb/
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+      - MONGO_INITDB_ROOT_USERNAME=${DB_USER:-whishper}
+      - MONGO_INITDB_ROOT_PASSWORD=${DB_PASS:-whishper}
+    command: ['--logpath', '/var/log/mongodb/mongod.log']
+
+  translate:
+    container_name: whisper-libretranslate
+    image: libretranslate/libretranslate:latest-cuda
+    env_file:
+      - .env
+    networks:
+      - traefik
+    restart: unless-stopped
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./whisper/libretranslate/data:/home/libretranslate/.local/share
+      - ./whisper/libretranslate/cache:/home/libretranslate/.local/cache
+    user: root
+    tty: true
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+      - LT_DISABLE_WEB_UI=True
+      - LT_LOAD_ONLY=${LT_LOAD_ONLY:-en,fr,es}
+      - LT_UPDATE_MODELS=True
+    deploy:
+      resources:
+        reservations:
+          devices:
+          - driver: nvidia
+            count: all
+            capabilities: [gpu]
+
+  whisper:
+    container_name: whisper
+    pull_policy: always
+    image: pluja/whishper:latest-gpu
+    env_file:
+      - .env
+    networks:
+      - traefik
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./whisper/uploads:/app/uploads
+      - ./whisper/logs:/var/log/whishper
+      - ./whisper/models:/app/models
+    restart: unless-stopped
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.whisper.rule=Host(`whisper.local.example.com`)"
+      - "traefik.http.routers.whisper.entrypoints=https"
+      - "traefik.http.routers.whisper.tls=true"
+      - "traefik.http.routers.whisper.tls.certresolver=cloudflare"
+      - "traefik.http.services.whisper.loadbalancer.server.port=80"
+      - "traefik.http.routers.whisper.middlewares=default-headers@file"
+    depends_on:
+      - mongo
+      - translate
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+      - PUBLIC_INTERNAL_API_HOST=${WHISHPER_HOST}
+      - PUBLIC_TRANSLATION_API_HOST=${WHISHPER_HOST}
+      - PUBLIC_API_HOST=${WHISHPER_HOST:-}
+      - PUBLIC_WHISHPER_PROFILE=gpu
+      - WHISPER_MODELS_DIR=/app/models
+      - UPLOAD_DIR=/app/uploads
+    deploy:
+      resources:
+        reservations:
+          devices:
+          - driver: nvidia
+            count: all
+            capabilities: [gpu]
+networks:
+  traefik:
+    external: true
+

General Docker Compose Stack

This Docker compose stack does not use traefik and also exposes the port on the host for each service. If you don’t want to expose the port, comment that section out. If you want to use the stack with traefik and macvlan, see the stack I used in the video

Before running this, you will need to create the network for Docker to use.

1
+
docker network create ai-stack
+
1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+54
+55
+56
+57
+58
+59
+60
+61
+62
+63
+64
+65
+66
+67
+68
+69
+70
+71
+72
+73
+74
+75
+76
+77
+78
+79
+80
+81
+82
+83
+84
+85
+86
+87
+88
+89
+90
+91
+92
+93
+94
+95
+96
+97
+98
+99
+100
+101
+102
+103
+104
+105
+106
+107
+108
+109
+110
+111
+112
+113
+114
+115
+116
+117
+118
+119
+120
+121
+122
+123
+124
+125
+126
+127
+128
+129
+130
+131
+132
+133
+134
+135
+136
+137
+138
+139
+140
+141
+142
+143
+144
+145
+146
+147
+148
+149
+150
+151
+152
+153
+154
+155
+156
+157
+158
+159
+160
+161
+162
+163
+164
+165
+166
+167
+168
+169
+170
+171
+172
+173
+174
+175
+176
+177
+178
+179
+180
+181
+182
+183
+184
+185
+186
+187
+188
+189
+190
+191
+192
+193
+194
+195
+196
+197
+198
+199
+200
+201
+202
+203
+
services:
+
+  ollama:
+    image: ollama/ollama:latest
+    container_name: ollama
+    restart: unless-stopped
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+      - OLLAMA_KEEP_ALIVE=24h
+      - ENABLE_IMAGE_GENERATION=True
+      - COMFYUI_BASE_URL=http://stable-diffusion-webui:7860
+    networks:
+      - ai-stack
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./ollama:/root/.ollama
+    ports:
+      - "11434:11434" # Add this line to expose the port
+    deploy:
+      resources:
+        reservations:
+          devices:
+            - driver: nvidia
+              count: 1
+              capabilities: [gpu]
+
+  open-webui:
+    image: ghcr.io/open-webui/open-webui:latest
+    container_name: open-webui
+    restart: unless-stopped
+    networks:
+      - ai-stack
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+      - 'OLLAMA_BASE_URL=http://ollama:11434'
+      - ENABLE_RAG_WEB_SEARCH=True
+      - RAG_WEB_SEARCH_ENGINE=searxng
+      - RAG_WEB_SEARCH_RESULT_COUNT=3
+      - RAG_WEB_SEARCH_CONCURRENT_REQUESTS=10
+      - SEARXNG_QUERY_URL=http://searxng:8080/search?q=<query>
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./open-webui:/app/backend/data
+    depends_on:
+      - ollama
+    extra_hosts:
+      - host.docker.internal:host-gateway
+    ports:
+      - "8080:8080" # Add this line to expose the port
+
+  searxng:
+    image: searxng/searxng:latest
+    container_name: searxng
+    networks:
+      - ai-stack
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./searxng:/etc/searxng
+    depends_on:
+      - ollama
+      - open-webui
+    restart: unless-stopped
+    ports:
+      - "8081:8080" # Add this line to expose the port
+
+  stable-diffusion-download:
+    build: ./stable-diffusion-webui-docker/services/download/
+    image: comfy-download
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./stable-diffusion-webui-docker/data:/data
+
+  stable-diffusion-webui:
+    build: ./stable-diffusion-webui-docker/services/comfy/
+    image: comfy-ui
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+      - CLI_ARGS=
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./stable-diffusion-webui-docker/data:/data
+      - ./stable-diffusion-webui-docker/output:/output
+    stop_signal: SIGKILL
+    tty: true
+    deploy:
+      resources:
+        reservations:
+          devices:
+            - driver: nvidia
+              device_ids: ['0']
+              capabilities: [compute, utility]
+    restart: unless-stopped
+    networks:
+      - ai-stack
+    ports:
+      - "7860:7860" # Add this line to expose the port
+
+  mongo:
+    image: mongo
+    env_file:
+      - .env
+    networks:
+      - ai-stack
+    restart: unless-stopped
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./whisper/db_data:/data/db
+      - ./whisper/db_data/logs/:/var/log/mongodb/
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+      - MONGO_INITDB_ROOT_USERNAME=${DB_USER:-whishper}
+      - MONGO_INITDB_ROOT_PASSWORD=${DB_PASS:-whishper}
+    command: ['--logpath', '/var/log/mongodb/mongod.log']
+    ports:
+      - "27017:27017" # Add this line to expose the port
+
+  translate:
+    container_name: whisper-libretranslate
+    image: libretranslate/libretranslate:latest-cuda
+    env_file:
+      - .env
+    networks:
+      - ai-stack
+    restart: unless-stopped
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./whisper/libretranslate/data:/home/libretranslate/.local/share
+      - ./whisper/libretranslate/cache:/home/libretranslate/.local/cache
+    user: root
+    tty: true
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+      - LT_DISABLE_WEB_UI=True
+      - LT_LOAD_ONLY=${LT_LOAD_ONLY:-en,fr,es}
+      - LT_UPDATE_MODELS=True
+    deploy:
+      resources:
+        reservations:
+          devices:
+          - driver: nvidia
+            count: all
+            capabilities: [gpu]
+    ports:
+      - "5000:5000" # Add this line to expose the port
+
+  whisper:
+    container_name: whisper
+    pull_policy: always
+    image: pluja/whishper:latest-gpu
+    env_file:
+      - .env
+    networks:
+      - ai-stack
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./whisper/uploads:/app/uploads
+      - ./whisper/logs:/var/log/whishper
+      - ./whisper/models:/app/models
+    restart: unless-stopped
+    depends_on:
+      - mongo
+      - translate
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+      - PUBLIC_INTERNAL_API_HOST=${WHISHPER_HOST}
+      - PUBLIC_TRANSLATION_API_HOST=${WHISHPER_HOST}
+      - PUBLIC_API_HOST=${WHISHPER_HOST:-}
+      - PUBLIC_WHISHPER_PROFILE=gpu
+      - WHISPER_MODELS_DIR=/app/models
+      - UPLOAD_DIR=/app/uploads
+    deploy:
+      resources:
+        reservations:
+          devices:
+          - driver: nvidia
+            count: all
+            capabilities: [gpu]
+    ports:
+      - "8000:80" # Add this line to expose the port
+
+networks:
+  ai-stack:
+    external: true
+

Changes for ComfyUI

Before starting the stack, in the room ai-stack folder, you’ll want to clone the repo (or just copy the necessary files).

(this will create the folder for you)

1
+
git clone https://github.com/AbdBarho/stable-diffusion-webui-docker.git
+

After cloning, you’ll want to make a change to the Docker file

1
+
nano stable-diffusion-webui-docker/services/comfy/Dockerfile
+

I commented out the pinning to commit hash and just grabbed the latest comfy.

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+
FROM pytorch/pytorch:2.3.0-cuda12.1-cudnn8-runtime
+
+ENV DEBIAN_FRONTEND=noninteractive PIP_PREFER_BINARY=1
+
+RUN apt-get update && apt-get install -y git && apt-get clean
+
+ENV ROOT=/stable-diffusion
+RUN --mount=type=cache,target=/root/.cache/pip \
+  git clone https://github.com/comfyanonymous/ComfyUI.git ${ROOT} && \
+  cd ${ROOT} && \
+  git checkout master && \
+#  git reset --hard 276f8fce9f5a80b500947fb5745a4dde9e84622d && \
+  pip install -r requirements.txt
+
+WORKDIR ${ROOT}
+COPY . /docker/
+RUN chmod u+x /docker/entrypoint.sh && cp /docker/extra_model_paths.yaml ${ROOT}
+
+ENV NVIDIA_VISIBLE_DEVICES=all PYTHONPATH="${PYTHONPATH}:${PWD}" CLI_ARGS=""
+EXPOSE 7860
+ENTRYPOINT ["/docker/entrypoint.sh"]
+CMD python -u main.py --listen --port 7860 ${CLI_ARGS}
+

If you cloned the repo and want to verify your changes, you can do so with:

1
+
git diff
+

You should see something like

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+
diff --git a/services/comfy/Dockerfile b/services/comfy/Dockerfile
+index 2de504d..a84c8ce 100644
+--- a/services/comfy/Dockerfile
++++ b/services/comfy/Dockerfile
+@@ -9,7 +9,7 @@ RUN --mount=type=cache,target=/root/.cache/pip \
+   git clone https://github.com/comfyanonymous/ComfyUI.git ${ROOT} && \
+   cd ${ROOT} && \
+   git checkout master && \
+-  git reset --hard 276f8fce9f5a80b500947fb5745a4dde9e84622d && \
++#  git reset --hard 276f8fce9f5a80b500947fb5745a4dde9e84622d && \
+   pip install -r requirements.txt
+
+ WORKDIR ${ROOT}
+(END)
+

Downloading Models

You’ll want to grab any models you like from HuggingFace. I am using stabilityai/stable-diffusion-3-medium

You’ll want to download all of the models and then transfer them to your server and put them in the appropriate folders

Models will need to bt placed in the Stable-diffusion folder.

1
+
stable-diffusion-webui-docker/data/models/Stable-diffusion
+

Models are any file in the root of stable-diffusion-3-medium that have the extension *.safetensors

For clips, you’ll need to create this folder (because it doesn’t exist)

1
+
mkdir stable-diffusion-webui-docker/data/models/CLIPEncoder
+

In there you’ll place your clips, from the text_encoders folder from stable-diffusion-3-medium

Example Workflows for ComfyUI and Stable Diffusion 3 Medium

You’ll need to download the same workflows to the machine that accesses ComfyUI so you can import them into the browser.

Example workflows are also available on HuggingFace in the Stable Diffusion 3 Medium repo

Verifying Models

If you’re going to spend all of that time downloading these model files, you should also pend a few minutes verifying them. I typically do this once they are on the server running the AI Stack

1
+
shasum -a 256 ./sd3_medium.safetensors
+

This should output something like:

1
+
cc236278d28c8c3eccb8e21ee0a67ebed7dd6e9ce40aa9de914fa34e8282f191  ./sd3_medium.safetensors
+

You’ll want to be sure the checksum matches the checksum from the source (HuggingFace, etc).

Home Assistant Stack (Docker Compose)

Please see folder structure above

Before running this, you will need to create the network for Docker to use.

This might already exist if you are using traefik. If so skip this step.

1
+
docker network create traefik
+

This will create the macvlan network. Adjust accordingly.

1
+2
+3
+4
+5
+
docker network create -d macvlan \
+--subnet=192.168.20.0/24 \
+--gateway=192.168.20.1 \
+-o parent=eth1 \
+iot_macvlan
+
1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+54
+55
+56
+57
+58
+59
+60
+61
+62
+63
+64
+65
+66
+67
+68
+69
+70
+71
+72
+73
+74
+75
+76
+77
+78
+79
+
---
+services:
+  homeassistant:
+    container_name: homeassistant
+    networks:
+      iot_macvlan:
+        ipv4_address: 192.168.20.202 #optional, I am using mac vlan, if you don't want to, remove iot_macvlan and don't create the network above
+      traefik:
+    image: ghcr.io/home-assistant/home-assistant:stable
+    depends_on:
+      - faster-whisper-gpu
+      - wyoming-piper
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./home-assistant/config:/config
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+    restart: unless-stopped
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.homeassistant.rule=Host(`homeassistant.local.example.com`)"
+      - "traefik.http.routers.homeassistant.entrypoints=https"
+      - "traefik.http.routers.homeassistant.tls=true"
+      - "traefik.http.routers.homeassistant.tls.certresolver=cloudflare"
+      - "traefik.http.routers.homeassistant.middlewares=default-headers@file"
+      - "traefik.http.services.homeassistant.loadbalancer.server.port=8123"
+
+  faster-whisper-gpu:
+    image: lscr.io/linuxserver/faster-whisper:gpu
+    container_name: faster-whisper-gpu
+    networks:
+      - traefik
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+      - WHISPER_MODEL=tiny-int8
+      - WHISPER_BEAM=1 #optional
+      - WHISPER_LANG=en #optional
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./faster-whisper/data:/config
+    restart: unless-stopped
+    deploy:
+      resources:
+        reservations:
+          devices:
+            - driver: nvidia
+              count: 1
+              capabilities: [gpu]
+  wyoming-piper:
+    container_name: wyoming-piper
+    networks:
+      - traefik
+    image: rhasspy/wyoming-piper # no gpu
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./wyoming-piper/data:/data
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+    restart: unless-stopped
+    command: --voice en_US-lessac-medium
+    deploy:
+      resources:
+        reservations:
+          devices:
+            - driver: nvidia
+              count: 1
+              capabilities: [gpu]
+
+networks:
+  traefik:
+    external: true
+  iot_macvlan:
+    external: true
+

Code Completion (VSCode)

I am using Basic Auth Middleware with traefik. Please see traefik section for details on how to set this up.

Extension

I am using Continue for code completion and integrated chat.

Example config.

If you aren’t going to use auth, remove the requestOptions key.

If you are going to use auth, please replace the xxx with the value from above

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+
{
+  "models": [
+    { 
+      "title": "Ollama (Self-Hosted)",
+      "provider": "ollama",
+      "model": "AUTODETECT",
+      "completionOptions": {},
+      "apiBase": "https://ollama.local.example.com",
+      "requestOptions": {
+        "headers": {
+          "Authorization": "Basic xxx"
+        }
+      }
+    }
+  ], 
+  "tabAutocompleteModel": {
+    "title": "Starcoder 3b",
+    "provider": "ollama",
+    "model": "starcoder2:3b",
+    "apiBase": "https://ollama.local.example.com",
+    "requestOptions": {
+      "headers": {
+        "Authorization": "Basic xxx"
+      }
+    }
+  }
+}
+

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/ansible-automation/index.html b/posts/ansible-automation/index.html new file mode 100644 index 0000000000..0583e0f972 --- /dev/null +++ b/posts/ansible-automation/index.html @@ -0,0 +1,171 @@ + Automate EVERYTHING with Ansible! | Techno Tim
Post

Automate EVERYTHING with Ansible!

Ansible.Need I say more? Well, maybe, if you’ve never heard of it. Ansible is a simple IT / DevOps automation that anyone can use.You can Automate anything with an SSH connection and WITHOUT installing any agents or clients. Join me as we set up, configure and start automating with Ansible!

📺 Watch Video

install

1
+2
+3
+
sudo apt update
+sudo apt install ansible
+sudo apt install sshpass
+

Note: Most distributions include an “older” version of Ansible.If you want to install the latest version of Ansible, see installing the latest version of ansible

hosts

1
+2
+3
+4
+5
+
[ubuntu]
+server-01
+server-02
+192.168.0.100
+192.168.0.1002
+

commands

check ansible version

1
+
ansible --version
+

command with module

1
+
ansible -i ./inventory/hosts ubuntu -m ping --user someuser --ask-pass
+

command with playbook

1
+
ansible-playbook ./playbooks/apt.yml --user someuser --ask-pass --ask-become-pass -i ./inventory/hosts
+

playbooks

apt.yml

1
+2
+3
+4
+5
+6
+7
+
- hosts: "*"
+  become: yes
+  tasks:
+    - name: apt
+      apt:
+        update_cache: yes
+        upgrade: 'yes'
+

qemu-guest-agent.yml

1
+2
+3
+4
+5
+6
+7
+8
+9
+
- name: install latest qemu-guest-agent
+  hosts: "*"
+  tasks:
+    - name: install qemu-guest-agent
+      apt:
+        name: qemu-guest-agent
+        state: present
+        update_cache: true
+      become: true
+

zsh.yml

1
+2
+3
+4
+5
+6
+7
+8
+9
+
- name: install latest zsh on all hosts
+  hosts: "*"
+  tasks:
+    - name: install zsh
+      apt:
+        name: zsh
+        state: present
+        update_cache: true
+      become: true
+

timezone.yml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+
- name: Set timezone and configure timesyncd
+  hosts: "*"
+  become: yes
+  tasks:
+  - name: set timezone
+    shell: timedatectl set-timezone America/Chicago
+
+  - name: Make sure timesyncd is stopped
+    systemd:
+      name: systemd-timesyncd.service
+      state: stopped
+
+  - name: Copy over the timesyncd config
+    template: src=../templates/timesyncd.conf dest=/etc/systemd/timesyncd.conf
+
+  - name: Make sure timesyncd is started
+    systemd:
+      name: systemd-timesyncd.service
+      state: started
+

timesyncd.conf

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+
#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+#
+# Entries in this file show the compile time defaults.
+# You can change settings by editing this file.
+# Defaults can be restored by simply deleting this file.
+#
+# See timesyncd.conf(5) for details.
+
+[Time]
+NTP=192.168.0.4
+FallbackNTP=time.cloudflare.com
+#RootDistanceMaxSec=5
+#PollIntervalMinSec=32
+#PollIntervalMaxSec=2048
+

Installing the latest version of Ansible

Most distributions have an older version of Ansible installed.This is usually fine except sometimes you may need to use features from the latest Ansible.Use the following commands to update Ansible to the latest version.

Check version

1
+
ansible --version
+

If it’s not the version you are looking for, check to see where it is installed

1
+
which ansible
+

If it lives somewhere like

1
+
/usr/bin/ansible
+

this is most likely due to your distribution installing it there.

Remove previous version

1
+
sudo apt remove ansible
+

Check to be sure it is removed

1
+
which ansible
+

You should see

1
+
ansible not found
+

check to see that you have python3 and pip

1
+
python3 -m pip -V
+

You should see something like

1
+
pip 22.3.1 from /home/user/.local/lib/python3.8/site-packages/pip (python 3.8)
+

Install pip if the previous couldn’t find the pip module

1
+
curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py
+

Install ansible

1
+
python3 -m pip install --user ansible
+

Confirm your version with

1
+
ansible --version
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/authelia-traefik/index.html b/posts/authelia-traefik/index.html new file mode 100644 index 0000000000..849c7e9d00 --- /dev/null +++ b/posts/authelia-traefik/index.html @@ -0,0 +1,23 @@ + 2 Factor Auth and Single Sign on with Authelia | Techno Tim
Post

2 Factor Auth and Single Sign on with Authelia

Authelia is an open source Single Sign On and 2FA companion for reverse proxies.It helps you secure your endpoints with single factor and 2 factor auth.It works with Nginx, Traefik, and HA proxy.Today, we’ll configure Authelia with Portainer and Traefik and have 2 Factor up and running with brute force protection!

📺 Watch Video

Traefik

Authelia will work with other reverse proxies but I used Traefik.If you want to configure Traefik as your reverse proxy see this guide.

Docker Setup

See this post on how to install docker and docker-compose

Authelia

configuration.yml, users_database.yml, and docker-compose.yml can be found here

Example heimdall can be found here here

Traefik configuration changes can be found here

Generation a hashed password

1
+2
+
$ docker run authelia/authelia:latest authelia hash-password 'yourpassword'
+Password hash: $argon2id$v=19$m=65536$3oc26byQuSkQqksq$zM1QiTvVPrMfV6BVLs2t4gM+af5IN7euO0VB6+Q8ZFs
+

Files and folders

1
+2
+3
+4
+5
+6
+7
+8
+
mkdir authelia
+cd authelia
+mkdir config
+cd config
+nano configuration.yml
+nano users_database.yml
+cd ..
+nano docker-compose.yml
+

Create Authelia container

1
+
docker-compose up -d
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/automate-lawn-garden/index.html b/posts/automate-lawn-garden/index.html new file mode 100644 index 0000000000..ebbacfbd06 --- /dev/null +++ b/posts/automate-lawn-garden/index.html @@ -0,0 +1 @@ + I Automated Watering My Lawn & Garden! | Techno Tim
Post

I Automated Watering My Lawn & Garden!

This week I finally decided to automate the watering of my lawn and garden without irrigation, here’s how…

📺 Watch Video

Automation Without Irrigation

Since I don’t have irrigation, I have to use hoses, but that’s OK because I picked up these hose faucet timers. They’re great because you can hook them up to any hose faucet. I picked up this manifold and connected 4 of these faucet timers, one for each zone. As you can see I also split one zone into 2, we’ll talk about that in a sec. I can program each zone in the b-hyve app app to turn on each individually, and these sprinklers have a ton of watering options. The app also takes into consideration the rainfall so you’re not wasting water. And it’s not just for lawns, I also automated watering my garden giving it just the right amount of water each day. These soakers, along with a pressure reducer, help deliver water exactly where I want it. The soakers also works great for flower boxes that doesn’t receive any rain. If you’re a geek like me, you can even connect this to Home Assistant or even HomeKit.

If you’re looking for the Home Assistant plugin I used to managed these timers, you can find it here Don’t forget to ⭐ the repo!

4 port manifold! Here’s the 4 port manifold I used to create 4 zones

4 zones! Here are the 4 faucet timers I used to create 4 separate zones!

sprinklers in action! Here are the sprinklers in action! Highly recommend these because they have a ton of watering options and they are silent

Where to Buy

See the whole kit here! - https://kit.co/TechnoTim/automated-lawn-and-garden-care

(Affiliate links are included in this description. I may receive a small commission at no cost to you.)

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/broadlink-control/index.html b/posts/broadlink-control/index.html new file mode 100644 index 0000000000..8bbb51b57e --- /dev/null +++ b/posts/broadlink-control/index.html @@ -0,0 +1 @@ + I Built Something for Your Homelab... | Techno Tim
Post

I Built Something for Your Homelab...

I am betting you have at least 3 infrared remote controls in your house.I am also willing to be you would love to automate some of these from time to time.Well don’t worry I have the solution for you! In this video we walk through setting up a self-hosted /local only Broadlink Wifi Smart Home Hub that you can use within your own home without connecting to the cloud.Added bonus, I built a Docker container you can pull down and add to your Rancher, Portainer, Synology, QNAP, or any server running Docker or Kubernetes.This includes a python backend and API as well as a ReactJS frontend so that you can discover, learn, and send commands from the web UI or even from the web API.I hope you enjoy it!

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/change-detection-docker/index.html b/posts/change-detection-docker/index.html new file mode 100644 index 0000000000..056043e30f --- /dev/null +++ b/posts/change-detection-docker/index.html @@ -0,0 +1,145 @@ + Track Changes Online with ChangeDetection, a Self-Hosted Docker Container! | Techno Tim
Post

Track Changes Online with ChangeDetection, a Self-Hosted Docker Container!

Tracking things on the web just got a whole lot easier with ChangeDetection, the free and open source Docker container! Track website changes, price changes of products, and even track out of stock products with notifications all from a container you host yourself!

📺 Watch Video

Disclosures

  • Thanks to Docker for Sponsoring this Video!
  • Get Actionable insights for software supply chain management with Docker Scout! https://dockr.ly/45HWDnR

Info

⭐ ChangeDetection on GitHub: https://github.com/dgtlmoon/changedetection.io

Docker Setup

See this post on how to install docker and docker compose

Prepare Our Server

Create folder for your compose and mounts

1
+2
+
mkdir changedetection
+cd changedetection
+

Then we’ll create a folder to hold our data and our datastore

1
+2
+3
+4
+5
+
mkdir data
+cd data
+mkdir datastore
+cd datastore
+cd ../.. # go back to the root of changedetection/
+

Create docker compose file and add contents

1
+2
+
touch compose.yaml
+nano compose.yaml
+

Your folder structure should look like this

1
+2
+3
+4
+
./changedetection
+├── data
+│   └── datastore
+└── docker-compose.yml
+

Tasks from Our Compose File

Docker Compose Contents

Simple version of change detection

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+
---
+services:
+  changedetection:
+    image: ghcr.io/dgtlmoon/changedetection.io:latest
+    container_name: changedetection
+    hostname: changedetection
+    environment:
+      # - BASE_URL=https://mysite.com # configure this for your own domain
+    volumes:
+      - ./data/datastore:/datastore
+    ports:
+      - 5000:5000
+

Advanced version of change detection

If you want to use Selenium + Webdriver, uncomment the WEBDRIVER_URL variable and the browser-chrome service, and then comment out PLAYWRIGHT_DRIVER_URL variable and playwright-chrome service.

To see all supported configurations, see the Docker compose file on github

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+
---
+services:
+  changedetection:
+    image: ghcr.io/dgtlmoon/changedetection.io:latest
+    container_name: changedetection
+    hostname: changedetection
+    volumes:
+      - ./data/datastore:/datastore
+    ports:
+      - 5000:5000
+    environment:
+      # - WEBDRIVER_URL=http://playwright-chrome:4444/wd/hub
+      - PLAYWRIGHT_DRIVER_URL=ws://playwright-chrome:3000
+      # - BASE_URL=https://mysite.com # configure this for your own domain
+
+    depends_on:
+      playwright-chrome:
+        condition: service_started
+    restart: unless-stopped
+
+  # browser-chrome:
+  #   hostname: browser-chrome
+  #   image: selenium/standalone-chrome:125.0
+  #   shm_size: '2gb'
+  #   # volumes:
+  #   #     # Workaround to avoid the browser crashing inside a docker container
+  #   #     # See https://github.com/SeleniumHQ/docker-selenium#quick-start
+  #   #     - /dev/shm:/dev/shm
+  #   restart: unless-stopped
+   
+  playwright-chrome:
+    hostname: playwright-chrome
+    image: browserless/chrome
+    restart: unless-stopped
+    environment:
+      - SCREEN_WIDTH=1920
+      - SCREEN_HEIGHT=1024
+      - SCREEN_DEPTH=16
+      - ENABLE_DEBUGGER=false
+      - PREBOOT_CHROME=true
+      - CONNECTION_TIMEOUT=300000
+      - MAX_CONCURRENT_SESSIONS=10
+      - CHROME_REFRESH_TIME=600000
+      - DEFAULT_BLOCK_ADS=true
+      - DEFAULT_STEALTH=true
+      # Ignore HTTPS errors, like for self-signed certs
+      - DEFAULT_IGNORE_HTTPS_ERRORS=true
+

Chrome Extension

If you want to install the Chrome Extenions, you can but adding it here

Then all you need to do to configure it is visit your ChangeDetection site and click Settings and it will automatically configure it for you!

Then when visiting a site, all you need to do it click the extension and click add!

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/cloud-init-cloud-image/index.html b/posts/cloud-init-cloud-image/index.html new file mode 100644 index 0000000000..776d0c4974 --- /dev/null +++ b/posts/cloud-init-cloud-image/index.html @@ -0,0 +1,25 @@ + Perfect Proxmox Template with Cloud Image and Cloud Init | Techno Tim
Post

Perfect Proxmox Template with Cloud Image and Cloud Init

Using Cloud Images and Cloud Init with Proxmox is easy, fast, efficient, and fun! Cloud Images are small images that are certified cloud ready that have Cloud Init preinstalled and ready to accept a Cloud Config.Cloud Images and Cloud Init also work with Proxmox and if you combine the two you have a perfect, small, efficient, optimized clone template to provision machines with your ssh keys and network settings.So join me as we discuss, set up, and configure Proxmox with Cloud Images and Cloud Init.

📺 Watch Video

Instructions

Choose your Ubuntu Cloud Image

Download Ubuntu (replace with the url of the one you chose from above)

1
+
wget https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img
+

Create a new virtual machine

1
+
qm create 8000 --memory 2048 --core 2 --name ubuntu-cloud --net0 virtio,bridge=vmbr0
+

Import the downloaded Ubuntu disk to local storage (Change local to the storage of your choice)

1
+
qm disk import 8000 noble-server-cloudimg-amd64.img local
+

Attach the new disk to the vm as a scsi drive on the scsi controller (Change local to the storage of your choice)

1
+
qm set 8000 --scsihw virtio-scsi-pci --scsi0 local:vm-8000-disk-0
+

Add cloud init drive ((Change local to the storage of your choice)

1
+
qm set 8000 --ide2 local:cloudinit
+

Make the cloud init drive bootable and restrict BIOS to boot from disk only

1
+
qm set 8000 --boot c --bootdisk scsi0
+

Add serial console

1
+
qm set 8000 --serial0 socket --vga serial0
+

DO NOT START YOUR VM

Now, configure hardware and cloud init, then create a template and clone.If you want to expand your hard drive you can on this base image before creating a template or after you clone a new machine.I prefer to expand the hard drive after I clone a new machine based on need.

Create template.

1
+
qm template 8000
+

Clone template.

1
+
qm clone 8000 135 --name yoshi --full
+

Troubleshooting

If you need to reset your machine-id

1
+2
+
sudo rm -f /etc/machine-id
+sudo rm -f /var/lib/dbus/machine-id
+

Then shut it down and do not boot it up.A new id will be generated the next time it boots.If it does not you can run:

1
+
sudo systemd-machine-id-setup
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/code-server-self-host/index.html b/posts/code-server-self-host/index.html new file mode 100644 index 0000000000..8c89752f12 --- /dev/null +++ b/posts/code-server-self-host/index.html @@ -0,0 +1 @@ + Self-Host Code Server in Your Homelab -- VS Code in a Browser! | Techno Tim
Post

Self-Host Code Server in Your Homelab -- VS Code in a Browser!

Have you ever wanted to run VS Code in your browser? What if you had access to your terminal and could pull and commit code as well as push it up to GitHub all from a browser or tablet? That’s exactly what code server does! In this tutorial we’ll walk through step by step of how to install and configure code server to get it self-hosted in your homelab.We’ll start with bare metal and virtualization and then work our way up to Docker, Kubernetes, and Rancher.Then, you don’t have to carry around your laptop anymore! You can preserve battery life on the go and leave the intensive tasks to your homelab server.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/create-your-own-zigbee-hub/index.html b/posts/create-your-own-zigbee-hub/index.html new file mode 100644 index 0000000000..63be19b534 --- /dev/null +++ b/posts/create-your-own-zigbee-hub/index.html @@ -0,0 +1,347 @@ + Create Your Own Zigbee Hub & Network | Techno Tim
Post

Create Your Own Zigbee Hub & Network

This simple but powerful little adapter lets you build your own Zigbee network and easily add and manage it in Home Assistant, no hub required!

📺 Watch Video

Disclosures

  • Nothing in this video was sponsored

Info

Hardware

Code

A simplified Home Assistant Stack with Zigbee2MQTT Support. Don’t forget to update your Zigbee2MQTT configuration!

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+
---
+services:
+  homeassistant:
+    container_name: homeassistant
+    image: ghcr.io/home-assistant/home-assistant:stable
+    depends_on:
+      - mqtt
+      - zigbee2mqtt
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./home-assistant/config:/config
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+    restart: unless-stopped
+    ports:
+      - 8123:8123
+  mqtt:
+    container_name: mqtt
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+    image: eclipse-mosquitto:latest
+    restart: unless-stopped
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./mqtt/data:/mosquitto
+    ports:
+      - 1883:1883
+      - 9001:9001
+    command: mosquitto -c /mosquitto-no-auth.conf
+
+  zigbee2mqtt:
+    container_name: zigbee2mqtt
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+    restart: unless-stopped
+    image: koenkk/zigbee2mqtt:latest
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./zigbee2mqtt/data:/app/data
+    ports:
+      - 8080:8080
+

My Home Assistant Stack:

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+54
+55
+56
+57
+58
+59
+60
+61
+62
+63
+64
+65
+66
+67
+68
+69
+70
+71
+72
+73
+74
+75
+76
+77
+78
+79
+80
+81
+82
+83
+84
+85
+86
+87
+88
+89
+90
+91
+92
+93
+94
+95
+96
+97
+98
+99
+100
+101
+102
+103
+104
+105
+106
+107
+108
+109
+110
+111
+112
+113
+114
+115
+116
+117
+118
+119
+120
+121
+122
+123
+124
+125
+126
+
---
+services:
+  homeassistant:
+    container_name: homeassistant
+    networks:
+      iot_macvlan:
+        ipv4_address: 192.168.20.202
+      traefik:
+    image: ghcr.io/home-assistant/home-assistant:stable
+    depends_on:
+      - faster-whisper-gpu
+      - wyoming-piper
+      - mqtt
+      - zigbee2mqtt
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./home-assistant/config:/config
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+    restart: unless-stopped
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.homeassistant.rule=Host(`homeassistant.local.techtronic.us`)"
+      - "traefik.http.routers.homeassistant.entrypoints=https"
+      - "traefik.http.routers.homeassistant.tls=true"
+      - "traefik.http.routers.homeassistant.tls.certresolver=cloudflare"
+      - "traefik.http.routers.homeassistant.middlewares=default-headers@file"
+      - "traefik.http.services.homeassistant.loadbalancer.server.port=8123"
+      - "com.centurylinklabs.watchtower.enable=true"
+  faster-whisper-gpu:
+    image: lscr.io/linuxserver/faster-whisper:gpu
+    container_name: faster-whisper-gpu
+    networks:
+      - traefik
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+      - WHISPER_MODEL=tiny-int8
+      - WHISPER_BEAM=1 #optional
+      - WHISPER_LANG=en #optional
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./faster-whisper/data:/config
+    restart: unless-stopped
+    labels:
+      - "com.centurylinklabs.watchtower.enable=true"
+    deploy:
+      resources:
+        reservations:
+          devices:
+            - driver: nvidia
+              count: 1
+              capabilities: [gpu]
+  wyoming-piper:
+    container_name: wyoming-piper
+    networks:
+      - traefik
+    image: rhasspy/wyoming-piper # no gpu
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./wyoming-piper/data:/data
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+    restart: unless-stopped
+    labels:
+      - "com.centurylinklabs.watchtower.enable=true"
+    command: --voice en_US-lessac-medium
+    deploy:
+      resources:
+        reservations:
+          devices:
+            - driver: nvidia
+              count: 1
+              capabilities: [gpu]
+  mqtt:
+    container_name: mqtt
+    networks:
+      - traefik
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+    image: eclipse-mosquitto:latest
+    restart: unless-stopped
+    labels:
+      - "com.centurylinklabs.watchtower.enable=true"
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./mqtt/data:/mosquitto
+    command: mosquitto -c /mosquitto-no-auth.conf
+
+  zigbee2mqtt:
+    container_name: zigbee2mqtt
+    networks:
+      iot_macvlan:
+        ipv4_address: 192.168.20.204
+      traefik:
+    environment:
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+    restart: unless-stopped
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.zigbee2mqtt.rule=Host(`zigbee2mqtt.local.techtronic.us`)"
+      - "traefik.http.routers.zigbee2mqtt.entrypoints=https"
+      - "traefik.http.routers.zigbee2mqtt.tls=true"
+      - "traefik.http.routers.zigbee2mqtt.tls.certresolver=cloudflare"
+      - "traefik.http.routers.zigbee2mqtt.middlewares=default-headers@file"
+      - "traefik.http.services.zigbee2mqtt.loadbalancer.server.port=8080"
+      - "com.centurylinklabs.watchtower.enable=true"
+    image: koenkk/zigbee2mqtt:latest
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./zigbee2mqtt/data:/app/data
+networks:
+  traefik:
+    external: true
+  iot_macvlan:
+    external: true
+
+

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/creator-summit-2024-demicrosoftification/index.html b/posts/creator-summit-2024-demicrosoftification/index.html new file mode 100644 index 0000000000..657b9adf78 --- /dev/null +++ b/posts/creator-summit-2024-demicrosoftification/index.html @@ -0,0 +1 @@ + How one company is "De-Microsoft-ifying" and pushing Linux on the desktop | Techno Tim
Post

How one company is "De-Microsoft-ifying" and pushing Linux on the desktop

45Drives is De-Microsoft-ifying and leading the charge by replacing Windows with Linux desktops and replacing proprietary solutions with open source. This topic of “demicrosoftification” was discussed at the Creator Summit 2024 at 45Drives headquarters. I attended along with many other tech YouTubers in this space. They also gave us a sneak peek at some new hardware too and an early look at some unique prototypes.

Thanks to 45Drives for inviting me to this event! If you’d like to learn more about them you can here: https://www.45drives.com/techno-tim

📺 Watch Video

Disclosures

  • 45Drives did provide travel and accommodations to attend this event, however I was not paid.

Info

Here are some helpful links:

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/crowdsec-traefik/index.html b/posts/crowdsec-traefik/index.html new file mode 100644 index 0000000000..3624ecf050 --- /dev/null +++ b/posts/crowdsec-traefik/index.html @@ -0,0 +1,379 @@ + Open Source & Collaborative Security with CrowdSec and Traefik - CrowdSec & Traefik Tutorial | Techno Tim
Post

Open Source & Collaborative Security with CrowdSec and Traefik - CrowdSec & Traefik Tutorial

CrowdSec is a free, open-source and collaborative IPS. Analyze behaviors, respond to attacks & share signals across the community.With CrowdSec, you can set up your own intrusion detection system that parses logs, detects and blocks threats, and shares bad actors with the larger CrowdSec community.It works great with a reverse proxy like traefik to help keep hackers at bay.Could this be a viable alternative to fail2ban?

📺 Watch Video

A HUGE THANK YOU to Micro Center for sponsoring this video!

New Customers Exclusive – Get a Free 240gb SSD at Micro Center: https://micro.center/1fbb85

If you need to set up traefik, you can follow this post here on configuring traefik

If you need a high level overview of HomeLab and Self-Hosting Security, check out this video that will help you keep your network safe.

Configure CrowdSec

traefik bouncer repo https://github.com/fbonalair/traefik-crowdsec-bouncer

1
+2
+3
+4
+
mkdir crowdsec
+cd crowdsec
+touch docker-compose.yml
+nano docker-compose.yml
+
1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+
version: '3.8'
+services:
+  crowdsec:
+    image: crowdsecurity/crowdsec:latest
+    container_name: crowdsec
+    environment:
+      GID: "${GID-1000}"
+      COLLECTIONS: "crowdsecurity/linux crowdsecurity/traefik"
+    # depends_on:  #uncomment if running traefik in the same compose file
+    #   - 'traefik'
+    volumes:
+      - ./config/acquis.yaml:/etc/crowdsec/acquis.yaml
+      - crowdsec-db:/var/lib/crowdsec/data/
+      - crowdsec-config:/etc/crowdsec/
+      - traefik_traefik-logs:/var/log/traefik/:ro
+    networks:
+      - proxy
+    restart: unless-stopped
+
+  bouncer-traefik:
+    image: docker.io/fbonalair/traefik-crowdsec-bouncer:latest
+    container_name: bouncer-traefik
+    environment:
+      CROWDSEC_BOUNCER_API_KEY: some-api-key
+      CROWDSEC_AGENT_HOST: crowdsec:8080
+    networks:
+      - proxy # same network as traefik + crowdsec
+    depends_on:
+      - crowdsec
+    restart: unless-stopped
+networks:
+  proxy:
+    external: true
+volumes:
+  crowdsec-db:
+  crowdsec-config:
+  traefik_traefik-logs: # this will be the name of the volume from trarfic logs
+    external: true # remove if traefik is running on same stack
+
1
+2
+3
+4
+
cd config
+touch acquis.yaml
+nano acquis.yaml
+docker-compose up -d --force-recreate
+
1
+2
+3
+4
+
filenames:
+  - /var/log/traefik/*
+labels:
+  type: traefik
+

Configure Traefik

1
+2
+3
+
cd traefik
+cd data
+nano traefik.yml
+
1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+
api:
+  dashboard: true
+  debug: true
+entryPoints:
+  http:
+    address: ":80"
+    http:
+      middlewares:
+        - crowdsec-bouncer@file
+  https:
+    address: ":443"
+    http:
+      middlewares:
+        - crowdsec-bouncer@file
+serversTransport:
+  insecureSkipVerify: true
+providers:
+  docker:
+    endpoint: "unix:///var/run/docker.sock"
+    exposedByDefault: false
+  file:
+    filename: /config.yml
+certificatesResolvers:
+  cloudflare:
+    acme:
+      email: someone@example.com
+      storage: acme.json
+      dnsChallenge:
+        provider: cloudflare
+        resolvers:
+          - "1.1.1.1:53"
+log:
+  level: "INFO"
+  filePath: "/var/log/traefik/traefik.log"
+accessLog:
+  filePath: "/var/log/traefik/access.log"
+
1
+
nano docker-compose.yml
+
1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+
version: '3'
+
+services:
+  traefik:
+    image: traefik:latest
+    container_name: traefik
+    restart: unless-stopped
+    security_opt:
+      - no-new-privileges:true
+    networks:
+      - proxy
+    ports:
+      - 80:80
+      - 443:443
+    environment:
+      - CF_API_EMAIL=user@example.com
+      - CF_DNS_API_TOKEN=YOUR_API_TOKEN
+      # - CF_API_KEY=YOUR_API_KEY
+      # be sure to use the correct one depending on if you are using a token or key
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - /home/username/traefik/data/traefik.yml:/traefik.yml:ro
+      - /home/username/traefik/data/acme.json:/acme.json
+      - /home/username/traefik/data/config.yml:/config.yml:ro
+      - traefik-logs:/var/log/traefik
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.traefik.entrypoints=http"
+      - "traefik.http.routers.traefik.rule=Host(`traefik-dashboard.local.example.com`)"
+      - "traefik.http.middlewares.traefik-auth.basicauth.users=USER:BASIC_AUTH_PASSWORD"
+      - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
+      - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"
+      - "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
+      - "traefik.http.routers.traefik-secure.entrypoints=https"
+      - "traefik.http.routers.traefik-secure.rule=Host(`traefik-dashboard.local.example.com`)"
+      - "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
+      - "traefik.http.routers.traefik-secure.tls=true"
+      - "traefik.http.routers.traefik-secure.tls.certresolver=cloudflare"
+      - "traefik.http.routers.traefik-secure.tls.domains[0].main=local.example.com"
+      - "traefik.http.routers.traefik-secure.tls.domains[0].sans=*.local.example.com"
+      - "traefik.http.routers.traefik-secure.service=api@internal"
+
+networks:
+  proxy:
+    external: true
+volumes:
+  traefik-logs:
+
1
+
docker-compose up -d --force-recreate
+
1
+2
+
cd config/data
+nano config.yml
+

add

1
+2
+3
+4
+5
+
    crowdsec-bouncer:
+      forwardauth:
+        address: http://bouncer-traefik:8080/api/v1/forwardAuth
+        trustForwardHeader: true
+
+
1
+
nano traefik.yml
+
1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+
# check to be sure you have your middleware set for both
+entryPoints:
+  http:
+    address: ":80"
+    http:
+      middlewares:
+        - crowdsec-bouncer@file
+  https:
+    address: ":443"
+    http:
+      middlewares:
+        - crowdsec-bouncer@file
+

Dashboard

To add a self-hosted dashboard update your docker-compose.yml

1
+2
+
cd crowdsec
+touch Dockerfile
+
1
+2
+
FROM metabase/metabase
+RUN mkdir /data/ && wget https://crowdsec-statics-assets.s3-eu-west-1.amazonaws.com/metabase_sqlite.zip && unzip metabase_sqlite.zip -d /data/
+
1
+
nano docker-compose.yml
+
1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+
  dashboard:
+    #we're using a custom Dockerfile so that metabase pops with pre-configured dashboards
+    build: ./dashboard
+    restart: always
+    ports:
+      - 3000:3000
+    environment:
+      MB_DB_FILE: /data/metabase.db
+      MGID: "${GID-1000}"
+    depends_on:
+      - 'crowdsec'
+    volumes:
+      - crowdsec-db:/metabase-data/
+    networks:
+      crowdsec_test:
+        ipv4_address: 172.20.0.5
+

restart container

1
+
docker-compose up -d --force-recreate
+

Default’s credentials for metabase are crowdsec@crowdsec.net and !!Cr0wdS3c_M3t4b4s3?? Be sure to change this.

CrowdSec Commands

see metrics

1
+
docker exec crowdsec cscli metrics
+

see bans

1
+
docker exec crowdsec cscli decisions list
+

manually install collections

1
+
docker exec crowdsec cscli collections install crowdsecurity/traefik
+

update hubs

1
+
docker exec crowdsec cscli hub update
+

upgrade hubs

1
+
docker exec crowdsec cscli hub upgrade
+

add bouncer

(save api key somewhere)

1
+
docker exec crowdsec cscli bouncers add bouncer-traefik
+

ban ip

1
+
docker exec crowdsec cscli decisions add --ip 192.168.0.101
+

unban ip

1
+
docker exec crowdsec cscli decisions delete --ip 192.168.0.101
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/custom-docker-image/index.html b/posts/custom-docker-image/index.html new file mode 100644 index 0000000000..666c612596 --- /dev/null +++ b/posts/custom-docker-image/index.html @@ -0,0 +1,23 @@ + Building your first Dockerfile, Image, and Container | Techno Tim
Post

Building your first Dockerfile, Image, and Container

We spin up all types of containers on my channel in my tutorials, but we have yet to build our own custom Docker container image.Today we’ll start from scratch with an empty Dockerfile and create, build, and run our very own custom Docker image! We’ll learn all the commands that everyone should know when building and maintaining images with Docker.This tutorial is a great way to get started with Docker!

📺 Watch Video

Install Docker

To install docker, see this post

Docker commands

Source files

build image

1
+
docker build .
+

build image with tag

1
+
docker build -t hello-internet
+

list docker images

1
+
docker images
+

list docker containers

1
+
docker ps
+

list docker containers including stopped

1
+
docker ps -a
+

create container from image

1
+
docker run -d -p 80:80 <image id>
+

exec into running container

1
+
docker exec -it <container id> /bin/sh
+

stop running container

1
+
docker stop <container id>
+

start a stopped container

1
+
docker start <container id>
+

remove a container

1
+
docker rm <container id>
+

remove an image

1
+
docker rmi <image id>
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/deep-learning-my-life/index.html b/posts/deep-learning-my-life/index.html new file mode 100644 index 0000000000..4cd9e024f8 --- /dev/null +++ b/posts/deep-learning-my-life/index.html @@ -0,0 +1 @@ + I ran MY LIFE through a DEEP LEARNING algorithm and here's what came out... | Techno Tim
Post

I ran MY LIFE through a DEEP LEARNING algorithm and here's what came out...

My life, ran against a neural network and detected by Deep Learning.If you’d like to see how this video was generated using ML and Deep Learning, check out the video here:

How this video was generated

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/desk-tour-2023/index.html b/posts/desk-tour-2023/index.html new file mode 100644 index 0000000000..35a8c0a42c --- /dev/null +++ b/posts/desk-tour-2023/index.html @@ -0,0 +1 @@ + My NEW Ultimate Desk & Setup Tour 2023! | Techno Tim
Post

My NEW Ultimate Desk & Setup Tour 2023!

Ever wonder what my home office and studio looks like and which tools I use? Check out my NEW ultimate desk & setup Tour for 2023! (My setup, my desk, my workbench, and even my studio rack for 2023!)

Disclosures:

  • I was not paid
  • Elgato provided some items for free, the rest I chose and bought with my own money over the years
  • Grovemade provided desk shelf and desk pad for free
  • I bought everything else with my own money

Thanks to Grovemade for helping me organize my desk! Use code TECHNOTIM for 10% off! https://l.technotim.live/grovemade

Huge shout out to Elgato for helping me get my stream in check! https://www.elgato.com

📺 Watch Video

Notes

Here are my notes from the video in case you wanted a little more context than I was able to provide in the video! This was such a fun project but yet I am glad I am done! Let me know if you have any questions in the comments below! All parts are linked in the Where to Buy section below!

Monitors

My Monitors! Samsung 57” Ultrawide and my Dell 4k monitor!

Samsung Odyssey Neo G9 57” Dual 4k UHD

  • Dual 4k means they put 2 4k panels together
  • 240Hz refresh rate and 1ms response time
  • I don’t need this at all, 120Hz is great but what I really wanted was a specific ratio.
  • Ratio is Important to me because I wanted to have a 16:9 ratio so that I could put 2 windows side by side and have them each be 4k, or one large one for editing
  • One other cool thing is that it has a 1000R curve, which for me I think is one of the best curves, although I haven’t used any other.
  • This makes it feel more natural where the monitor is almost equidistant as I move my head when looking left and right.
  • So how do you hold up a 40 lbs monitor? Very carefully.
  • Took a while to find the right arm, since most monitor arms max out at about 30-40 lbs. Ended up finding one that supports 44 lbs and it’s working great.
  • I did this so I can adjust and and because the legs are gigantic
  • It has RGB, kind of pointless unless someone is sitting behind you and you want to annoy them. I only have it on for this video.
  • Also, this arm has RGB too, which I promise is not the reason I bought it. It can be toggled off too.

Dell U2720Q 27” 4k IPS Panel

  • You might be wondering why I have this when I have a gigantic monitor below?
  • This is great when sharing my screen on zoom calls or when I do screen recordings for my videos so that I don’t have to share a super wide desktop that no one can see or have to only share a section of my screen. I typically have it off until I need to do one of those things.

Desk Organization

Grovemade

Grovemade desk system! Having a desk system like this one from Grovemade freed up a lot of space on my desk

  • Designed and made in Portland, Oregon
  • Simple materials - wood, aluminum, cork
  • 46 inches wide, 9 inches deep
  • Solid maple - warm, natural look
  • Desk Shelf - Large Maple
  • Also opted for a tray to store some things.
  • This gives me 3 layers to store things that need to be out of the way but still have quick access to.
  • I also went with this light gray desk pad. This is my first real desk pad and I have to say, I think this one is perfect. It has a great modem look, it’s just wide and deep enough, and it’s super smooth with some cushion. My mouse slides so easily on it with the perfect amount of friction, it’s hard to explain but I really feel like this material helps me be more precise when using my mouse at the crazy high DPI I have it set at.
  • Huge shout out to Grovemade for sending this desk set to help get my digital life in order! If you’re interested, there are links in the Where to Buy section. You can get 10% off by using the code TechnoTim`
  • I am also using this on my workbench.

Audio & Video

Elgato Gear

Elgato gear! Streaming has never been easier with my Elgato gear!

  • Elgato Stream Deck + and Wave Link control audio live streaming and even my music. - I have a Wave XLR for my microphones and I control all of the audio levels using the stream deck plus.
  • Huge shout out to Elgato for sending these after struggling so much with other audio setups.
  • Then I have the first stream deck which I’ve had for years which mostly controls OBS and smart lights in the room.

Attachments

Lights, Cameras, Action?

You might be noticing all of these things attached to my desk, up here I have a pair of Elgato Key Lights that help control my lighting when streaming and recording, then a bunch of arms. These arms help move my gear into the best place possible

Cable Management

This consists of velcro, the right power strips, an under desk basket, and a few systems underneath to hold cables and cords. USB Hubs and switchers help tidy this up too and allow me to switch between Windows and Mac.

Workbench

My workbench! Although my workbench is small, organizing it is key to getting projects done on time!

  • Behind me is my workbench
  • This is where I build and test most of the things you see on my channel
  • You can see a ZimaBoard and ZimaBlade here that I am testing and working on
  • As you can see I also have the Grovemade desk shelf
  • I can hide lots of things in the shelf
  • I use this primarily for charging
  • Wish there were a better way to to charge all usb devices, but tucking them under here is the best I’ve found. If you know of a better way let me know in the comments!

Where to Buy

Products in this video:

Here are the items in the video, let me know if I missed anything! (some are affiliate links)

On my desk:

Cable management:

Studio Rack:

Workbench:

Mobile Workbench / Storage:

🛍️ See the whole kit https://kit.co/TechnoTim/techno-tim-desk-studio-2023

(Affiliate links are included in this description. I may receive a small commission at no cost to you.)

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/discord-bot/index.html b/posts/discord-bot/index.html new file mode 100644 index 0000000000..d537de0ef2 --- /dev/null +++ b/posts/discord-bot/index.html @@ -0,0 +1 @@ + Let's Build a Discord Bot Using DiscordJS - Moderator Bot | Techno Tim
Post

Let's Build a Discord Bot Using DiscordJS - Moderator Bot

Let’s build a bot! Not a bad bot like a view bot, but bot for good.Let’s build a discord moderator bot using discord.js! Discord is powerful chat + video client and already has lots of great bots however no bot has the flexibility of creating your own! In this video I will show you how to build a discord bot using DiscordJS from start to finish.You’ll see how to use the developer portal, create a bot using JavaScript, NodeJS, and NPM, invite the bot to your Discord server and have it moderate some of your channels.We have made this bot open source and will continue to contribute to this bot.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/docker-compose-install/index.html b/posts/docker-compose-install/index.html new file mode 100644 index 0000000000..3a00b85ebe --- /dev/null +++ b/posts/docker-compose-install/index.html @@ -0,0 +1,39 @@ + How to Install Docker and Docker Compose Ubuntu | Techno Tim
Post

How to Install Docker and Docker Compose Ubuntu

This guide will walk you through how to Install Docker Engine, containerd, and Docker Compose on Ubuntu.

If you have an existing version of Docker install, it is best to remove it first.See the Cleaning Up

If you’re installing this on Debian, see Docker’s Debian Install Guide

Install

Set up Docker’s apt repository.

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+
# Add Docker's official GPG key:
+sudo apt-get update
+sudo apt-get install ca-certificates curl gnupg
+sudo install -m 0755 -d /etc/apt/keyrings
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
+sudo chmod a+r /etc/apt/keyrings/docker.gpg
+
+# Add the repository to Apt sources:
+echo \
+  "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
+  "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
+  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+

If you use an Ubuntu derivative distro, such as Linux Mint, you may need to use UBUNTU_CODENAME instead of VERSION_CODENAME.

Install the latest version

1
+
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
+

Check Installed version

1
+
docker -v
+

Check docker compose

1
+
docker compose
+

Check runtime

1
+
 sudo docker run hello-world
+

Use Docker without sudo

1
+
sudo usermod -aG docker $USER
+

You’ll need to log out then back in to apply this

Cleaning Up

If you need to uninstall Docker, run the following

1
+
sudo apt-get purge docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin docker-ce-rootless-extras
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/docker-rancher-kubernetes/index.html b/posts/docker-rancher-kubernetes/index.html new file mode 100644 index 0000000000..77846a159e --- /dev/null +++ b/posts/docker-rancher-kubernetes/index.html @@ -0,0 +1,3 @@ + Docker, Rancher, Kubernetes... Minecraft? (Setup and Install Tutorial) | Techno Tim
Post

Docker, Rancher, Kubernetes... Minecraft? (Setup and Install Tutorial)

If you want to set up Kubernetes at home using Rancher to run Docker containers, this is the guide for you. This is a step by step tutorial of how to install and configure Rancher, Docker, and Kubernetes for your homelab.In this video we set up and configure a Minecraft server in just a matter of minutes with some enterprise like features.You can use this same process to spin up other Docker containers at home on your server or desktop.

📺 Watch Video

See all the hardware I recommend at https://l.technotim.live/gear

Install Docker

To install docker, see this post

Install Rancher

The two paths in the workload configuration need to be reversed:

  • Path on the Node should be mc
  • Mount Point should be /data

You’ll want to use a command similar to this so that there aren’t any port conflicts with other services or kubernetes itself.

Also, you may want to consider pinning your docker tag to a version other than latest to make backing up and upgrading easier. See here for the latest version.

1
+
docker run -d --restart=unless-stopped -p 9090:80 -p 9091:443 --privileged -v /opt/rancher:/var/lib/rancher --name=rancher_docker_server rancher/rancher:latest
+

Troubleshooting

  • Make sure you have a static IP on your Rancher host
  • Be sure to use the ports above if you want to add SSL later and use commands in future videos
  • The new UI is now the “Cluster Explorer”.You can toggle between this and the “Cluser Manager” UI by clicking the button.
  • Do not create workloads in the local cluster.This is a management cluster for Rancher.You should create new cluster for your workload, just like in this video.

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/dual-boot-windows-ubuntu/index.html b/posts/dual-boot-windows-ubuntu/index.html new file mode 100644 index 0000000000..50c4893ff8 --- /dev/null +++ b/posts/dual-boot-windows-ubuntu/index.html @@ -0,0 +1 @@ + The Best Way to Dual Boot Windows and Ubuntu | Techno Tim
Post

The Best Way to Dual Boot Windows and Ubuntu

Dual booting Windows and Ubuntu Linux can be a pain however there are many benefits do doing this if you do it right.In this tutorial we’ll discuss how to dual boot Windows and Ubuntu on your PC or laptop in a few simple steps so that you can take advantage of all the hardware in your “best” machine with full access to your GPU.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/duck-dns/index.html b/posts/duck-dns/index.html new file mode 100644 index 0000000000..d2d1da1915 --- /dev/null +++ b/posts/duck-dns/index.html @@ -0,0 +1 @@ + Self-Host All Your Homelab Services with DuckDNS -- Free Dynamic DNS Running on Docker | Techno Tim
Post

Self-Host All Your Homelab Services with DuckDNS -- Free Dynamic DNS Running on Docker

Are you trying to access your self-hosted services outside of your firewall? Are you tired of trying to remember your IP when away, or worse yet, having your ISP change your IP address? Have you not purchased a domain yet but want to access your own personal VPN? If you answered “YES” to any of these, join me as we walk through this step-by-step tutorial and set up DuckDNS, the free dynamic DNS service, using Docker and then move on to use Rancher and Kubernetes.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/fast-internet-test-cli/index.html b/posts/fast-internet-test-cli/index.html new file mode 100644 index 0000000000..38b731a87e --- /dev/null +++ b/posts/fast-internet-test-cli/index.html @@ -0,0 +1,31 @@ + Test Your Internet Speed from the Linux Terminal with fast | Techno Tim
Post

Test Your Internet Speed from the Linux Terminal with fast

What is FAST.com?

FAST.com is speed test gives you an estimate of your current Internet speed. It was created by Netflix to bring transparency to your upload / download speeds and to see if your ISP may be prioritizing traffic.I’ve run this quite a bit in a browser to do a quick spot check or my speeds, but I’ve never had a great tool to check this from some of my Linux machines. Let me clarify, some of my Linux servers that do not have a browser - that’s until I found this utility, fast.fast is an open source utility to run internet speed checks from machines that don’t have a browser, from the terminal, all in a small, zero dependency binary.You can read more about it on the GitHub repo.

Installing fast

We’re going to use curl so you’ll want to be sure you have it installed

1
+
curl -V
+

This should return something similar to the following

1
+2
+3
+4
+
curl 7.68.0 (x86_64-pc-linux-gnu) libcurl/7.68.0 OpenSSL/1.1.1f zlib/1.2.11 brotli/1.0.7 libidn2/2.2.0 libpsl/0.21.0 (+libidn2/2.2.0) libssh/0.9.3/openssl/zlib nghttp2/1.40.0 librtmp/2.3
+Release-Date: 2020-01-08
+Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp
+Features: AsynchDNS brotli GSS-API HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP UnixSockets
+

Then we’ll want to download the latest fast binary by running

1
+2
+3
+
LATEST_VERSION=$(curl -s "https://api.github.com/repos/ddo/fast/releases/latest" | grep -Po '"tag_name": "v\K[0-9.]+')
+
+curl -L https://github.com/ddo/fast/releases/download/v${LATEST_VERSION}/fast_linux_$(dpkg --print-architecture) -o fast
+

If you want to use wget instead of curl, you can run the following

1
+2
+3
+
LATEST_VERSION=$(curl -s "https://api.github.com/repos/ddo/fast/releases/latest" | grep -Po '"tag_name": "v\K[0-9.]+')
+
+wget https://github.com/ddo/fast/releases/download/v${LATEST_VERSION}/fast_linux_$(dpkg --print-architecture) -O fast
+

Then we’ll want to make it executable by running

1
+
chmod +x fast
+

Then we can run a speed test by running

1
+
./fast
+

This should return something similar to the following

1
+2
+
➜  ~ ./fast
+ -> 477.72 Mbps
+

That’s it! You can now run an internet speed test from the Linux cli without a browser! What’s your download speed?

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/first-11-things-proxmox/index.html b/posts/first-11-things-proxmox/index.html new file mode 100644 index 0000000000..256c59c5ef --- /dev/null +++ b/posts/first-11-things-proxmox/index.html @@ -0,0 +1,155 @@ + Before I do anything on Proxmox, I do this first... | Techno Tim
Post

Before I do anything on Proxmox, I do this first...

After setting up my Proxmox servers, there are a few things I do before I use them for their intended purpose.This ranges from updates, to storage, to networking and VLANS, to uploading ISOs, to clustering, and more.Join me as we pick up where the rest of the proxmox tutorials stop, and that’s everything you need to do to make these production ready (and maybe a bonus item too).

📺 Watch Video

Updates

Edit /etc/apt/sources.list

Proxmox Version 6.X

1
+2
+3
+4
+5
+6
+7
+8
+9
+
deb http://ftp.us.debian.org/debian buster main contrib
+
+deb http://ftp.us.debian.org/debian buster-updates main contrib
+
+# security updates
+deb http://security.debian.org buster/updates main contrib
+
+# not for production use
+deb http://download.proxmox.com/debian buster pve-no-subscription
+

Proxmox Version 7.X

(for a full guide on Proxmox 7, please see this link)

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+
deb http://ftp.debian.org/debian bullseye main contrib
+
+deb http://ftp.debian.org/debian bullseye-updates main contrib
+
+# security updates
+deb http://security.debian.org/debian-security bullseye-security main contrib
+
+# PVE pve-no-subscription repository provided by proxmox.com,
+# NOT recommended for production use
+deb http://download.proxmox.com/debian/pve bullseye pve-no-subscription
+

Edit /etc/apt/sources.list.d/pve-enterprise.list

1
+
# deb https://enterprise.proxmox.com/debian/pve buster pve-enterprise
+

Proxmox Version 8.X

Create a file at /etc/apt/sources.list.d/pve-no-enterprise.list with the following contents:

1
+2
+
# not for production use
+deb http://download.proxmox.com/debian/pve bookworm pve-no-subscription
+

If you are using ceph

Create a file at /etc/apt/sources.list.d/ceph.list with the following contents:

1
+2
+
# not for production use
+deb http://download.proxmox.com/debian/ceph-quincy bookworm no-subscription
+

If you’re looking to upgrade to Proxmox 8, see this post

Run

1
+
apt-get update
+
1
+
apt dist-upgrade
+
1
+
reboot
+

Storage

BE CAREFUL.This will wipe your disks.

1
+
fdisk /dev/sda
+

Then P for partition, then D for delete, then W for write.

Check SMART Monitoring

1
+
smartctl -a /dev/sda
+

IOMMU (PCI Passthrough)

You’ll first want to be sure that Vt-d / IOMMU is enabled in your BIOS before continuing.

If see “No IOMMU detected, please activate it.See Documentation for further information.” It means that IOMMU is not enabled in your BIOS or that it has not been enabled in Proxmox yet. If you’re seeing this and you’ve enabled it in your BIOS, you can enable it in Proxmox below.

Checking your boot manager

Enabling PCI passthrough depends on your boot manager. You can check to see which one you are using by running

efibootmgr -v

If it returns an errors, it’s running in Legacy/BIOS with GRUB, skip to GRUB section

if it returns something like this, it’s running system-boot, skip to system-d section section

1
+
Boot0002* proxmox	HD(2,GPT,b0f10348-020c-4bd6-b002-dc80edcf1899,0x800,0x100000)/File(\EFI\proxmox\shimx64.efi)
+

if it returns something like this.

1
+
Boot0006 * Linux Boot Manager [...] File(EFI\systemd\systemd-bootx64.efi)
+

GRUB

If you’re using GRUB, use the following commands:

nano /etc/default/grub

add iommu=pt to GRUB_CMDLINE_LINUX_DEFAULT like so:

1
+
GRUB_CMDLINE_LINUX_DEFAULT="quiet intel_iommu=on iommu=pt"
+

If you aren’t using an intel processor, remove intel_iommu=on

system-boot

If you’re using system-boot use the following commands.

nano /etc/kernel/cmdline

add intel_iommu=on iommu=pt to the end of this line without line breaks

1
+
root=ZFS=rpool/ROOT/pve-1 boot=zfs intel_iommu=on iommu=pt
+

If you aren’t using an intel processor, remove intel_iommu=on

run

1
+
pve-efiboot-tool refresh
+

then reboot

1
+
reboot
+

VFIO modules

Edit /etc/modules

1
+2
+3
+4
+
vfio
+vfio_iommu_type1
+vfio_pci
+vfio_virqfd
+

run

1
+
update-initramfs -u -k all
+

then reboot

1
+
reboot
+

NVIDIA

If you’re planning on using an NVIDIA card, I’ve found this helps prevent some apps like GPUz from crashing on the VM.

1
+
echo "options kvm ignore_msrs=1 report_ignored_msrs=0" > /etc/modprobe.d/kvm.conf
+

Still having trouble?

See Proxmox PCI Passthrough

VLAN Aware

If you want to restrict your VLANS

1
+
nano /etc/network/interfaces
+

Set your VLAN here

1
+2
+
bridge-vlan-aware yes
+bridge-vids 20
+

NIC Team Example

1
+
nano /etc/network/interfaces
+
1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+
auto eno1
+iface eno1 inet manual
+
+auto eno2
+iface eno2 inet manual
+
+auto bond0
+iface bond0 inet manual
+        bond-slaves eno1 eno2
+        bond-miimon 100
+        bond-mode 802.3ad
+        bond-xmit-hash-policy layer2+3
+
+auto vmbr0
+iface vmbr0 inet static
+        address 192.168.0.11/24
+        gateway 192.168.0.1
+        bridge-ports bond0
+        bridge-stp off
+        bridge-fd 0
+        bridge-vlan-aware yes
+        bridge-vids 2-4094
+#lacp nic team
+

If you’re running Proxmox 7, see the modified config here for LAGG / LACP

Cloning

These are the commands I run after cloning a Linux machine so that it resets all information for the machine it was cloned from.

(Note: If you use cloud-init-aware OS images as described under Cloud-Init Support on https://pve.proxmox.com/pve-docs/chapter-qm.html, these steps won’t be necessary!)

change hostname

1
+
sudo nano  /etc/hostname
+
  • find your hostname and change it

change hosts file

  • find your hostname and change it
1
+
sudo nano /etc/hosts
+

reset machine ID

1
+2
+3
+
rm -f /etc/machine-id /var/lib/dbus/machine-id
+dbus-uuidgen --ensure=/etc/machine-id
+dbus-uuidgen --ensure
+

regenerate ssh keys

1
+2
+3
+
regen ssh keys
+sudo rm /etc/ssh/ssh_host_*
+sudo dpkg-reconfigure openssh-server
+

reboot

Alerts

I’ve added yet another item to my list when setting up a new Proxmox server, and that’s setting up alerts!

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/fist-13-things-linux/index.html b/posts/fist-13-things-linux/index.html new file mode 100644 index 0000000000..d16cb2e863 --- /dev/null +++ b/posts/fist-13-things-linux/index.html @@ -0,0 +1,147 @@ + Before I do anything on Linux, I do these first... | Techno Tim
Post

Before I do anything on Linux, I do these first...

After setting up my Linux servers, there are a few things I do before I use them for their intended purpose.This ranges from security, to tools, to config.Join me as we set up our first Linux server in this tutorial and walk through setting it up proper (and maybe some bonus items sprinkled in).

📺 Watch Video

Update

1
+2
+3
+
sudo apt-get update
+
+sudo apt-get upgrade
+

Reconfigure unattended-upgrades

1
+
sudo dpkg-reconfigure --priority=low unattended-upgrades
+

Verify unattended upgrades configuration file in your text editor of choice

1
+
/etc/apt/apt.conf.d/20auto-upgrades
+

To disable automatic reboots by the automatic upgrades configuration edit the following file:

1
+
/etc/apt/apt.conf.d/50unattended-upgrades
+

and uncomment the following line by removing the leading slashes:

1
+
//Unattended-Upgrade::Automatic-Reboot "false";
+

Account

add user

1
+
sudo adduser someuser
+

add to sudoers

1
+
sudo usermod -aG sudo someuser
+

SSH Server

install

1
+
sudo apt-get install openssh-server
+

copy key from client to server

1
+
ssh-copy-id someuser@192.168.0.100
+

switch to key based auth

1
+
sudo nano /etc/ssh/sshd_config
+

Add these attributes

1
+2
+
PasswordAuthentication no
+ChallengeResponseAuthentication no
+

Networking

static IP

sudo nano /etc/netplan/01-netcfg.yaml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+
network:
+  version: 2
+  renderer: networkd
+  ethernets:
+    ens18:
+     dhcp4: no
+     addresses:
+        - 192.168.0.222/24
+     gateway4: 192.168.0.1
+     nameservers:
+       addresses: [192.168.0.4]
+

Install oh-my-zsh

1
+2
+3
+4
+5
+
sudo apt-get update
+sudo apt-get install zsh
+sudo apt-get install powerline fonts-powerline
+
+sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"
+

Fix LVM

1
+
sudo lvm
+
1
+
lvscan
+

You should see your logical volumes

1
+2
+3
+
lvm> lvscan
+  ACTIVE            '/dev/vgubuntu-server/root' [<168.54 GiB] inherit
+  ACTIVE            '/dev/vgubuntu-server/swap_1' [980.00 MiB] inherit
+

resize the logical volume group, usually the first one in the list but check to be sure!

1
+
lvextend -l +100%FREE /dev/vgubuntu-server/root
+

You should see:

1
+2
+
  Size of logical volume vgubuntu-server/root changed from <138.54 GiB (35466 extents) to <168.54 GiB (43146 extents).
+  Logical volume vgubuntu-server/root successfully resized
+
1
+
exit
+

resize the file system

1
+
sudo resize2fs /dev/vgubuntu-server/root
+

Check to see file system size

1
+
df -h
+

You should see:

1
+2
+3
+4
+5
+6
+7
+
Filesystem                         Size  Used Avail Use% Mounted on
+tmpfs                              1.6G  3.9M  1.6G   1% /run
+/dev/mapper/vgubuntu--server-root  166G   89G   70G  56% /
+tmpfs                              7.9G     0  7.9G   0% /dev/shm
+tmpfs                              5.0M     0  5.0M   0% /run/lock
+/dev/sda1                          511M  4.0K  511M   1% /boot/efi
+tmpfs                              1.6G     0  1.6G   0% /run/user/1000
+

You should see:

1
+2
+3
+4
+
resize2fs 1.46.5 (30-Dec-2021)
+Filesystem at /dev/vgubuntu-server/root is mounted on /; on-line resizing required
+old_desc_blocks = 18, new_desc_blocks = 22
+The filesystem on /dev/vgubuntu-server/root is now 44181504 (4k) blocks long.
+

hostname

1
+
sudo hostnamectl set-hostname
+
1
+
sudo nano /etc/hosts
+

Time Zone

Check time zone:

1
+
timedatectl
+

Change time zone:

1
+
sudo timedatectl set-timezone
+

You can also use if you want a menu.

1
+
sudo dpkg-reconfigure tzdata 
+

NTP Time

1
+
sudo nano /etc/systemd/timesyncd.conf
+
1
+
NTP=192.168.0.4
+
1
+
sudo timedatectl set-ntp off
+
1
+
sudo timedatectl set-ntp on
+

install kvm agent

1
+
sudo apt-get install qemu-guest-agent
+

firewall

1
+
sudo  ufw default deny incoming
+
1
+
sudo ufw default allow outgoing
+
1
+
sudo ufw allow ssh
+
1
+
sudo ufw enable
+

fail2ban

1
+
sudo apt-get install fail2ban
+
1
+
sudo cp /etc/fail2ban/fail2ban.{conf,local}
+
1
+
sudo cp /etc/fail2ban/jail.{conf,local}
+
1
+
sudo nano /etc/fail2ban/jail.local
+
1
+
backend = systemd
+

check status

1
+
sudo fail2ban-client status
+
1
+
sudo fail2ban-client status sshd
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/flux-devops-gitops/index.html b/posts/flux-devops-gitops/index.html new file mode 100644 index 0000000000..35ed8d8948 --- /dev/null +++ b/posts/flux-devops-gitops/index.html @@ -0,0 +1,155 @@ + The FASTEST way to deploy apps to Kubernetes - GitOps with FLUX | Techno Tim
Post

The FASTEST way to deploy apps to Kubernetes - GitOps with FLUX

I think I found the perfect GitOps and DevOps toolkit with FluxCD and Kubernetes.Flux is an open source GitOps solution that helps your deploy app and infrastructure with automation.It can monitor git repositories, source control, image container repositories, helm repositories, and more.It can install apps using Kustomize, Helm, Kubernetes manifests so it’s designed to fit into your existing workflow.It can even push alerts to your chat system letting you know when deployments happen.In this tutorial we’ll cover all of this and more.

https://fluxcd.io

Be sure to ⭐ the Flux GitHub repo

📺 Watch Video

Kubernetes Cluster

If you’re looking to install your own Kubernetes cluster, be sure to check out this video that creates a cluster with Ansible

Reference Repo

If you’re looking for the repo I created this in video, you can find it here /demos/flux-demo

Install Flux CLI

1
+
curl -s https://fluxcd.io/install.sh | sudo bash
+

Installing Flux using a GitHub Repo

You’ll need to grab a personal access token from here

1
+2
+3
+4
+5
+6
+7
+8
+
flux bootstrap github \
+  --components-extra=image-reflector-controller,image-automation-controller \
+  --owner=YourGitHUbUserName \
+  --repository=flux \
+  --branch=main \
+  --path=clusters/home \
+  --personal \
+  --token-auth
+

Check flux pods

1
+
kubectl get pods -n flux-system
+

Source Controller (installing manifests)

See reference repo for files, located in /demos/flux-demo

Helm Controller (installing helm charts)

See reference repo for files, /demos/flux-demo

Image Automation Controller (monitoring a container registry)

See reference repo for files, /demos/flux-demo

First create a workload (see redis deployment file)

Deploy the redis workload (deployment.yml)

1
+2
+3
+
git add -A && \
+git commit -m "add redis deployment" && \
+git push origin main
+

Create ImageRepository in the cluster, namespace, and chart that correspond.

1
+2
+3
+4
+
flux create image repository podinfo \
+--image=redis \
+--interval=1m \
+--export > ./clusters/home/default/redis/redis-registry.yaml
+

Create ImagePolicy in the cluster, namespace, and chart that correspond.

1
+2
+3
+4
+
flux create image policy podinfo \
+--image-ref=podinfo \
+--select-semver=5.0.x \
+--export > ./clusters/home/default/redis/redis-policy.yaml
+

Then deploy the ImageRepository and ImagePolicy

1
+2
+3
+
git add -A && \
+git commit -m "add redis image scan" && \
+git push origin main
+

tell flux to apply changes

1
+
flux reconcile kustomization flux-system --with-source
+

Now edit your deployment.yml and add a comment

1
+2
+3
+4
+
    spec:
+      containers:
+      - name: redis
+        image: redis:6.0.0 # {"$imagepolicy": "flux-system:redis"}
+

Create ImageUpdateAutomation

1
+2
+3
+4
+5
+6
+7
+8
+9
+
flux create image update flux-system \
+--git-repo-ref=flux-system \
+--git-repo-path="./clusters/home" \
+--checkout-branch=main \
+--push-branch=main \
+--author-name=fluxcdbot \
+--author-email=fluxcdbot@users.noreply.github.com \
+--commit-template="" \
+--export > ./clusters/home/flux-system-automation.yaml
+

Commit and deploy

1
+2
+3
+
git add -A && \
+git commit -m "add image updates automation" && \
+git push origin main
+

tell flux to apply changes

1
+
flux reconcile kustomization flux-system --with-source
+

Now do a git pull to see that flux has applied the tags

1
+
git pull
+

Your deployment.yml should be updated and it should be deployed to your cluster!

1
+2
+3
+4
+
    spec:
+      containers:
+      - name: redis
+        image: redis:6.0.16 # {"$imagepolicy": "flux-system:redis"}
+

Notifications

Create a secret

1
+2
+
kubectl -n flux-system create secret generic discord-url \
+--from-literal=address=https://discord.com/api/webhooks/YOUR/WEBHOOK/URL
+

Create a notification provider

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+
apiVersion: notification.toolkit.fluxcd.io/v1beta1
+kind: Provider
+metadata:
+  name: discord
+  namespace: flux-system
+spec:
+  type: discord
+  channel: general
+  secretRef:
+    name: discord-url
+

Define an Alert

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+
apiVersion: notification.toolkit.fluxcd.io/v1beta1
+kind: Alert
+metadata:
+  name: on-call-webapp
+  namespace: flux-system
+spec:
+  providerRef:
+    name: discord
+  eventSeverity: info
+  eventSources:
+    - kind: GitRepository
+      name: '*'
+    - kind: Kustomization
+      name: '*'
+

Get alerts

1
+2
+3
+4
+
kubectl -n flux-system get alerts
+
+NAME             READY   STATUS        AGE
+on-call-webapp   True    Initialized   1m
+

Updating Flux

If you need to update flux, check out Updating Flux Installation Using the Latest Binary from CLI

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/gatus-uptime-monitoring/index.html b/posts/gatus-uptime-monitoring/index.html new file mode 100644 index 0000000000..8fb19ac7ce --- /dev/null +++ b/posts/gatus-uptime-monitoring/index.html @@ -0,0 +1,407 @@ + Meet Gatus - An Advanced Uptime Health Dashboard | Techno Tim
Post

Meet Gatus - An Advanced Uptime Health Dashboard

Meet Gatus a self-hosted, open source, health dashboard that lets you monitor all of you services and systems! This dashboard not only tracks your uptime, but also measure the results plotting the results on a chart over time. It also hooks into systems like Slack, Team, Discord, Twilio, and more! Join me as we configure and deploy Gatus into our own environment to measure and monitor all the things!

📺 Watch Video

Disclosures:

  • Nothing in this video was sponsored

Don’t forget to ⭐ Gatus on GitHub!

Create Docker Compose

ssh into server

Make a directory and cd into it

1
+2
+
mkdir gatus_uptime
+cd gatus_uptime
+

In here we’re going to create a docker compose file

1
+2
+
touch docker-compose.yaml
+nano docker-compose.yaml
+

Basic Docker Compose

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+
version: "3.9"
+services:
+  gatus:
+    image: twinproduction/gatus:latest
+    restart: always
+    ports:
+      - "8080:8080"
+    environment:
+      - POSTGRES_USER=gatus_uptime_user # postgres user with access to the database
+      - POSTGRES_PASSWORD=gatuspassword # postgres user password
+      - POSTGRES_DB=gatus_uptime # this should be the name of your postgres database
+    volumes:
+      - ./config:/config
+

Postgres Database

I am going use postgres to hold out data. Postgres is an open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads.

If you need to create a Postgres database, here’s the official Docker image. If you want to include Postgres in the same stack, you can see an example here. It also supports SQLite if you don’t want to use postgres

Using pgadmin (Windows/macOS/Linux support) or similar tools:

  • Create database: gatus_uptime
  • Create user: gatus_uptime_user
  • Give user access to db

Once you have that you should test your connection before proceeding.

Gatus Config

Make a config folder to house our config and create a config file.

1
+2
+3
+
mkdir config
+cd config
+touch config.yaml
+

Now we need to create a config file for the sites we want to monitor.

Place the following contents inside of the config.yaml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+
storage:
+  type: postgres
+  path: "postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB}?sslmode=disable"
+
+endpoints:
+  - name: back-end
+    group: core
+    url: "https://example.org/"
+    interval: 5m
+    conditions:
+      - "[STATUS] == 200"
+      - "[CERTIFICATE_EXPIRATION] > 48h"
+
+  - name: monitoring
+    group: internal
+    url: "https://example.org/"
+    interval: 5m
+    conditions:
+      - "[STATUS] == 200"
+
+  - name: nas
+    group: internal
+    url: "https://example.org/"
+    interval: 5m
+    conditions:
+      - "[STATUS] == 200"
+
+  - name: example-dns-query
+    url: "8.8.8.8" # Address of the DNS server to use
+    interval: 5m
+    dns:
+      query-name: "example.com"
+      query-type: "A"
+    conditions:
+      - "[BODY] == 93.184.216.34"
+      - "[DNS_RCODE] == NOERROR"
+
+  - name: icmp-ping
+    url: "icmp://example.org"
+    interval: 1m
+    conditions:
+      - "[CONNECTED] == true"
+

Be sure to update the DB hostname with your IP if you’re using an external database.

path: "postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@192.168.30.240:5432/${POSTGRES_DB}?sslmode=disable"

You can use DNS here too if you like e.g. @database.example.com:5432

Starting Gatus

Now we can start our container

1
+
gatus docker compose up -d
+

Check to be sure the container is running with out errors

1
+
docker logs gatus-gatus-1
+

Before we check out the UI, let’s look at postgres and verify that tables were created in our database. You should see them listed here: gatus_uptime>Schemas>public>Tables

Once we can seethat tables were created, now lets check out the UI.

Gatus is hosted on the default port of 8080.

Visit the IP with port in your browser:

http://192.168.10.125:8080/

Real World Example

Here’s how I monitor my sites:

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+54
+
storage:
+  type: postgres
+  path: "postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@192.168.30.240:5432/${POSTGRES_DB}?sslmode=disable"
+
+endpoint-defaults: &defaults
+  group: External
+  interval: 30s
+  client:
+    timeout: 10s
+  conditions:
+    - "[STATUS] == 200"
+    - "[CERTIFICATE_EXPIRATION] > 48h"
+
+endpoints:
+  - name: shop.technotim.live - HTTP
+    <<: *defaults
+    url: "https://shop.technotim.live"
+  
+  - name: technotim.live - HTTP
+    <<: *defaults
+    url: "https://technotim.live"
+
+  - name: links.technotim.live - HTTP
+    <<: *defaults
+    url: "https://links.technotim.live"
+
+  - name: l.technotim.live - HTTP
+    <<: *defaults
+    url: "https://l.technotim.live"
+
+  - name: shop.technotim.live - DNS
+    group: External
+    url: "8.8.8.8" # Address of the DNS server to use
+    interval: 5m
+    dns:
+      query-name: "shop.technotim.live"
+      query-type: "A"
+    conditions:
+      - "[BODY] == 23.227.38.74"
+      - "[DNS_RCODE] == NOERROR"
+
+  - name: shop.technotim.live - Ping
+    group: External
+    url: "icmp://shop.technotim.live"
+    interval: 1m
+    conditions:
+      - "[CONNECTED] == true"
+
+  - name: Postgres
+    group: Internal
+    url: "tcp://192.168.30.240:5432"
+    interval: 30s
+    conditions:
+      - "[CONNECTED] == true"
+

Alerts

Gatus supports many systems for alerts

To keep it simple, we’re going to create a discord alert.

  • First create a webhook in your discord server
  • Then use that hook url in your config

We’ll configure some defaults too so we can keep our endpoints tidy like so:

1
+2
+3
+4
+5
+6
+7
+8
+
alerting:
+  discord:
+    webhook-url: "https://discord.com/api/webhooks/**********/**********"
+    default-alert:
+      description: "Health Check Failed"
+      send-on-resolved: true
+      failure-threshold: 2
+      success-threshold: 2
+

Then you’ll need to update each endpoint with the alert:

1
+2
+
    alerts:
+      - type: discord
+

Or, you can just add it to your anchor which will add it to all

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+
endpoint-defaults: &defaults
+  group: External
+  interval: 30s
+  client:
+    timeout: 10s
+  conditions:
+    - "[STATUS] == 200"
+    - "[CERTIFICATE_EXPIRATION] > 48h"
+  alerts:
+    - type: discord
+

Now let’s create some chaos.

  • Take your site down
  • After 2 time outs we get the alerts

Now let’s test recovery

  • Bring Site back up
  • After 2 checks we can see the recovery alert

Full config example:

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+54
+55
+56
+57
+58
+59
+60
+61
+62
+63
+64
+65
+
storage:
+  type: postgres
+  path: "postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@192.168.30.240:5432/${POSTGRES_DB}?sslmode=disable"
+
+alerting:
+  discord:
+    webhook-url: "https://discord.com/api/webhooks/**********/**********"
+    default-alert:
+      description: "Health Check Failed"
+      send-on-resolved: true
+      failure-threshold: 2
+      success-threshold: 2
+
+endpoint-defaults: &defaults
+  group: External
+  interval: 15s
+  client:
+    timeout: 10s
+  conditions:
+    - "[STATUS] == 200"
+    - "[CERTIFICATE_EXPIRATION] > 48h"
+  alerts:
+    - type: discord
+
+endpoints:
+  - name: shop.technotim.live - HTTP
+    <<: *defaults
+    url: "https://shop.technotim.live"
+
+  - name: technotim.live - HTTP
+    <<: *defaults
+    url: "https://technotim.live"
+
+  - name: links.technotim.live - HTTP
+    <<: *defaults
+    url: "https://links.technotim.live"
+
+  - name: l.technotim.live - HTTP
+    <<: *defaults
+    url: "https://l.technotim.live"
+
+  - name: shop.technotim.live - DNS
+    group: External
+    url: "8.8.8.8" # Address of the DNS server to use
+    interval: 5m
+    dns:
+      query-name: "shop.technotim.live"
+      query-type: "A"
+    conditions:
+      - "[BODY] == 23.227.38.74"
+      - "[DNS_RCODE] == NOERROR"
+
+  - name: shop.technotim.live - Ping
+    group: External
+    url: "icmp://shop.technotim.live"
+    interval: 1m
+    conditions:
+      - "[CONNECTED] == true"
+
+  - name: Postgres
+    group: Internal
+    url: "tcp://192.168.30.240:5432"
+    interval: 30s
+    conditions:
+      - "[CONNECTED] == true"
+

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/goxlr-wireless/index.html b/posts/goxlr-wireless/index.html new file mode 100644 index 0000000000..c01dce18d5 --- /dev/null +++ b/posts/goxlr-wireless/index.html @@ -0,0 +1 @@ + GoXLR WITH WIRELESS HEADSET - Connect ANY wireless bluetooth headphones | Techno Tim
Post

GoXLR WITH WIRELESS HEADSET - Connect ANY wireless bluetooth headphones

Connect any wireless headset to a GoXLR or GoXLR mini. In this video, I show you how you can connect any pair of wireless bluetooth headphones to a GoXLR or GoXLR mini.They can be AirPods, Beats, Beats Wireless Pro, Bose, or any other wireless bluetooth headset.You can use this bluetooth adapter transmitter to stream while using the GoXLR or GoXLR mini.

I bought these products with my own money because I thought they were cool.Nothing in this video was sponsored.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/gpu-passthrough-linux/index.html b/posts/gpu-passthrough-linux/index.html new file mode 100644 index 0000000000..b8a323fe76 --- /dev/null +++ b/posts/gpu-passthrough-linux/index.html @@ -0,0 +1,85 @@ + I Heard You Like GPUs in Servers... GPU Passthrough on Linux and Docker | Techno Tim
Post

I Heard You Like GPUs in Servers... GPU Passthrough on Linux and Docker

We’ve already figured out how to pass through a GPU to Windows machine but why let Windows have all the fun? Today, we do it on an Ubuntu headless server that’s virtualized, run some AI and Deep Learning workloads, then turn up the transcoding on Plex to 11.

📺 Watch Video

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+
88          88                                      
+88          ""                                      
+88                                                  
+88,dPPYba,  88 8b,dPPYba,   ,adPPYb,d8  ,adPPYba,   
+88P'    "8a 88 88P'   `"8a a8"    `Y88 a8"     "8a  
+88       d8 88 88       88 8b       88 8b       d8  
+88b,   ,a8" 88 88       88 "8a,   ,d88 "8a,   ,a8"  
+8Y"Ybbd8"'  88 88       88  `"YbbdP"Y8  `"YbbdP"'   
+                            aa,    ,88              
+                             "Y8bbdP"               
+

If you need to passthrough a GPU, follow this guide but install Ubuntu instead.

Proxmox

Shut down your VM in proxmox, edit your conf file, it should be here (note, change path to your VM’s ID)

/etc/pve/qemu-server/100.conf

add cpu: host,hidden=1,flags=+pcid to that file

start the server.

Linux Guest

1
+2
+3
+4
+5
+6
+7
+8
+9
+
sudo apt-get update
+
+sudo apt-get upgrade
+
+sudo apt-get install qemu-guest-agent # this is optional if you are virtualizing this machine
+
+sudo apt-get install build-essential # build-essential is required for nvidia drivers to compile
+
+sudo apt install --no-install-recommends nvidia-cuda-toolkit nvidia-headless-450 nvidia-utils-450 libnvidia-encode-450
+

Then reboot.

Then install nvtop

1
+
sudo apt-get install nvtop
+

tensorflow workload

1
+
nvidia-docker run --rm -ti tensorflow/tensorflow:r0.9-devel-gpu
+

Rancher / Kubernetes

In your Rancher server (or kubernetes host)

1
+2
+3
+4
+5
+6
+7
+8
+9
+
distribution=$(. /etc/os-release;echo $ID$VERSION_ID)
+
+curl -s -L https://nvidia.github.io/nvidia-docker/gpgkey | sudo apt-key add -
+
+curl -s -L https://nvidia.github.io/nvidia-docker/$distribution/nvidia-docker.list | sudo tee /etc/apt/sources.list.d/nvidia-docker.list
+
+sudo apt-get update && sudo apt-get install -y nvidia-container-toolkit
+
+sudo apt-get install nvidia-container-runtime
+

update daemon.json

1
+
sudo nano /etc/docker/daemon.json
+

Replace with:

1
+2
+3
+4
+5
+6
+7
+8
+9
+
{
+  "default-runtime": "nvidia",
+  "runtimes": {
+    "nvidia": {
+      "path": "/usr/bin/nvidia-container-runtime",
+      "runtimeArgs": []
+    }
+  }
+}
+

Install one more util for nvidia:

1
+
sudo apt-get install -y nvidia-docker2
+

Reboot

Then, using kubectl on your kubernetes / rancher host

1
+
kubectl create -f https://raw.githubusercontent.com/NVIDIA/k8s-device-plugin/master/nvidia-device-plugin.yml
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/gpu-passthrough/index.html b/posts/gpu-passthrough/index.html new file mode 100644 index 0000000000..58d622ac4d --- /dev/null +++ b/posts/gpu-passthrough/index.html @@ -0,0 +1,69 @@ + Remote Gaming! (and Video Encoding using Proxmox and GPU Passthrough) | Techno Tim
Post

Remote Gaming! (and Video Encoding using Proxmox and GPU Passthrough)

Are you looking to build a remote gaming machine and passthrough your GPU to a virtual machine? Do you want to use GPU acceleration for transcoding Plex or Adobe Media Encoder? Do you dream of setting up Steam Link or Remote Play In Home Streaming and streaming games to any screen in your house? If so, this complete step-by-step guide of how to passthrough your Nvidia or AMD video card through to a guest VM using Proxmox VE! If not, well, please watch this anyway.

📺 Watch Video

edit grub

/etc/default/grub

Change this line:

GRUB_CMDLINE_LINUX_DEFAULT="quiet intel_iommu=on pcie_acs_override=downstream,multifunction video=efifb:eek:ff"

run

1
+
update-grub
+

reboot

1
+
reboot
+

Edit /etc/modules

1
+2
+3
+4
+
vfio
+vfio_iommu_type1
+vfio_pci
+vfio_virqfd
+

reboot

1
+
reboot
+

/etc/pve/qemu-server/qm.conf (will be something like 100.conf)

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+
agent: 1
+balloon: 4096
+bios: ovmf
+boot: cdn
+bootdisk: virtio0
+cores: 8
+cpu: host,hidden=1,flags=+pcid
+efidisk0: fast1:vm-100-disk-1,size=128K
+hostpci0: 02:00,pcie=1,x-vga=1
+hostpci1: 04:00.0,rombar=0
+ide0: none,media=cdrom
+machine: q35
+memory: 14336
+name: beam
+numa: 0
+ostype: win10
+scsihw: virtio-scsi-pci
+smbios1: uuid=d6febb0d-4242-4bdb-8aea-7c03e7b5df0e
+sockets: 1
+unused0: storage1:vm-100-disk-0
+unused1: slow1:vm-100-disk-0
+virtio0: fast1:vm-100-disk-0,size=80G
+vmgenid: 524a58dd-7e3e-44f4-abf4-9de0f490d936
+

Add your PCI device

edit /etc/modprobe.d/pve-blacklist.conf

1
+2
+3
+4
+
blacklist nvidiafb
+blacklist nvidia
+blacklist radeon
+blacklist nouveau
+

Troubleshooting

If your Windows machine fails to boot, you may want to create a new Windows VM using UEFI rather than BIOS.

If your motherboard has onboard GPU set in BIOS to use the onboard primarily or exclusively to free up PCIE GPU

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/grafana-loki-kubernetes/index.html b/posts/grafana-loki-kubernetes/index.html new file mode 100644 index 0000000000..1c0c5c715b --- /dev/null +++ b/posts/grafana-loki-kubernetes/index.html @@ -0,0 +1,57 @@ + Installing Grafana Loki with Helm on Kubernetes | Techno Tim
Post

Installing Grafana Loki with Helm on Kubernetes

In my previous video (Meet Grafana LOKI, a log aggregation system for everything and post, I promised that I would also explain how to install Granfana Loki on Kubernetes using helm.If you’re looking to set this up in docker-compose, be sure to check out this video

Installing helm

Think of helm as a package manager for kubernetes. It’a an easy way to bundle and deploy config to kubernetes with versioning.If you need to install helm visit helm.sh

Installing Loki Stack

First add Loki’s chart repository to helm

1
+
helm repo add grafana https://grafana.github.io/helm-charts
+

Then update the chart repository

1
+
helm repo update
+

This command will:

  • install grafana
  • install prometheus
  • install loki
  • enable persistence for your stack and create a PVC
1
+
helm upgrade --install loki grafana/loki-stack  --set grafana.enabled=true,prometheus.enabled=true,prometheus.alertmanager.persistentVolume.enabled=false,prometheus.server.persistentVolume.enabled=false,loki.persistence.enabled=true,loki.persistence.storageClassName=nfs-client,loki.persistence.size=5Gi
+

You’ll want to set loki.persistence.storageClassName=nfs-client to your StorageClass
In this example, I am using nf-client which is the Kubernetes NFS Subdir External Provisioner

Accessing the Grafana Dashboard

To access your Grafana dashboard you can run

1
+
kubectl port-forward --namespace <YOUR-NAMESPACE> service/loki-grafana 3000:80
+

To get the password for the admin user run

1
+
kubectl get secret --namespace <YOUR-NAMESPACE> loki-grafana -o jsonpath="{.data.admin-password}" | base64 --decode ; echo
+

This should print out your password

You can now access your dashboard on http://localhost:3000

Ingress with Traefik

If you want to create an IngressRoute and you are using traefik can you apply the following

ingress.yml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+
apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: loki-grafana-ingress
+  annotations: 
+    kubernetes.io/ingress.class: traefik-internal # change with your value
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - match: Host(`grafana.example.com`) # change with your value
+      kind: Rule
+      services:
+        - name: loki-grafana
+          port: 80
+
1
+
kubectl apply -f ingress.yml
+

You should now be able to access your dashboard on https://grafana.example.com

LogQL sample queries

Query all logs from the container label

1
+
{container="uptime-kuma"} 
+

query all logs from the container stream and filter on error

1
+2
+
{container="uptime-kuma"} |= "error"
+
+

query all logs from the pod label of uptime-kuma-8d45g32fd-lk8rl

1
+2
+
{pod="uptime-kuma-8d45g32fd-lk8rl"}
+
+

Read more about LogQL here

Upgrading Loki Stack

To upgrade, you run the same command you use to install it, with an updated chart

1
+
helm repo update
+
1
+
helm upgrade --install loki grafana/loki-stack  --set grafana.enabled=true,prometheus.enabled=true,prometheus.alertmanager.persistentVolume.enabled=false,prometheus.server.persistentVolume.enabled=false,loki.persistence.enabled=true,loki.persistence.storageClassName=nfs-client,loki.persistence.size=5Gi
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/grafana-loki/index.html b/posts/grafana-loki/index.html new file mode 100644 index 0000000000..6a041181e8 --- /dev/null +++ b/posts/grafana-loki/index.html @@ -0,0 +1,365 @@ + Meet Grafana LOKI, a Log Aggregation System for Everything | Techno Tim
Post

Meet Grafana LOKI, a Log Aggregation System for Everything

I’ve been on a quest to find a new logging system.I’ve use quite a few in the past, some open source, some proprietary, and some home grown, but recently I’ve decided to switch.I’ve switched to Grafana Loki for all of my logs for all of my systems - this includes machines, devices, docker systems and hosts, and my all of my kubernetes clusters.If you’re thinking of using Grafana and are also looking for a fast way to log all of your systems, join me as we discuss and configure Grafana Loki.

📺 Watch Video

Don’t want to host it yourself? Check out Grafana Cloud and sign up for a free account https://l.technotim.live/grafana-labs

Docker Setup

See this post on how to install docker and docker-compose

Running the container

If you’re using Docker compose

1
+2
+3
+4
+5
+6
+7
+
mkdir grafana
+mkdir loki
+mkdir promtail
+touch docker-compose.yml
+nano docker-compose.yml # copy the contents from below
+ls
+docker-compose up -d --force-recreate # be sure you've created promtail-config.yml and loki-config.yml before running this
+

docker-compose.yml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+
version: "3"
+networks:
+  loki:
+services:
+  loki:
+    image: grafana/loki:2.4.0
+    volumes:
+      - /home/serveradmin/docker_volumes/loki:/etc/loki
+    ports:
+      - "3100:3100"
+    restart: unless-stopped
+    command: -config.file=/etc/loki/loki-config.yml
+    networks:
+      - loki
+  promtail:
+    image: grafana/promtail:2.4.0
+    volumes:
+      - /var/log:/var/log
+      - /home/serveradmin/docker_volumes/promtail:/etc/promtail
+    # ports:
+    #   - "1514:1514" # this is only needed if you are going to send syslogs
+    restart: unless-stopped
+    command: -config.file=/etc/promtail/promtail-config.yml
+    networks:
+      - loki
+  grafana:
+    image: grafana/grafana:latest
+    user: "1000"
+    volumes:
+    - /home/serveradmin/docker_volumes/grafana:/var/lib/grafana
+    ports:
+      - "3000:3000"
+    restart: unless-stopped
+    networks:
+      - loki
+

Loki Config

1
+
nano loki/loki-config.yml
+

loki-config.yml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+
auth_enabled: false
+
+server:
+  http_listen_port: 3100
+  grpc_listen_port: 9096
+
+common:
+  path_prefix: /tmp/loki
+  storage:
+    filesystem:
+      chunks_directory: /tmp/loki/chunks
+      rules_directory: /tmp/loki/rules
+  replication_factor: 1
+  ring:
+    instance_addr: 127.0.0.1
+    kvstore:
+      store: inmemory
+
+schema_config:
+  configs:
+    - from: 2020-10-24
+      store: boltdb-shipper
+      object_store: filesystem
+      schema: v11
+      index:
+        prefix: index_
+        period: 24h
+
+ruler:
+  alertmanager_url: http://localhost:9093
+

Promtail Config

1
+
nano promtail/promtail-config.yml
+

promtail-config.yml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+
server:
+  http_listen_port: 9080
+  grpc_listen_port: 0
+
+positions:
+  filename: /tmp/positions.yaml
+
+clients:
+  - url: http://loki:3100/loki/api/v1/push
+
+scrape_configs:
+
+# local machine logs
+
+- job_name: local
+  static_configs:
+  - targets:
+      - localhost
+    labels:
+      job: varlogs
+      __path__: /var/log/*log
+  
+## docker logs
+
+#- job_name: docker 
+#  pipeline_stages:
+#    - docker: {}
+#  static_configs:
+#    - labels:
+#        job: docker
+#        __path__: /var/lib/docker/containers/*/*-json.log
+
+# syslog target
+
+#- job_name: syslog
+#  syslog:
+#    listen_address: 0.0.0.0:1514 # make sure you also expose this port on the container
+#    idle_timeout: 60s
+#    label_structured_data: yes
+#    labels:
+#      job: "syslog"
+#  relabel_configs:
+#    - source_labels: ['__syslog_message_hostname']
+#      target_label: 'host'
+

Loki Docker Driver

Install docker plugin

1
+
docker plugin install grafana/loki-docker-driver:latest --alias loki --grant-all-permissions
+

Edit docker daemon config

1
+
sudo nano /etc/docker/daemon.json
+

daemon.json

1
+2
+3
+4
+5
+6
+7
+
{
+    "log-driver": "loki",
+    "log-opts": {
+        "loki-url": "http://localhost:3100/loki/api/v1/push",
+        "loki-batch-size": "400"
+    }
+}
+

Restart docker daemon.

1
+
 sudo systemctl restart docker
+

You will also need to recreate your containers after applying this setting *

LogQL sample queries

Query all logs from the varlogs stream

1
+
{job="varlogs"} 
+

Query all logs from the varlogs stream and filter on docker

1
+2
+
{job="varlogs"}  |= "docker"
+
+

Query all logs from the container_name label of uptime-kuma and filter on host of juno

1
+2
+
{container_name="uptime-kuma", host="juno"}
+
+

Read more about LogQL here

ARM CPU (Raspberry Pi)

There is a workaround for using this with ARM CPUs. Credit to AndreiTelteu for finding this in this discussion

delete /etc/docker/daemon.json

Add the vector service to the docker-compose.yml file

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+
+    vector:
+        image: timberio/vector:0.18.1-debian
+        volumes:
+            - /var/run/docker.sock:/var/run/docker.sock
+            - /home/serveradmin/docker_volumes/vector/vector-config.toml:/etc/vector/vector.toml:ro
+        ports:
+            - "8383:8383"
+        restart: unless-stopped
+        networks:
+            - loki
+

Run this command

1
+2
+3
+
mkdir vector
+cd vector
+nano vector-config.toml
+

paste this config in the file:

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+
[sources.docker-local]
+  type = "docker_logs"
+  docker_host = "/var/run/docker.sock"
+  exclude_containers = []
+ 
+  # Identify zero-width space as first line of a multiline block.
+  multiline.condition_pattern = '^\x{200B}' # required
+  multiline.mode = "halt_before" # required
+  multiline.start_pattern = '^\x{200B}' # required
+  multiline.timeout_ms = 1000 # required, milliseconds
+ 
+[sinks.loki]
+  # General
+  type = "loki" # required
+  inputs = ["docker*"] # required
+  endpoint = "http://loki:3100" # required
+  
+  # Auth
+  auth.strategy = "bearer" # required
+  auth.token = "none" # required
+  
+  # Encoding
+  encoding.codec = "json" # required
+  
+  # Healthcheck
+  healthcheck.enabled = false # optional, default
+  
+  # Loki Labels
+  labels.forwarder = 'vector'
+  labels.host = ''
+  labels.container_name = ''
+  labels.compose_service = ''
+  labels.compose_project = ''
+  labels.source = ''
+  labels.category = 'dockerlogs'
+

Credits to this post for the config file: grafana/loki#2361 (comment)

Kubernetes Setup

If you’re looking to set this up in kubernetes, see this post

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/guacamole-remote-access-gateway/index.html b/posts/guacamole-remote-access-gateway/index.html new file mode 100644 index 0000000000..a3497ec7ec --- /dev/null +++ b/posts/guacamole-remote-access-gateway/index.html @@ -0,0 +1 @@ + Meet Guacamole, Your Remote Access Gateway | Techno Tim
Post

Meet Guacamole, Your Remote Access Gateway

Do you have a lot of virtual machines? Are you running Windows, Linux, and Mac and need remote access from a single UI? Well, Apache Guacamole is for you! Apache Guacamole is a clientless remote access gateway that give you a web portal to access any of your clients over standard protocols like VNC, RDP, SSH, TELNET, and more. Join me in this step by step tutorial as we set up a self-hosted version of Guacamole in your homelab.As an added bonus, we’ll set up 2FA (multifactor authentication) to help secure Guacamole.Oh, yeah, and we’ll do this all in Docker and or Kubernetes, it’s up to you! :)

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/ha-pi-hold-gravity-sync/index.html b/posts/ha-pi-hold-gravity-sync/index.html new file mode 100644 index 0000000000..c85ffb108b --- /dev/null +++ b/posts/ha-pi-hold-gravity-sync/index.html @@ -0,0 +1 @@ + High Availability Pi-Hole? Yes please! | Techno Tim
Post

High Availability Pi-Hole? Yes please!

Dear Pi-Hole, We love your product.It keeps our network safe from malware and other unwanted domains. While we love what is there so far, please add a feature to your core product to keep multiple servers in sync and provide high availability DNS to our whole entire network.Then, we won’t have people asking us “Is the internet down?” every time we reboot our Pi-Hole server.

Until then, we will use Gravity Sync.

Sincerely,

Techno Tim (and probably thousands of other lovers of Pi-Hole).

P.S.Keep up the good work!

Thank you Gravity Sync!

(don’t forget to star the repo!)

https://github.com/vmstan/gravity-sync

📺 Watch Video

Great Raspberry Pi - Pi-Hole Servers!

► Raspberry Pi Zero W Kit - https://amzn.to/3qOl9yS

► Raspberry Pi 4 Kit - https://amzn.to/3nophDm

If you’re looking to have your PiHole instances failover automatically, be sure to check out the documentation on keepalived

Meet keepalived - High Availability and Load Balancing in One

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/handbrake-docker-k8s/index.html b/posts/handbrake-docker-k8s/index.html new file mode 100644 index 0000000000..0d53b0d7f5 --- /dev/null +++ b/posts/handbrake-docker-k8s/index.html @@ -0,0 +1 @@ + Containerizing HandBrake with Docker and Kubernetes | Techno Tim
Post

Containerizing HandBrake with Docker and Kubernetes

Handbrake is a fantastic open source transcoder.It allows you to transcode, or convert, your video files into different formats. It has a nice UI that’s easy to use and helps you transcode videos very easily. It supports profiles that are optimized for your target devices. And because this is open source and cross compiled, you can run this on Windows, macOS, or Linux…but did you also know you can self host a containerized version of this with Docker and Kubernetes?

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/heimdall-dashboard/index.html b/posts/heimdall-dashboard/index.html new file mode 100644 index 0000000000..e44d2cbfb9 --- /dev/null +++ b/posts/heimdall-dashboard/index.html @@ -0,0 +1 @@ + Meet Heimdall, Your Homelab Application Dashboard | Techno Tim
Post

Meet Heimdall, Your Homelab Application Dashboard

Tired of bookmarking all of your self-hosted services only to lose them? Want access to all your sites from anywhere in the world? Well, Heimdall can help with a clean, responsive, and beautiful dashboard for all of your Homelab services. So join me in this tutorial as we install and configure Heimdall on Docker and Kubernetes and build a dashboard with live icons.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/hl15-review/index.html b/posts/hl15-review/index.html new file mode 100644 index 0000000000..a69e209e51 --- /dev/null +++ b/posts/hl15-review/index.html @@ -0,0 +1 @@ + EVERYTHING You Should Know About the HL15 | Techno Tim
Post

EVERYTHING You Should Know About the HL15

The HL15 from 45Drives is here. It brings a lot of unique features and was built and designed with the HomeLab community in mind. In this in-depth review we’ll cover everything you want to know about this new storage server.

📺 Watch Video

Disclosures:

  • I was not paid
  • I was sent an HL15 for review

Intro

HL15 is here! HL15 from 45HomeLab

This is the newly released HL15 from 45 Homelab division of 45 Drives. It’s a server meant to meet the needs of the HomeLab community while bringing the build quality and design from their enterprise offerings. It’s a 15 bay server that can be used for just about whatever you want to use it for but it goes without saying that you’re most likely thinking about buying this to be your next storage server.

There’s a lot to unpack with this new server so this will be an in-depth look at the H15 HomeLab Storage Server. We’ll cover everything from the chassis, the backplane, the motherboard, the CPU, the power supply and power consumption, cooling, software selection, and even the price and value proposition, because at the end of the day if you don’t think it’s worth it, you’re probably not going to buy it. So, is it any good? Let’s find out.

Purchasing Options

When purchasing this machine you have a few options. Now you might have sticker shock when seeing these prices, but we’ll talk about that later in the video. But your options are:

  • Chassis & backplane only
  • Chassis, backplane, PSU, Data Cables, and PSU
  • or fully loaded and tested which is the machine that they sent to me for testing.

You have your choice of color, power cable, and additional add ons if you like. They sent a white for me, which is what I was hoping for.

First let’s dive into the chassis and the case.

Chassis / Case

HL15 front Steel chassis with screws. I really dig the white and blue

This chassis is made of steel and it’s solid. Like really solid. If you’ve only had aluminum cases in the past you’ll notice the difference right away. It has a powder coat finish that comes in white or black, mine is obviously in white. This design is really nice, it has sort of this Star Wars Hoth vibe to it, which I am a fan of. Now looking at this case you can see that it’s almost entirely metal metal and screws, which I think is a good thing. Why does that matter? We’ll, if you’ve ever had a rivet pop off of one of your cases it’s near impossible to fix, at least for me, I’ve never used rivets and wouldn’t know where to start.

You can open this case up using these thumb screws and the first thing you see is the top loading drive cage.

Holds 15 drives that can easily slide in and out, easy to see serial numbers (no more labels) and has these nice little springs to keep the drives in place. You’ll also notice No caddies, which is something 45 Drives does not like and after loading quite a few drives in other systems I think it’s starting to rub off on me. Caddies just add more parts, more screws, and ultimately more time and complexity when servicing drives. It’s something that I can now appreciate after dealing with the status quo for so many years.

Back of the chassis The back of the chassis is pretty basic, I do wish it used PCIe blanks vs breakaways

One of the downsides is that the PCIe slots have breakaways. Great if you never need to add an item (less parts, less screws, less things banging around) but awkward if you do shuffle around hardware. This is a carry over from their enterprise servers, something I also have in my AV15.

The other nice thing about this case is that it can lay flat or even stack up like a desktop with the included feet. If you’re choosing to rack mount this, you’ll just need to attach the included rack ears and then also pick up a pair of rack rails, which do not come with the server. If you don’t want the official rack rails, one of the universal rack shelves will work just fine.

Motherboard & Connectivity

Motherboard Lots of this connectivity options on this motherboard

We’ll go a little more in depth on the backplane and some of its features a little bit later but let’s first focus on the motherboard and connectivity to help you understand how it all works.

This motherboard is the SuperMicro X11SPH-nCTPF. It comes in 2 flavors, one with SFP+ networking and the other with 10Gbe networking.

X11SPH-nCTF https://www.supermicro.com/en/products/motherboard/x11sph-nctpf

CPU & RAM

CPU This is an intro level Xeon, great for PCIe lane, storage services, and a few containers or VMs but not too much after that

  • Single Socket LGA-3647 Motherboard
  • Up to 28 cores we’ll cover the specific CPU a little bit later
  • Up to 2 TB of RAM across the 8 DIMM slots
  • DDR4-3200 Dual Rank ECC Registered RAM

I opted for 32 GB of 2x16 and picked up more RAM from eBay and now have 128GB. It’s priced pretty fairly there if you’re thinking about buying some.

I made sure that I tested it and it all passed

If you do decide to do this, be sure to populate your DIMs in dual rank mode according to the motherboard manual.

SATA / SAS

PCIe

  • 4 PCIe 3.0 slots:
  • 16x, 8x, 8x, 4x in 8x slot
  • They are 3.0
  • 3.0 is 1 GB/s and 4.0 is 2 GB/s but real world not sure if you’re notice
  • This gives you plenty of room for expandability

Backplane

Custom backplane created by 45 drives.

  • It can address up to 15 drives.
  • They’ve wired up 8 to SATA and 7 to SAS
  • The 8 SATA run though the C622 onboard controller 6 GB ports
  • 7 SAS run through the Intel 3008 controller 12 GB/s ports
  • Can push up to 2,000 MB /s?
  • You can saturate a 10g link easily with this much storage
  • Basically NVMe speeds over the network
  • This backplane has some custom features.
  • It’s the same backplane that they put in their enterprise Storinators they just developed
    • Universal Hot Swap
      • Power limiting features so that when plugging in drives it won’t affect its neighbors voltage
    • Staggered spin up
      • Staggers the spin up of the hard drives
      • Starting all at the same time can create a surge
      • I think this is why one of my old JBOD servers trips my power supply when I power it on.

Power Supply

Hl15 standing up The HL15 has a modest power supply. Great for 15 drives but might need some additional wattage if you’re going to add more components

  • Rm750e from Corsair
  • ATX, Fully Modular make sure that you only use the cables you need reducing clutter in the case. This is welcomed because when swapping out the power supply in my AV15 there were lots of cables and it was a specialized power supply. Great to see they are using a standard ATX now.

  • Low noise because of its 120mm fan, and can even spin down to 0 RPMs on low loads.
  • It also has an 80 plus gold certified rating meaning that it’s up to 90% efficient at steady loads. Could you get a more efficient one, sure, but it’s going to cost a lot more.
  • Overall solid power supply but 750w might not leave too much headroom if you’re planning on adding all 15 drives and some additional components.

Networking

  • Dual 10g SFP+ ports
  • I went this route because I feel like it’s a little more flexible than going 10g ethernet
  • I ended up buying a few 10g RJ45 transceivers to connect to 10g ethernet on my switch (Where to Buy section)

IPMI

  • IPMI onboard
  • typical ASPEED IPMI you need on SuperMicro boards
  • Works great for getting into your machine when it’s powered down or before it has an OS.
  • I used it to flash the BMC and firmware shortly after getting it powered on.
  • I did buy the remote license update from SuperMicro, which I typically do with all my boards that allows you to flash bios through the UI.
  • It costs about 27 bucks and while it stinks to pay for this license, there’s no easy way around it if you do want to flash your BIOS remotely or want access to some of the other features.

Misc

There are lots of additional headers on the board if you need, like TPM, USB, and even additional serial.

IO

  • VGA, which honestly doesn’t matter since you have IPMI, but this is pretty typical with servers
  • USB 2 and 3.0 ports, network again, and serial.

Overall, I think this is a solid server board for this configuration.

CPU

Intel(R) Xeon(R) Bronze 3204 CPU @ 1.90GHz https://ark.intel.com/content/www/us/en/ark/products/193381/intel-xeon-bronze-3204-processor-8-25m-cache-1-90-ghz.html

  • 2nd gen Intel Xeon Scalable processors
  • Cascade Lake
  • 6 Cores, no Hyper-threading
  • Max clock 1.9, low for single thread performance but fine for me
  • Can address up to 48 PCIe lanes which is great for the board we have
  • TDP 85w
  • VTx, VtD, AES-NI and more of the typical tech you see in Xeon CPUs

Real world, is the CPU enough? It is for me. I will be doing very little compute on this server. If you plan on using this as a hypervisor like Proxmox, you might want to look into another CPU. I checked other CPU options on the used market and it’s actually not to bad if you want to upgrade this CPU later on down the road.

Power Consumption & Efficiency

  • Turning it on without anything plugged in it’s going to pull about 80 watts of power while doing system tests and if you plug in a few additional USB devices, the monitor, a couple of GBICs it’s going to pull an additional 10.
  • When fully booted into Ubuntu 22.04 LTS without anything plugged in it’s going to pull about 70 watts.
  • The only drives I had free to test with here these 8TB Seagate Ironwolf 7200 RPM NAS drives
  • After inserting each drive and letting them spin up and normalizing, each drive added about an additional 8-9 watts of power. After inserting 6 without anything else plugged in, we’re sitting at about 114 watts
  • After pulling in the 2 10g transceivers and the IPMI nic, we’re sitting at right around 125 watts. Not too bad all things considered.
  • I disconnected the fans just to see and it looks like they are using about 4 watts a a piece

Cooling

  • 6 x 120mm CoolerGuys fans
  • 1700 RPM
  • 32.5dBA
  • 73CFM - cubic feet per minute
  • 2.47mm H2O - static pressure (measures in inches of water)
  • 6 of these total
  • 3 in the front to take in cool air and cool the drives and another 3 to push air across the motherboard and keep components cool.

These fans move a lot of air and you don’t need to worry about your components ever overheating. They do this at the cost of noise though. How loud are the fans? I am not sure how to put this but they are quiet for enterprise servers and loud for a home server. They are much quieter than its enterprise counterpart, the AV15, but still not something you want to put in your living room. I am thinking about replacing them with Zigbee controller RGB fans like I did with my AV15 customization video but haven’t had the time to rip it apart yet.

If you do decide to replace the fans, just be sure that you’re getting something on par with these and specifically ones with enough static pressure.

The CPU cooler is passive and I think that has a lot to do with why they’re using these fans. On my AV15 I did swap this out for a noctua cpu cooler that kept it just as cool, if not more, which then allowed me to replace the fans with quieter fans. You can find the fans I used in the AV15 in the Where to Buy section.

OS & Software

The HL15 ships with Rocky Linux but I assume that’s there just to run their QA tests. Since this is an open system x86 you can install anything you like on it from Proxmox, to TrueNAS, VMware or any operating system. If you’re buying this as a storage server, most likely it’s going to be something that handles storage nicely.

I took a slightly different approach with this system and decided to not install a hypervisor and install Ubuntu LTS. This time I am going to go bare metal and see how manageable Ubuntu is with services like SMB, NFS, ZFS, some docker containers, and possibly some KVM if I want virtualization.

I am also going to give Cockpit a shot, or the Houston UI as 45Drives calls it. This gives me a friendly UI to manage some of these services which are otherwise pretty complex.

That’s when I found out that they don’t yet support 22.04, only 20.04 which is the previous LTS from 3 years ago. With all of that being said, I am going to install Cockpit without the 45Drives special sauce.

This was super simple with a command…

Or so I thought…

And that had its own issues so for the sake of showing off what Cockpit / Houston can do I decided to install Ubuntu 20.04, which is still supported. Hopefully 22.04 will be supported, or even 24.04 in the spring.

Installing is as easy as downloading a script and then executing it. It will install many different modules to help you manage your server. After setup is complete you’ll reboot.

Once installed you can see Houston or Cockpit running on your server IP https 9090

At the time of testing Houston for this video, it seems like some of these modules are not working properly with the HL15, for example the 45Drives Disks and the 45Drives Motherboard do not load, and the 45Drives System area is partially loaded and there are some services that fail to load like ZnapZend. These few things aside, the rest of the UI seems to be working.

I can create ZFS pools, create SMB and NFS Shares, and even create some virtual machines if I like, although the UI is pretty basic for this. Creating users, Charts, metrics, benchmarks, and even accessing the terminal all seem fine. You can also install additional applications by using the cli and finding an application on their project page however most of them are already installed. For example I installed and open LDAP server on my machine and that worked just fine, however beta applications like Tailscale and cloudflare tunnels aren’t available on this version of cockpit so you won’t be able to install them, arguably that’s probably better suited for something like Docker and containers, and if you’re going to install manage containers, you’ll want to install Portainer to manage them.

If I do end up going this route, I would leave Cockpit for managing hardware type services and configuration and leave the rest to Docker and I will manage Docker with Portainer since it’s only a few clicks away. All that being said, I know that this is a new line for 45 drives, but it would be nice if this were working so that I wouldn’t be forced to use proxmox because I don’t need virtualization, and TrueNAS because I don’t want to run their apps. I might just go bare metal without any gui, but managing configs for smb, zfs, zfs, etc is such a pain.

So more to come on the OS for this server, I still have time to make my decision and the nice thing is it’s flexible!

Hardware & Network Stress Test

Network stress testing The HL15 with a standard config can easily push 20 G/bs

You’ll have to see the video for this section. Spoiler alert, I can push 20 Gb/s with this configuration, no problem at all.

Price & Value

Hl15 homelab One of the first products that is targeting the HomeLab community

So let’s talk about some of the configuration options you saw earlier along with the value you’re getting.

You can choose:

  • Chassis + Backplane for $799 which is going to get you the chassis with the direct wire backplane. Everything else is up to you to supply and connect.
  • The next option at $910.00 is the Chassis + Backplane & PSU which is going to get you the chassis, the direct wire backplane, data cables, and the 750w ATX power supply.
  • The final option for $1999.99 is the fully built and tested system.

Let’s not beat around the bush, all of these options are priced pretty high. No matter which way you look at it, $800, $900, $2,000 dollars is a lot of money no matter what you are spending it on and I think you have to determine if there’s enough value here for you. Is getting a steel, repairable case with a backplane that can hold 15 caddie-less drives and give you NVMe speeds over the network important to you? If it is, you have few options out there. This isn’t a chassis you buy that comes with a proprietary motherboard and components, it’s a chassis that is open enough to accommodate any motherboard / CPU combination you throw at it, now and in the future. If you’re comparing it to other storage vendors, like synology, it’s on par for price, but if you’re comparing it to old used gear you’re going to think it’s expensive.

That being said, I would love to see cheaper options for those that are in the market for a homelab chassis like this one. And if not, maybe they will see these on the second hand market later in life.

If you can get past the price, I think you’ll find a case that has everything you’re going to want for a storage server, now and in the future. It looks like 45Drives addressed everything I mentioned in the AV15 with the HL15, well, except RGB, unless you’re counting the power switch. Also, I have to give them credit because they took a huge risk at bringing something to market that is as niche as HomeLab, because to my knowledge, they are one of the first to do it and brand it with the “HomeLab” Title.

Well I learned a lot about the HL15, storage servers, and network throughput testing and I hope you learned something too. And remember if you found anything in this video helpful, don’t forget share this post!

Join the conversation

Where to Buy

HL15:

HL15 Accessories:

(Affiliate links may be included in this description. I may receive a small commission at no cost to you.)

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/home-assistant/index.html b/posts/home-assistant/index.html new file mode 100644 index 0000000000..8a693efe2b --- /dev/null +++ b/posts/home-assistant/index.html @@ -0,0 +1,73 @@ + Home Assistant on Docker and Kubernetes (Open Source Home Automation) | Techno Tim
Post

Home Assistant on Docker and Kubernetes (Open Source Home Automation)

Are you ready to start automating your smart home with the power of open source? Do you already have Home Assistant running but need a little more power than a Raspberry Pi? If so, join me in this easy to follow, step by step tutorial on installing Home Assistant on Docker, Kubernetes, and Rancher. We’ll set it up, walk through and configure the UI, and then move on to configure some Wemo smart switches, Phillips Hue bulbs, Google Home / Chromecast devices, and even create a Dark Mode / Light mode automation script using Phillips Hue Scenes!

📺 Watch Video

configuration.yaml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+
# Configure a default setup of Home Assistant (frontend, api, etc)
+default_config:
+
+# Text to speech
+tts:
+  - platform: google_translate
+
+group: !include groups.yaml
+automation: !include automations.yaml
+script: !include scripts.yaml
+scene: !include scenes.yaml
+
+wemo:
+  discovery: true
+

scripts.yaml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+
'1591564249617':
+  alias: Dark Mode
+  sequence:
+  - data:
+      group_name: Office
+      scene_name: Gaming
+    service: hue.hue_activate_scene
+  - device_id: f41ccf86433148dcbd8e932d1412f12a
+    domain: switch
+    entity_id: switch.gaming_lights
+    type: turn_on
+'1591564322588':
+  alias: Light Mode
+  sequence:
+  - data:
+      group_name: Office
+      scene_name: Energize
+    service: hue.hue_activate_scene
+  - device_id: f41ccf86433148dcbd8e932d1412f12a
+    domain: switch
+    entity_id: switch.gaming_lights
+    type: turn_off
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/home-network-upgrade/index.html b/posts/home-network-upgrade/index.html new file mode 100644 index 0000000000..0462b7d7b8 --- /dev/null +++ b/posts/home-network-upgrade/index.html @@ -0,0 +1 @@ + Huge Network Upgrade for My Homelab | Techno Tim
Post

Huge Network Upgrade for My Homelab

I decided to give my Home Lab a proper upgrade for 2020 and in to 2021! I finally took the plunge and went all in with a UniFi UDM Pro and a UniFi Switch PRO 24 PoE switch and they are awesome!

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/home-security-upgrade/index.html b/posts/home-security-upgrade/index.html new file mode 100644 index 0000000000..b3f35843c3 --- /dev/null +++ b/posts/home-security-upgrade/index.html @@ -0,0 +1 @@ + My HUGE Home Security Upgrade | Techno Tim
Post

My HUGE Home Security Upgrade

I am a huge fan of self hosted home security and I’ve been doing it for years. I love the idea of being able to check on my home when I am away.Also, I’ve always kept my video footage on premise (on prem) and never sent it to the cloud.It started way back with a laptop and a webcam and it evolved into self-hosting my own DVR software on a virtual machine with many PoE and wireless cameras… but this became way too much to manage. Well, this is the next evolution of my home security, integrating it into my recently upgraded UniFi network.I wanted to simplify my home security, just like my network, so I decided to pick up some UniFi Protect G3 FLEX cameras and some new UniFi Protect G3 Instant cameras to help secure my home.I also picked up the UniFi Smart Power Plug that will monitor my internet connection and reboot my modem if I lose connection.This is going to be awesome! I hope you enjoy this complete guide to setting up your new UniFi Protect system!

  • Note, everything here was purchased with my own money. 0 outside influence by brands.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/homelab-assistant/index.html b/posts/homelab-assistant/index.html new file mode 100644 index 0000000000..2f3d232b0e --- /dev/null +++ b/posts/homelab-assistant/index.html @@ -0,0 +1 @@ + The Best HomeLab Service Dashboard Yet! | Techno Tim
Post

The Best HomeLab Service Dashboard Yet!

Say goodbye to all of the other Home Lab Dashboards that you end up not using, it’s time to use something smarter, Home Assistant.

📺 Watch Video

Disclosures

  • Nothing in this video was sponsored

Info

Code

You can check out my current Home Assistant Docker Compose Stack

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/homelab-colo-architecture-review/index.html b/posts/homelab-colo-architecture-review/index.html new file mode 100644 index 0000000000..dd1647f973 --- /dev/null +++ b/posts/homelab-colo-architecture-review/index.html @@ -0,0 +1 @@ + YOU Review MY HomeLab and Colocation Architecture! | Techno Tim
Post

YOU Review MY HomeLab and Colocation Architecture!

After moving some of my HomeLab servers into the new colocation I have so many choices to make when it comes to services and architecture! From networking, to VPN, to security, to hypervisors, to backups, and even DNS! I NEED YOUR HELP! Help me decide if I have created a solid foundation for my new HomeLab in a Colo!

Network diagram created with Figma

📺 Watch Video

Disclosures:

  • Nothing in this video was sponsored

Find your UniFi cloud gateway here:

(Affiliate links are included in this description. I may receive a small commission at no cost to you.)

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/homelab-datacenter-1/index.html b/posts/homelab-datacenter-1/index.html new file mode 100644 index 0000000000..09ae8785c2 --- /dev/null +++ b/posts/homelab-datacenter-1/index.html @@ -0,0 +1 @@ + I Colocated My HomeLab in a Data Center | Techno Tim
Post

I Colocated My HomeLab in a Data Center

After a few months of planning and building, I colocated some of my homelab servers in a data center! There were so many unknowns like, how much does colocating server cost? Do you need to bring your own networking? How do you even prepare for this? Join me as we figure this all out!

And don’t worry, I still have servers at home too!

📺 Watch Video

Disclosures:

  • Huge thanks to William for inviting me to his colo rack!
  • Thanks to Ubiquiti for sending a UDM for my rack!

Find your UniFi cloud gateway here:

(Affiliate links are included in this description. I may receive a small commission at no cost to you.)

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/homelab-hardware-tour-2023/index.html b/posts/homelab-hardware-tour-2023/index.html new file mode 100644 index 0000000000..09dc27077a --- /dev/null +++ b/posts/homelab-hardware-tour-2023/index.html @@ -0,0 +1 @@ + HomeLab Hardware Tour! (Late 2023) | Techno Tim
Post

HomeLab Hardware Tour! (Late 2023)

Well, here it is! My Late 2023 Server Rack and HomeLab tour! I’ve upgraded, replaced, added, and consolidated quite a bit since my last tour! New servers, new networking, UPS, cabling, power management, and more new tech on the wall!

📺 Watch Video

In case you missed it, check out my HomeLab Services Tour (2024)!

Join the conversation

Where to Buy

Rack & Accessories

Network

Servers & Accessories

Accessories

Over the Air TV Gear (Plex or JellyFin)

Intel NUC Mini Cluster

(Affiliate links may be included in this description. I may receive a small commission at no cost to you.)

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/homelab-hardware-tour/index.html b/posts/homelab-hardware-tour/index.html new file mode 100644 index 0000000000..57804b6e39 --- /dev/null +++ b/posts/homelab-hardware-tour/index.html @@ -0,0 +1 @@ + Techno Tim Homelab Tour -- Server Rack and Network | Techno Tim
Post

Techno Tim Homelab Tour -- Server Rack and Network

You asked for a tour of my homelab, well here it is.In this tour I will take you through my home server rack and network setup.This includes my all of my home networking equipment, my servers, disk array, and everything else in my server rack.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/homelab-services-tour-2020/index.html b/posts/homelab-services-tour-2020/index.html new file mode 100644 index 0000000000..1156a83e7a --- /dev/null +++ b/posts/homelab-services-tour-2020/index.html @@ -0,0 +1 @@ + Homelab Services Tour -- What am I running on my Homelab? | Techno Tim
Post

Homelab Services Tour -- What am I running on my Homelab?

In my homelab tour, I showed you my hardware and network setup that powers all the infrastructure at home.Then, many of you asked which services I am hosting on this hardware.Well, here it is.This is a tour of all the self hosted services I have running in my Homelab.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/homelab-services-tour-2021/index.html b/posts/homelab-services-tour-2021/index.html new file mode 100644 index 0000000000..f209ada110 --- /dev/null +++ b/posts/homelab-services-tour-2021/index.html @@ -0,0 +1 @@ + HomeLab Services Tour Late 2021 - What am I Self-Hosting in my HomeLab? | Techno Tim
Post

HomeLab Services Tour Late 2021 - What am I Self-Hosting in my HomeLab?

After showing off my Home Lab hardware in my late 2021 tour, many of you asked what services are self-hosted in this stack. This is always a moving target so I decided it was time to share which services I am running here at home.Today, we walk through everything I am hosting including: Dashboard, Hypervisor, Virtualization, Containerization, Network Attached Storage (NAS), DNS, Network Management, Home Security, Kubernetes, Kubernetes Storage, Docker, Reverse Proxy, Certificates, Monitoring, Logging, Syncing Data, File Sharing, Self-Promotion (Contact Page), Link Shortening, Home Entertainment, Home Automation, Battery / UPS Monitoring, CMS, Static Site Generators, Dynamic DNS, CI/CD, and many, many others.Enjoy the virtual tour!

Worth mentioning, I have videos on almost every service mentioned in this video!

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/homelab-services-tour-2022/index.html b/posts/homelab-services-tour-2022/index.html new file mode 100644 index 0000000000..9c5dafb9ee --- /dev/null +++ b/posts/homelab-services-tour-2022/index.html @@ -0,0 +1 @@ + Techno Tim HomeLab Services Tour (Late 2022) - What am I Self-Hosting in my HomeLab? | Techno Tim
Post

Techno Tim HomeLab Services Tour (Late 2022) - What am I Self-Hosting in my HomeLab?

Wow, what a year of self-hosting! After showing off my Home Lab hardware in my late 2022 tour, many of you asked what services are self-hosted in this stack. This is always a moving target so I decided it was time to share which services I am running here at home.Today, we walk through everything I am hosting including: Dashboard, Hypervisor, Virtualization, Containerization, Network Attached Storage (NAS), DNS, Network Management, Home Security, Kubernetes, Kubernetes Storage, Docker, Reverse Proxy, Certificates, Monitoring, Logging, Syncing Data, File Sharing, Link Page, Link Shortening, Home Entertainment, Home Automation, Battery / UPS Monitoring, CMS, Static Site Generators, Dynamic DNS, CI/CD, Git Ops, Dev Ops, and many, many others.Enjoy the virtual tour!

Worth mentioning, I have videos on almost every service mentioned in this video!

📺 Watch Video

Here are most of the videos mentioned in this video:

📦 Gear in this video 📦

(Affiliate links are included in this description. I may receive a small commission at no cost to you.)

Kit

Want to see all the gear in this video?

Check out the kit here: https://kit.co/TechnoTim/techno-tim-homelab-tour-late-2022

Rack & Accessories

Network

Servers & Accessories

Accessories

Chapters

00:00 - What is Techno Tim Self-Hosting?

01:05 - Dashboard

01:36 - Hypervisor

07:09 - Network Attached Storage

09:37 - DNS

11:48 - Network Management

13:05 - Home Security

13:42 - Containers (Kubernetes & Docker)

17:59 - -Kubernetes Storage

21:04 - Git Ops

22:35 - Reverse Proxy (Internal, External, and Ingress Controller)

25:26 - Monitoring

26:10 - Metrics & Data Visualization

27:02 - Logging

28:28 - Home Automation

30:08 - Data Synchronization

30:55 - Link Page (Contact Page)

31:41 - Link Shortener

32:24 - Home Entertainment

33:00 - UPS Battery Monitoring

33:37 - CMS (Content Management System)

34:25 - Websites (Static Sites & Custom Code)

34:46 - Dynamic DNS (External DNS)

35:16 - CI/CD (Continuous Integration & Continuous Delivery)

37:04 - Everything Else

37:41 - How do I get started self-hosting?

38:30 - Thanks for Watching!

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/homelab-services-tour-2024/index.html b/posts/homelab-services-tour-2024/index.html new file mode 100644 index 0000000000..73473aadd2 --- /dev/null +++ b/posts/homelab-services-tour-2024/index.html @@ -0,0 +1 @@ + HomeLab Services Tour 2024 - What Am I Self Hosting? | Techno Tim
Post

HomeLab Services Tour 2024 - What Am I Self Hosting?

What a year of self-hosting! Join me as we walk though my entire infrastructure and services that I have running in my HomeLab! This time I also include network diagrams and dive deep into which services I have running, where they are running, and why I chose them!

📺 Watch Video

In case you missed it, check out my HomeLab Hardware Tour (late 2023)!

Logical Network Diagram

Here is the diagram for my network!

Network Diagram (Logical) 2024 A logical Network Diagram of my HomeLab including VLANs and servers

Since many have asked, I use Figma to design my network diagrams. (affiliate link but they have a free plan)

Services I use

Here’s a breakdown of all the services I use

Dashboard

Sites:

Tutorials:

Hypervisor

Sites:

Tutorials:

Storage

Sites:

Tutorials:

DNS

Sites:

Tutorials:

Network Management

Sites:

Tutorials:

Home Security

Sites:

Tutorials:

Containerization

Sites:

Tutorials:

GitOps

Sites:

Tutorials:

Reverse Proxy (and Ingress Controller)

Sites:

Tutorials:

Monitoring & Logging

Sites:

Tutorials:

Data Visualization

Sites:

Tutorials:

Home Automation

Sites:

Tutorials:

Data Synchronization

Sites:

Sites:

Tutorials:

Sites:

Media Server

Sites:

Tutorials:

Power Management

Sites:

Tutorials:

Content Management Systems (CMS)

Sites:

Static Site Generators (SSG)

Sites:

Tutorials:

Continuous Integration / Continuous Delivery (CI /CD)

Sites:

Tutorials:

Everything else…

Sites:

Tutorials:

Join the conversation

(Affiliate links may be included in this description. I may receive a small commission at no cost to you.)

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/homelab-tools-accessories/index.html b/posts/homelab-tools-accessories/index.html new file mode 100644 index 0000000000..30b48c2ce3 --- /dev/null +++ b/posts/homelab-tools-accessories/index.html @@ -0,0 +1 @@ + Essential HomeLab Tools & Accessories - Network / Server / PC Tool Kit | Techno Tim
Post

Essential HomeLab Tools & Accessories - Network / Server / PC Tool Kit

Every Home Labber and IT person has their go to set of tools and accessories to help them accomplish tasks for technical projects in their HomeLab.This ranges from the very specialized, to the common.I do all kinds of projects at home, from building and racking servers, to building mini and full-size PCs, to upgrading and troubleshooting hardware, to home office upgrades, to installing wireless access points and cameras, down to building raspberry pi projects.I’ve gathered up some of my most essential tools and accessories to assist you in your projects!

A HUGE thanks to Micro Center for sponsoring this video!

New Customers Exclusive – FREE Redragon GS500 Gaming Stereo Speakers: https://micro.center/gom Check out Micro Center’s PC Builder: https://micro.center/7hj Submit your build to Micro Center’s Build Showcase: https://micro.center/vo6

📺 Watch Video

Items

Here are all of the items that were in the video, plus a few more.

📦 See the entire kit here: https://kit.co/TechnoTim/essential-homelab-tools-accessories-for-home-labbers-and-it-pros

Cage nuts

Network cables

Label Maker

Laser grip thermometer

Short Power cords

12 outlet surge protector

Fluke voltage tester

Kill A Watt Electricity Usage Monitor

SSD Mounting bracket

Velcro

Zip ties

Hard drive screws

USB Drive

SATA/IDE/USB Adapter

Craftsman quick change screw driver

DeWalt utility knife

Cable crimper

Punchdown tool

Dremel kit

Head lamp

Keystones

Cat 6 ends

Cable tester Klein

Cable toner

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/homelab-tour-2021/index.html b/posts/homelab-tour-2021/index.html new file mode 100644 index 0000000000..550011e58a --- /dev/null +++ b/posts/homelab-tour-2021/index.html @@ -0,0 +1 @@ + Techno Tim HomeLab and NEW Server Room Tour! (Late 2021) | Techno Tim
Post

Techno Tim HomeLab and NEW Server Room Tour! (Late 2021)

Well, here it is! My Late 2021 Server Rack and HomeLab tour! This is a special one because I just revamped and remodeled a spot in the basement for my new data center / server room (still picking out a name for it).I’ve upgraded, replaced, added, and consolidated quite a bit since my last tour! New servers, new networking, new UPS, new Raspberry Pi, and even a whole entire wall of tech gear. I also added lots of automation and IoT devices! Join me as we walk through my server room upgrade!

📺 Watch Video

(Affiliate links are included in this description. I may receive a small commission at no cost to you.)

📦 Gear in this video 📦

2u Rack Shelf - https://amzn.to/2ZVSJKN

APC 1500VA UPS - https://amzn.to/3GXLJh6

Nest Protect - https://amzn.to/3BLhc21

Hue Iris Light - https://amzn.to/3ET5Gn8

Hue Motion & Temp https://amzn.to/3qb1FXf

Axxtra Power Strip - https://amzn.to/3qbzIhT

Amazon Power Strip - https://amzn.to/3mMN16w

Wall Control Galvanized Steel Pegboard - https://amzn.to/3bJ8R4s

Hue Dimmer Switch - https://amzn.to/3wj9Sts

Hue Light Strips - https://amzn.to/3wkkLLD

Hue Smart Bulb Starter Kit - https://amzn.to/31renqs

Hue Motion & Temp Detection - https://amzn.to/3o7HOFR

Cloud Lamp - https://amzn.to/3GZji24

Pi 4 B - https://amzn.to/3BTPKzc

PoE Pi Hat - https://amzn.to/3GUqY5O

Pi Zero - https://amzn.to/3o4LGap

HD Homerun - https://amzn.to/2ZXxmYS

Intel NUC - https://amzn.to/3BKE3uR

24 Port Patch Panel - https://amzn.to/3GYA4yo

Wall Mount Patch Panel - https://amzn.to/3o2Axad

Slim Network Cables - https://amzn.to/3kbYV85

UniFi Flex Mini - https://l.technotim.live/ubiquiti

UniFi UDM Pro - https://l.technotim.live/ubiquiti

UniFi 24 Port PoE Gen 2 Switch Pro - https://l.technotim.live/ubiquiti

PC Conversion Case - https://amzn.to/3qgkFDJ

18u Server Rack - https://amzn.to/3kbZdvH

1u Rails - https://amzn.to/3GSd701

APC 600 VA UPS - https://amzn.to/3mMxsM1

NetApp DD4246 Disk Shelf - https://amzn.to/3o2AOKh

SuperMicro 1u Servers - https://amzn.to/3q9M7TJ

8 TB IronWolf NAS Drives - https://amzn.to/3EQXXGw

🚀 Kits 🚀

Rackmount Servers - https://kit.co/technotim/rackmount-home-lab-servers

HomeLab Racks - https://kit.co/technotim/server-rack-homelab

1u Servers - https://kit.co/technotim/techno-tim-1u-server

Networking Stack - https://kit.co/technotim/techno-tim-network-stack

Raspberry Pi with PoE - https://kit.co/technotim/best-raspberry-pi-with-poe

Home Security - https://kit.co/technotim/techno-tim-home-security

Storage and Hard Drives - https://kit.co/technotim/best-ssd-hard-drive-flash-storage

HomeLab and Server Room Upgrade 2021 - https://kit.co/technotim/techno-tim-homelab-and-server-room-upgrade-2021

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/homelab-tour-2022/index.html b/posts/homelab-tour-2022/index.html new file mode 100644 index 0000000000..24e2d8522a --- /dev/null +++ b/posts/homelab-tour-2022/index.html @@ -0,0 +1 @@ + Techno Tim HomeLab Server Room Tour! (Late 2022) | Techno Tim
Post

Techno Tim HomeLab Server Room Tour! (Late 2022)

Well, here it is! My Late 2022 Server Rack and HomeLab tour! This is a special one because I just revamped my entire rack.I’ve upgraded, replaced, added, and consolidated quite a bit since my last tour! New servers, new networking, new UPS, new power management, and even a whole entire wall of tech gear.I also added lots of automation and IoT devices! Join me as we walk through my server rack transfer and upgrade!

📺 Watch Video

(Affiliate links are included in this description. I may receive a small commission at no cost to you.)

After this, check out the 2022 (late) HomeLab Services Tour!

📦 Gear in this video 📦

Rack & Accessories

Network

Servers & Accessories

Accessories

Kit

See the entire kit here! https://kit.co/TechnoTim/techno-tim-homelab-tour-late-2022

Chapters

00:00 - What does Techno Tim’s HomeLab Look Like?

00:50 - HomeLab Music Video

02:13 - What’s all that stuff on the wall?

04:05 - New Server Rack

05:06 - Networking

07:13 - Smart PDU (Power in the front???)

10:36 - TBD Gear / Room for Growth

11:14 - 1u Servers

12:21 - Storinator

13:42 - PC Conversion Server

14:25 - Disk Shelf

15:27 - UPS

16:08 - Back of the Rack

17:08 - Power Channels

17:57 - Non Critical Power Devices

18:25 - Practical RGB Lighting (it has utility)

19:35 - Cable Management

20:51 - UPS Battery Extender

21:24 - Don’t be discouraged, Home Labs come in all shapes and sizes

23:05 - HomeLab Music Video Outro

Join the conversation

Light Mode vs Dark Mode!

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/homepage-dashboard/index.html b/posts/homepage-dashboard/index.html new file mode 100644 index 0000000000..c2b395dda7 --- /dev/null +++ b/posts/homepage-dashboard/index.html @@ -0,0 +1,1933 @@ + Meet Homepage - Your HomeLab Services Dashboard | Techno Tim
Post

Meet Homepage - Your HomeLab Services Dashboard

Meet Homepage, your new HomeLab services dashboard homepage! Homepage is an open source, highly customizable homepage (or startpage) dashboard that runs on Docker and is integrated with over 100 API services. It’s easy to set up, looks good by default, and helps you keep track of everything you are running in your HomeLab and more. Today we’ll set up Homepage and get it running in Docker in no time.

📺 Watch Video

Disclosures:

  • Nothing in this video was sponsored

Don’t forget to ⭐ homepage on GitHub!

Requirements

  • docker (and compose)

Docker Setup

See this post on how to install docker and docker compose

Install

Make a directory

1
+
mkdir homepage
+

cd into it

1
+
cd homepage
+

create a docker-compose.yaml file

1
+
touch docker-compose.yaml
+

Edit it

1
+
nano docker-compose.yaml
+

Place the contents

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+
version: "3.3"
+services:
+  homepage:
+    image: ghcr.io/gethomepage/homepage:latest
+    container_name: homepage
+    ports:
+      - 3000:3000
+    env_file: .env # use .env
+    volumes:
+      - /path/to/config:/app/config # Make sure your local config directory exists
+      - /var/run/docker.sock:/var/run/docker.sock # (optional) For docker integrations, see alternative methods
+    environment:
+      PUID: $PUID # read them from .env
+      PGID: $PGID # read them from .env
+

Create an .env file for variables

1
+
touch .env
+

Edit it

1
+
nano .env
+

add to file:

1
+2
+
PUID=1000
+PGID=1000
+

Save and exit

Start the container

1
+
docker compose up -d
+

Note: The container can take up to 60 seconds to start the first time. It’s a good idea to check the container to see if it is passing health checks before browsing to your site.

Check to be sure you see that the container is healthy.

You can check by running:

1
+
docker ps
+

You should see something like:

1
+2
+
CONTAINER ID   IMAGE                                 COMMAND                  CREATED         STATUS                    PORTS                                       NAMES
+8d841cf77e6f   ghcr.io/gethomepage/homepage:latest   "docker-entrypoint.s…"   2 minutes ago   Up 2 minutes (healthy)    0.0.0.0:3000->3000/tcp, :::3000->3000/tcp   homepage
+

Once it’s healthy, visit http://<IP-ADDRESS-DOCKER-MACHINE>:3000

You should see your new homepage!

Configure

On docker machine, cd into config directory

1
+
cd config
+

You’ll see yaml files, these are configurations we can edit to configure our homepage

edit settings.yaml

1
+
nano config/settings.yaml
+
1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+
---
+# For configuration options and examples, please see:
+# https://gethomepage.dev/latest/configs/settings
+
+title: My Awesome Homepage # <----- add this line
+
+providers:
+  openweathermap: openweathermapapikey
+  weatherapi: weatherapiapikey
+
+

Save, exit, and revisit your homepage

Should refresh, if not click the refresh in lower right hand corner

Title of document should now be

My Awesome Homepage

If we want, we can also customize the background but updating this file too

Edit settings.yaml

1
+
nano settings.yaml
+
1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+
---
+# For configuration options and examples, please see:
+# https://gethomepage.dev/latest/configs/settings
+
+title: My Awesome Homepage 
+
+background: https://images.unsplash.com/photo-1502790671504-542ad42d5189?auto=format&fit=crop&w=2560&q=80 # <----- add this line
+
+providers:
+  openweathermap: openweathermapapikey
+  weatherapi: weatherapiapikey
+
+

Save and exit again, and the background should be updated.

You can also mount your own image rather than reference one on the web however I am going to stick with one from the web that I don’t have to worry about additional mounts and configuration in the future.

If we want to add some additional filters to the image using tailwind css, we can like so

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+
---
+# For configuration options and examples, please see:
+# https://gethomepage.dev/latest/configs/settings
+
+title: My Awesome Homepage 
+
+background:
+  image: https://images.unsplash.com/photo-1502790671504-542ad42d5189?auto=format&fit=crop&w=2560&q=80
+  blur: sm # sm, "", md, xl... see https://tailwindcss.com/docs/backdrop-blur
+  saturate: 50 # 0, 50, 100... see https://tailwindcss.com/docs/backdrop-saturate
+  brightness: 50 # 0, 50, 75... see https://tailwindcss.com/docs/backdrop-brightness
+  opacity: 50 # 0-100
+
+# ^^^^  add the above block
+  providers:
+    openweathermap: openweathermapapikey
+    weatherapi: weatherapiapikey
+

If we want to set out homepage to dark mode and the color to slate, we can like:

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+
---
+# For configuration options and examples, please see:
+# https://gethomepage.dev/latest/configs/settings
+
+title: My Awesome Homepage 
+theme: dark # <----- add this line
+color: slate # <----- add this line
+background:
+  image: https://images.unsplash.com/photo-1502790671504-542ad42d5189?auto=format&fit=crop&w=2560&q=80
+  blur: sm # sm, "", md, xl... see https://tailwindcss.com/docs/backdrop-blur
+  saturate: 50 # 0, 50, 100... see https://tailwindcss.com/docs/backdrop-saturate
+  brightness: 50 # 0, 50, 75... see https://tailwindcss.com/docs/backdrop-brightness
+  opacity: 50 # 0-100
+
+# ^^^^  add the above block
+  providers:
+    openweathermap: openweathermapapikey
+    weatherapi: weatherapiapikey
+

Why do this? Isn’t this a lot of work?
1 word, it’s “repeatable”. We can back up our yaml files and even share them if we want. Also works great with Kubernetes since you can pass a ConfigMap file to your deployment thus not needing a volume.

Services

Services are configured in service.yaml and really are button for accessing some of your services

Edit service.yaml

1
+
nano config/service.yaml
+
1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+
---
+# For configuration options and examples, please see:
+# https://gethomepage.dev/latest/configs/services
+
+- My First Group:
+    - My First Service:
+        href: http://localhost/
+        description: Homepage is awesome
+
+- My Second Group:
+    - My Second Service:
+        href: http://localhost/
+        description: Homepage is the best
+
+- My Third Group:
+    - My Third Service:
+        href: http://localhost/
+        description: Homepage is 😎
+- Top Services:
+    - Proxmox:
+        icon: proxmox.png # icons found here https://github.com/walkxcode/dashboard-icons
+        href: https://192.168.0.15:8006
+        description: Proxmox VE
+    - PiHole:
+        icon: pi-hole.svg # icons found here https://github.com/walkxcode/dashboard-icons
+        href: http://192.168.60.10/admin
+        description: Server 1
+    - Cowboy:
+        icon: mdi-account-cowboy-hat-#FF0000 # icons found here https://pictogrammers.com/library/mdi/
+        href: https://localhost/
+        description: giddyup service
+    - McDonald’s:
+        icon: si-mcdonalds-#FFD700 # icons found here https://simpleicons.org/
+        href: https://www.mcdonalds.com/
+        description: homepage
+    # ^^^ add this block
+

As you can see we configured 4 services:

Note: If you’re using Material Design Icons or Simple Icons you can change the color of the icon by appending the hex values to the icon name as shown above.

Service Widgets

These extend the functionality of service buttons. Optional but cool.

Edit service.yaml

1
+
nano config/service.yaml
+
1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+
---
+# For configuration options and examples, please see:
+# https://gethomepage.dev/latest/configs/services
+
+- My First Group:
+    - My First Service:
+        href: http://localhost/
+        description: Homepage is awesome
+
+- My Second Group:
+    - My Second Service:
+        href: http://localhost/
+        description: Homepage is the best
+
+- My Third Group:
+    - My Third Service:
+        href: http://localhost/
+        description: Homepage is 😎
+- Top Services:
+    - Proxmox:
+        icon: proxmox.png # icons found here https://github.com/walkxcode/dashboard-icons
+        href: https://192.168.0.15:8006
+        description: Proxmox VE
+    - PiHole:
+        icon: pi-hole.svg # icons found here https://github.com/walkxcode/dashboard-icons
+        href: http://192.168.60.10/admin
+        description: Server 1
+        widget:
+          type: pihole
+          url: http://192.168.60.10
+          key: "{{HOMEPAGE_VAR_PIHOLE_API_KEY}}" # <--- updated with API key from PiHole
+    - Cowboy:
+        icon: mdi-account-cowboy-hat-#FF0000 # icons found here https://pictogrammers.com/library/mdi/
+        href: https://localhost/
+        description: giddyup service
+    - McDonald’s:
+        icon: si-mcdonalds-#FFD700 # icons found here https://simpleicons.org/
+        href: https://www.mcdonalds.com/
+        description: homepage
+

Stop the Docker container

docker stop homepage

Start the Docker container

docker start homepage

Note: I have noticed that sometimes you need to recreate the container in order for the variables from your .env to be replaced. Not sure if this is a feature or a bug, but docker compose up -d --force-recreate will stop the old container, remove it, and create a new one

We should now see pi hole statistics

Widgets

Widgets are standalone items like the resource and search at the top.

If you want to edit these items:

1
+
nano config/widgets.yaml
+
1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+
---
+# For configuration options and examples, please see:
+# https://gethomepage.dev/latest/configs/service-widgets
+
+- resources:
+    cpu: true
+    memory: true
+    disk: /
+
+- search:
+    provider: google # <--- updated with google
+    target: _blank
+
+- datetime:
+    text_size: xl
+    format:
+      timeStyle: short
+   # ^^^ add this block
+

Now we can see that search has been changed to Google and we’ve added a date widget.

My Dashboard

My Homepage Dashboard Here’s a fully working example of my own Homepage dashboard that I use!

As promised, here is both the config for Docker and even Kubernetes!

Docker Config

docker-compose.yaml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+
version: "3.3"
+services:
+  homepage:
+    image: ghcr.io/gethomepage/homepage:latest
+    container_name: homepage
+    restart: unless-stopped
+    ports:
+      - 3000:3000
+    env_file: .env
+    volumes:
+      - ./config:/app/config # Make sure your local config directory exists
+      - /var/run/docker.sock:/var/run/docker.sock # (optional) For docker integrations, see alternative methods
+    environment:
+      PUID: $PUID
+      PGID: $PGID
+

config/bookmarks.yaml

1
+
---
+

config/services.yaml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+54
+55
+56
+57
+58
+59
+60
+61
+62
+63
+64
+65
+66
+67
+68
+69
+70
+71
+72
+73
+74
+75
+76
+77
+78
+79
+80
+81
+82
+83
+84
+85
+86
+87
+88
+89
+90
+91
+92
+93
+94
+95
+96
+97
+98
+99
+100
+101
+102
+103
+104
+105
+106
+107
+108
+109
+110
+111
+112
+113
+114
+115
+116
+117
+118
+119
+120
+121
+122
+123
+124
+125
+126
+127
+128
+129
+130
+131
+132
+133
+134
+135
+136
+137
+138
+139
+140
+141
+142
+143
+144
+145
+146
+147
+148
+149
+150
+151
+152
+153
+154
+155
+156
+157
+158
+159
+160
+161
+162
+163
+164
+165
+166
+167
+168
+169
+170
+171
+172
+173
+174
+175
+176
+177
+178
+179
+180
+181
+182
+183
+184
+185
+186
+187
+188
+189
+190
+191
+192
+193
+194
+195
+196
+197
+198
+199
+200
+201
+202
+203
+204
+205
+206
+207
+208
+209
+210
+211
+212
+
---
+# For configuration options and examples, please see:
+# https://gethomepage.dev/latest/configs/services
+# icons found here https://github.com/walkxcode/dashboard-icons
+
+- Hypervisor:
+    - Proxmox:
+        icon: proxmox.svg
+        href: "{{HOMEPAGE_VAR_PROXMOX_URL}}"
+        description: pve1
+        widget:
+            type: proxmox
+            url: "{{HOMEPAGE_VAR_PROXMOX_URL}}"
+            username:  "{{HOMEPAGE_VAR_PROXMOX_USER}}"
+            password:  "{{HOMEPAGE_VAR_PROXMOX_API_KEY}}"
+            node: xing-01
+    - Proxmox:
+        icon: proxmox.svg
+        href: "{{HOMEPAGE_VAR_PROXMOX_URL}}"
+        description: pve2
+        widget:
+            type: proxmox
+            url: "{{HOMEPAGE_VAR_PROXMOX_URL}}"
+            username:  "{{HOMEPAGE_VAR_PROXMOX_USER}}"
+            password:  "{{HOMEPAGE_VAR_PROXMOX_API_KEY}}"
+            node: xing-02
+    - Proxmox:
+        icon: proxmox.svg
+        href: "{{HOMEPAGE_VAR_PROXMOX_URL}}"
+        description: pve2
+        widget:
+            type: proxmox
+            url: "{{HOMEPAGE_VAR_PROXMOX_URL}}"
+            username:  "{{HOMEPAGE_VAR_PROXMOX_USER}}"
+            password:  "{{HOMEPAGE_VAR_PROXMOX_API_KEY}}"
+            node: xing-03
+    - Proxmox:
+        icon: proxmox.svg
+        href: "{{HOMEPAGE_VAR_PROXMOX_URL}}"
+        description: pve4
+        widget:
+            type: proxmox
+            url: "{{HOMEPAGE_VAR_PROXMOX_URL}}"
+            username:  "{{HOMEPAGE_VAR_PROXMOX_USER}}"
+            password:  "{{HOMEPAGE_VAR_PROXMOX_API_KEY}}"
+            node: storinator
+- Containers:
+    - Rancher:
+        icon: rancher.svg
+        href: "{{HOMEPAGE_VAR_RACNHER_URL}}"
+        description: k8s
+    - Longhorn:
+        icon: longhorn.svg
+        href: "{{HOMEPAGE_VAR_LONGHORN_URL}}"
+        description: k8s storage
+    - Portainer:
+        icon: portainer.svg
+        href: "{{HOMEPAGE_VAR_PORTAINER_URL}}"
+        description: docker
+        widget:
+            type: portainer
+            url: "{{HOMEPAGE_VAR_PORTAINER_URL}}"
+            env: 2
+            key: "{{HOMEPAGE_VAR_PORTAINER_API_KEY}}"
+- DNS:
+    - Pi-Hole1:
+        icon: pi-hole.svg
+        href: "{{HOMEPAGE_VAR_PIHOLE_URL_1}}"
+        description: quasar
+        widget:
+            type: pihole
+            url: "{{HOMEPAGE_VAR_PIHOLE_URL_1}}"
+            key: "{{HOMEPAGE_VAR_PIHOLE_API_KEY_1}}"
+    - Pi-Hole2:
+        icon: pi-hole.svg
+        href: "{{HOMEPAGE_VAR_PIHOLE_URL_2}}"
+        description: blazar
+        widget:
+            type: pihole
+            url: "{{HOMEPAGE_VAR_PIHOLE_URL_2}}"
+            key: "{{HOMEPAGE_VAR_PIHOLE_API_KEY_2}}"
+    - Pi-Hole3:
+        icon: pi-hole.svg
+        href: "{{HOMEPAGE_VAR_PIHOLE_URL_3}}"
+        description: electron
+        widget:
+            type: pihole
+            url: "{{HOMEPAGE_VAR_PIHOLE_URL_3}}"
+            key: "{{HOMEPAGE_VAR_PIHOLE_API_KEY_3}}"
+- Network:
+    - UniFi:
+        icon: unifi.svg
+        href: "{{HOMEPAGE_VAR_UNIFI_NETWORK_URL}}"
+        description: network
+        widget:
+            type: unifi
+            url: "{{HOMEPAGE_VAR_UNIFI_NETWORK_URL}}"
+            username:  "{{HOMEPAGE_VAR_UNIFI_NETWORK_USERNAME}}"
+            password:  "{{HOMEPAGE_VAR_UNIFI_NETWORK_PASSWORD}}"
+    - Uptime Kuma:
+        icon: uptime-kuma.svg
+        href: "{{HOMEPAGE_VAR_UPTIME_KUMA_URL}}"
+        description: internal
+        widget:
+            type: uptimekuma
+            url: "{{HOMEPAGE_VAR_UPTIME_KUMA_URL}}"
+            slug: home
+    - Uptime Robot:
+        icon: https://play-lh.googleusercontent.com/cUrv0t00FYQ1GKLuOTvv8qjo1lSDjqZC16IOp3Fb6ijew6Br5m4o16HhDp0GBu_Bw8Y=w240-h480-rw
+        href: https://uptimerobot.com/dashboard
+        description: external
+        widget:
+            type: uptimerobot
+            url: https://api.uptimerobot.com
+            key: "{{HOMEPAGE_VAR_UPTIME_ROBOT_API_KEY}}"
+- Storage:
+    - TrueNAS:
+        icon: truenas.svg
+        href: "{{HOMEPAGE_VAR_TRUENAS_URL}}"
+        description: scale
+        widget:
+            type: truenas
+            url: "{{HOMEPAGE_VAR_TRUENAS_URL}}"
+            key: "{{HOMEPAGE_VAR_TRUENAS_API_KEY}}"
+    - MinIO:
+        icon: minio.svg
+        href: "{{HOMEPAGE_VAR_MINIO_URL}}"
+        description: object storage
+- Media:
+    - Plex:
+        icon: plex.svg
+        href: "{{HOMEPAGE_VAR_PLEX_URL}}"
+        description: media server
+        widget:
+            type: plex
+            url: "{{HOMEPAGE_VAR_PLEX_URL}}"
+            key: "{{HOMEPAGE_VAR_PLEX_API_TOKEN}}"
+    - Tautulli:
+        icon: tautulli.svg
+        href: "{{HOMEPAGE_VAR_TAUTULLI_URL}}"
+        description: plex stats
+        widget:
+            type: tautulli
+            url: "{{HOMEPAGE_VAR_TAUTULLI_URL}}"
+            key: "{{HOMEPAGE_VAR_TAUTULLI_API_KEY}}"
+    - HDHomerun:
+        icon: hdhomerun.png
+        href: "{{HOMEPAGE_VAR_HDHOMERUN_URL}}"
+        description: flex 4k
+        widget:
+            type: hdhomerun
+            url: "{{HOMEPAGE_VAR_HDHOMERUN_URL}}"
+- Remote Access:
+    - PiKVM:
+        icon: https://avatars.githubusercontent.com/u/41749659?s=200&v=4
+        href: "{{HOMEPAGE_VAR_PIKVM_URL}}"
+        description: remote kvm
+    - IPMI:
+        icon: https://upload.wikimedia.org/wikipedia/commons/1/1d/Super_Micro_Computer_Logo.svg
+        href: "{{HOMEPAGE_VAR_IPMI_1_URL}}"
+        description: storinator
+    - IPMI:
+        icon: https://upload.wikimedia.org/wikipedia/commons/1/1d/Super_Micro_Computer_Logo.svg
+        href: "{{HOMEPAGE_VAR_IPMI_2_URL}}"
+        description: hl15
+    - Netboot:
+        icon: https://netboot.xyz/img/nbxyz-laptop.gif
+        href: "{{HOMEPAGE_VAR_NETBOOT_URL}}"
+        description: network boot utility
+    - Tripp Lite:
+        icon: https://upload.wikimedia.org/wikipedia/commons/f/f9/Tripp_Lite_logo.svg
+        href: "{{HOMEPAGE_VAR_UPS_1_URL}}"
+        description: 1500
+    - Eaton:
+        icon: https://cdn11.bigcommerce.com/s-fg272t4iw0/images/stencil/1280x1280/products/2549/2802/C-12556__63907.1557814942.jpg?c=2
+        href: "{{HOMEPAGE_VAR_UPS_2_URL}}"
+        description: 5p
+- Home Automation:
+    - Home Assistant:
+        icon: home-assistant.svg
+        href: "{{HOMEPAGE_VAR_HOME_ASSISTANT_URL}}"
+        description: home
+        widget:
+            type: homeassistant
+            url: "{{HOMEPAGE_VAR_HOME_ASSISTANT_URL}}"
+            key: "{{HOMEPAGE_VAR_HOME_ASSISTANT_API_KEY}}"
+    - UniFi:
+        icon: https://play-lh.googleusercontent.com/DmgQvSdocOrGr0D0rxSBE9sqh23Fw3ck3BgKRN788cZnOKgcZlcEAFRYwmUbp6vMTVI
+        href: "{{HOMEPAGE_VAR_UNIFI_PROTECT_URL}}"
+        description: protect
+    - Scryped:
+        icon: https://www.scrypted.app/images/web_hi_res_512.png
+        href: "{{HOMEPAGE_VAR_SCRYPTED_URL}}"
+        description: mgmt console
+    - Broadlink Control:
+        icon: https://nwzimg.wezhan.net/contents/sitefiles3606/18030899/images/5430245.png
+        href: "{{HOMEPAGE_VAR_BROADLINK_CONTROL_URL}}"
+        description: light control
+- Other:
+    - GitLab:
+        icon: gitlab.svg
+        href: https://gitlab.com
+        description: source code
+    - GitHub:
+        icon: github.svg
+        href: https://github.com
+        description: source code
+    - Shlink:
+        icon: https://shlink.io/images/shlink-logo-blue.svg
+        href: "{{HOMEPAGE_VAR_SHLINK_URL}}"
+        description: dashboard
+
+

config/settings.yaml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+54
+55
+
---
+# For configuration options and examples, please see:
+# https://gethomepage.dev/latest/configs/settings
+
+title: Techno Tim Homepage
+
+background:
+  image: https://cdnb.artstation.com/p/assets/images/images/006/897/659/large/mikael-gustafsson-wallpaper-mikael-gustafsson.jpg
+  blur: sm # sm, md, xl... see https://tailwindcss.com/docs/backdrop-blur
+  saturate: 100 # 0, 50, 100... see https://tailwindcss.com/docs/backdrop-saturate
+  brightness: 50 # 0, 50, 75... see https://tailwindcss.com/docs/backdrop-brightness
+  opacity: 100 # 0-100
+
+theme: dark
+color: slate
+
+useEqualHeights: true
+
+layout:
+  Hypervisor:
+    header: true
+    style: row
+    columns: 4
+  Containers:
+    header: true
+    style: row
+    columns: 4
+  DNS:
+    header: true
+    style: row
+    columns: 4
+  Network:
+    header: true
+    style: row
+    columns: 4
+  Remote Access:
+    header: true
+    style: row
+    columns: 4
+  Storage:
+    header: true
+    style: row
+    columns: 4
+  Media:
+    header: true
+    style: row
+    columns: 4
+  Home Automation:
+    header: true
+    style: row
+    columns: 4
+  Other:
+    header: true
+    style: row
+    columns: 4
+

config/widgets.yaml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+
---
+# For configuration options and examples, please see:
+# https://gethomepage.dev/latest/configs/service-widgets
+
+- resources:
+    cpu: true
+    memory: true
+    disk: /
+
+- datetime:
+    text_size: xl
+    format:
+      timeStyle: short
+

.env

Note: These variables will be replace in the configuration above. You will need to supply your own values here in your file.

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+54
+55
+56
+57
+58
+59
+60
+61
+62
+63
+
PUID=1000
+PGID=1000
+
+HOMEPAGE_VAR_PIHOLE_API_KEY_1=
+HOMEPAGE_VAR_PIHOLE_API_KEY_2=
+HOMEPAGE_VAR_PIHOLE_API_KEY_3=
+
+HOMEPAGE_VAR_PIHOLE_URL_1=
+HOMEPAGE_VAR_PIHOLE_URL_2=
+HOMEPAGE_VAR_PIHOLE_URL_3=
+
+HOMEPAGE_VAR_PLEX_URL=
+HOMEPAGE_VAR_PLEX_API_TOKEN=
+
+HOMEPAGE_VAR_TAUTULLI_URL=
+HOMEPAGE_VAR_TAUTULLI_API_KEY=
+
+HOMEPAGE_VAR_HDHOMERUN_URL=
+
+HOMEPAGE_VAR_HOME_ASSISTANT_URL=
+HOMEPAGE_VAR_HOME_ASSISTANT_API_KEY=
+
+HOMEPAGE_VAR_TRUENAS_URL=
+HOMEPAGE_VAR_TRUENAS_API_KEY=
+
+HOMEPAGE_VAR_UNIFI_NETWORK_URL=
+HOMEPAGE_VAR_UNIFI_NETWORK_USERNAME=
+HOMEPAGE_VAR_UNIFI_NETWORK_PASSWORD=
+
+HOMEPAGE_VAR_UNIFI_PROTECT_URL=
+
+HOMEPAGE_VAR_UPTIME_KUMA_URL=
+
+HOMEPAGE_VAR_MINIO_URL=
+
+HOMEPAGE_VAR_RACNHER_URL=
+
+HOMEPAGE_VAR_LONGHORN_URL=
+
+HOMEPAGE_VAR_PORTAINER_URL=
+HOMEPAGE_VAR_PORTAINER_API_KEY=
+
+HOMEPAGE_VAR_PROXMOX_URL=
+HOMEPAGE_VAR_PROXMOX_USER=
+HOMEPAGE_VAR_PROXMOX_API_KEY=
+
+HOMEPAGE_VAR_UPTIME_ROBOT_API_KEY=
+
+HOMEPAGE_VAR_SCRYPTED_URL=
+
+HOMEPAGE_VAR_PIKVM_URL=
+
+HOMEPAGE_VAR_NETBOOT_URL=
+
+HOMEPAGE_VAR_BROADLINK_CONTROL_URL=
+
+HOMEPAGE_VAR_IPMI_1_URL=
+HOMEPAGE_VAR_IPMI_2_URL=
+
+HOMEPAGE_VAR_UPS_1_URL=
+HOMEPAGE_VAR_UPS_2_URL=
+
+HOMEPAGE_VAR_SHLINK_URL=
+

Kubernetes Config

Here’s my Kubernetes config!

deployment.yaml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+54
+55
+56
+57
+58
+59
+60
+61
+62
+63
+64
+65
+66
+67
+68
+69
+70
+71
+72
+73
+74
+75
+76
+77
+78
+79
+80
+81
+82
+83
+84
+85
+86
+87
+88
+89
+90
+91
+92
+93
+94
+95
+96
+97
+
---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: homepage
+  namespace: default
+  labels:
+    app: homepage
+  annotations:
+    reloader.stakater.com/auto: "true"
+spec:
+  selector:
+    matchLabels:
+      app: homepage
+  replicas: 3
+  progressDeadlineSeconds: 600
+  revisionHistoryLimit: 1
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxUnavailable: 25%
+      maxSurge: 1
+  template:
+    metadata:
+      labels:
+        app: homepage
+      annotations:
+        deploy-date: "deploy-date-value"
+    spec:
+      containers:
+        - name: homepage
+          image: ghcr.io/gethomepage/homepage:v0.8.4
+          resources:
+            requests:
+              memory: 128Mi
+              cpu: 200m
+          envFrom:
+            - secretRef:
+              name: homepage-secret
+          ports:
+            - containerPort: 3000
+              name: http
+          readinessProbe:
+            httpGet:
+              path: /
+              port: http
+            initialDelaySeconds: 60
+            periodSeconds: 10
+            failureThreshold: 5
+            timeoutSeconds: 5
+          livenessProbe:
+            httpGet:
+              path: /
+              port: http
+            initialDelaySeconds: 10
+            periodSeconds: 10
+            timeoutSeconds: 5
+          volumeMounts:
+            - mountPath: /app/config/custom.js
+              name: homepage-config
+              subPath: custom.js
+            - mountPath: /app/config/custom.css
+              name: homepage-config
+              subPath: custom.css
+            - mountPath: /app/config/bookmarks.yaml
+              name: homepage-config
+              subPath: bookmarks.yaml
+            - mountPath: /app/config/docker.yaml
+              name: homepage-config
+              subPath: docker.yaml
+            - mountPath: /app/config/kubernetes.yaml
+              name: homepage-config
+              subPath: kubernetes.yaml
+            - mountPath: /app/config/services.yaml
+              name: homepage-config
+              subPath: services.yaml
+            - mountPath: /app/config/settings.yaml
+              name: homepage-config
+              subPath: settings.yaml
+            - mountPath: /app/config/widgets.yaml
+              name: homepage-config
+              subPath: widgets.yaml
+            - mountPath: /app/config/logs
+              name: logs
+      volumes:
+        - name: homepage-config
+          configMap:
+            name: homepage
+        - name: logs
+          emptyDir: {}
+      topologySpreadConstraints:
+        - maxSkew: 1
+          topologyKey: topology.kubernetes.io/zone
+          whenUnsatisfiable: DoNotSchedule
+          labelSelector:
+            matchLabels:
+              app: homepage
+

config.yaml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+54
+55
+56
+57
+58
+59
+60
+61
+62
+63
+64
+65
+66
+67
+68
+69
+70
+71
+72
+73
+74
+75
+76
+77
+78
+79
+80
+81
+82
+83
+84
+85
+86
+87
+88
+89
+90
+91
+92
+93
+94
+95
+96
+97
+98
+99
+100
+101
+102
+103
+104
+105
+106
+107
+108
+109
+110
+111
+112
+113
+114
+115
+116
+117
+118
+119
+120
+121
+122
+123
+124
+125
+126
+127
+128
+129
+130
+131
+132
+133
+134
+135
+136
+137
+138
+139
+140
+141
+142
+143
+144
+145
+146
+147
+148
+149
+150
+151
+152
+153
+154
+155
+156
+157
+158
+159
+160
+161
+162
+163
+164
+165
+166
+167
+168
+169
+170
+171
+172
+173
+174
+175
+176
+177
+178
+179
+180
+181
+182
+183
+184
+185
+186
+187
+188
+189
+190
+191
+192
+193
+194
+195
+196
+197
+198
+199
+200
+201
+202
+203
+204
+205
+206
+207
+208
+209
+210
+211
+212
+213
+214
+215
+216
+217
+218
+219
+220
+221
+222
+223
+224
+225
+226
+227
+228
+229
+230
+231
+232
+233
+234
+235
+236
+237
+238
+239
+240
+241
+242
+243
+244
+245
+246
+247
+248
+249
+250
+251
+252
+253
+254
+255
+256
+257
+258
+259
+260
+261
+262
+263
+264
+265
+266
+267
+268
+269
+270
+271
+272
+273
+274
+275
+276
+277
+278
+279
+280
+281
+282
+283
+
apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: homepage
+  namespace: default
+  labels:
+    app: homepage
+data:
+  kubernetes.yaml: |
+    mode: cluster
+  settings.yaml: |
+    title: Techno Tim Homepage
+
+    background:
+      image: https://cdnb.artstation.com/p/assets/images/images/006/897/659/large/mikael-gustafsson-wallpaper-mikael-gustafsson.jpg
+      blur: sm # sm, md, xl... see https://tailwindcss.com/docs/backdrop-blur
+      saturate: 100 # 0, 50, 100... see https://tailwindcss.com/docs/backdrop-saturate
+      brightness: 50 # 0, 50, 75... see https://tailwindcss.com/docs/backdrop-brightness
+      opacity: 100 # 0-100
+
+    theme: dark
+    color: slate
+
+    useEqualHeights: true
+
+    layout:
+      Hypervisor:
+        header: true
+        style: row
+        columns: 4
+      Containers:
+        header: true
+        style: row
+        columns: 4
+      DNS:
+        header: true
+        style: row
+        columns: 4
+      Network:
+        header: true
+        style: row
+        columns: 4
+      Remote Access:
+        header: true
+        style: row
+        columns: 4
+      Storage:
+        header: true
+        style: row
+        columns: 4
+      Media:
+        header: true
+        style: row
+        columns: 4
+      Home Automation:
+        header: true
+        style: row
+        columns: 4
+      Other:
+        header: true
+        style: row
+        columns: 4
+  custom.css: ""
+  custom.js: ""
+  bookmarks.yaml: ""
+  services.yaml: |
+    - Hypervisor:
+        - Proxmox:
+            icon: proxmox.svg
+            href: "{{HOMEPAGE_VAR_PROXMOX_URL}}"
+            description: pve1
+            widget:
+                type: proxmox
+                url: "{{HOMEPAGE_VAR_PROXMOX_URL}}"
+                username: "{{HOMEPAGE_VAR_PROXMOX_USER}}"
+                password: "{{HOMEPAGE_VAR_PROXMOX_API_KEY}}"
+                node: xing-01
+        - Proxmox:
+            icon: proxmox.svg
+            href: "{{HOMEPAGE_VAR_PROXMOX_URL}}"
+            description: pve2
+            widget:
+                type: proxmox
+                url: "{{HOMEPAGE_VAR_PROXMOX_URL}}"
+                username: "{{HOMEPAGE_VAR_PROXMOX_USER}}"
+                password: "{{HOMEPAGE_VAR_PROXMOX_API_KEY}}"
+                node: xing-02
+        - Proxmox:
+            icon: proxmox.svg
+            href: "{{HOMEPAGE_VAR_PROXMOX_URL}}"
+            description: pve2
+            widget:
+                type: proxmox
+                url: "{{HOMEPAGE_VAR_PROXMOX_URL}}"
+                username: "{{HOMEPAGE_VAR_PROXMOX_USER}}"
+                password: "{{HOMEPAGE_VAR_PROXMOX_API_KEY}}"
+                node: xing-03
+        - Proxmox:
+            icon: proxmox.svg
+            href: "{{HOMEPAGE_VAR_PROXMOX_URL}}"
+            description: pve4
+            widget:
+                type: proxmox
+                url: "{{HOMEPAGE_VAR_PROXMOX_URL}}"
+                username: "{{HOMEPAGE_VAR_PROXMOX_USER}}"
+                password: "{{HOMEPAGE_VAR_PROXMOX_API_KEY}}"
+                node: storinator
+    - Containers:
+        - Rancher:
+            icon: rancher.svg
+            href: "{{HOMEPAGE_VAR_RACNHER_URL}}"
+            description: k8s
+        - Longhorn:
+            icon: longhorn.svg
+            href: "{{HOMEPAGE_VAR_LONGHORN_URL}}"
+            description: k8s storage
+        - Portainer:
+            icon: portainer.svg
+            href: "{{HOMEPAGE_VAR_PORTAINER_URL}}"
+            description: docker
+            widget:
+                type: portainer
+                url: "{{HOMEPAGE_VAR_PORTAINER_URL}}"
+                env: 2
+                key: "{{HOMEPAGE_VAR_PORTAINER_API_KEY}}"
+    - DNS:
+        - Pi-Hole1:
+            icon: pi-hole.svg
+            href: "{{HOMEPAGE_VAR_PIHOLE_URL_1}}"
+            description: quasar
+            widget:
+                type: pihole
+                url: "{{HOMEPAGE_VAR_PIHOLE_URL_1}}"
+                key: "{{HOMEPAGE_VAR_PIHOLE_API_KEY_1}}"
+        - Pi-Hole2:
+            icon: pi-hole.svg
+            href: "{{HOMEPAGE_VAR_PIHOLE_URL_2}}"
+            description: blazar
+            widget:
+                type: pihole
+                url: "{{HOMEPAGE_VAR_PIHOLE_URL_2}}"
+                key: "{{HOMEPAGE_VAR_PIHOLE_API_KEY_2}}"
+        - Pi-Hole3:
+            icon: pi-hole.svg
+            href: "{{HOMEPAGE_VAR_PIHOLE_URL_3}}"
+            description: electron
+            widget:
+                type: pihole
+                url: "{{HOMEPAGE_VAR_PIHOLE_URL_3}}"
+                key: "{{HOMEPAGE_VAR_PIHOLE_API_KEY_3}}"
+    - Network:
+        - UniFi:
+            icon: unifi.svg
+            href: "{{HOMEPAGE_VAR_UNIFI_NETWORK_URL}}"
+            description: network
+            widget:
+                type: unifi
+                url: "{{HOMEPAGE_VAR_UNIFI_NETWORK_URL}}"
+                username: "{{HOMEPAGE_VAR_UNIFI_NETWORK_USERNAME}}"
+                password: "{{HOMEPAGE_VAR_UNIFI_NETWORK_PASSWORD}}"
+        - Uptime Kuma:
+            icon: uptime-kuma.svg
+            href: "{{HOMEPAGE_VAR_UPTIME_KUMA_URL}}"
+            description: internal
+            widget:
+                type: uptimekuma
+                url: "{{HOMEPAGE_VAR_UPTIME_KUMA_URL}}"
+                slug: home
+        - Uptime Robot:
+            icon: https://play-lh.googleusercontent.com/cUrv0t00FYQ1GKLuOTvv8qjo1lSDjqZC16IOp3Fb6ijew6Br5m4o16HhDp0GBu_Bw8Y=w240-h480-rw
+            href: https://uptimerobot.com/dashboard
+            description: external
+            widget:
+                type: uptimerobot
+                url: https://api.uptimerobot.com
+                key: "{{HOMEPAGE_VAR_UPTIME_ROBOT_API_KEY}}"
+    - Storage:
+        - TrueNAS:
+            icon: truenas.svg
+            href: "{{HOMEPAGE_VAR_TRUENAS_URL}}"
+            description: scale
+            widget:
+                type: truenas
+                url: "{{HOMEPAGE_VAR_TRUENAS_URL}}"
+                key: "{{HOMEPAGE_VAR_TRUENAS_API_KEY}}"
+        - MinIO:
+            icon: minio.svg
+            href: "{{HOMEPAGE_VAR_MINIO_URL}}"
+            description: object storage
+    - Media:
+        - Plex:
+            icon: plex.svg
+            href: "{{HOMEPAGE_VAR_PLEX_URL}}"
+            description: media server
+            widget:
+                type: plex
+                url: "{{HOMEPAGE_VAR_PLEX_URL}}"
+                key: "{{HOMEPAGE_VAR_PLEX_API_TOKEN}}"
+        - Tautulla:
+            icon: tautulli.svg
+            href: "{{HOMEPAGE_VAR_TAUTULLI_URL}}"
+            description: plex stats
+            widget:
+                type: tautulli
+                url: "{{HOMEPAGE_VAR_TAUTULLI_URL}}"
+                key: "{{HOMEPAGE_VAR_TAUTULLI_API_KEY}}"
+        - HDHomerun:
+            icon: hdhomerun.png
+            href: "{{HOMEPAGE_VAR_HDHOMERUN_URL}}"
+            description: flex 4k
+            widget:
+                type: hdhomerun
+                url: "{{HOMEPAGE_VAR_HDHOMERUN_URL}}"
+    - Remote Access:
+        - PiKVM:
+            icon: https://avatars.githubusercontent.com/u/41749659?s=200&v=4
+            href: "{{HOMEPAGE_VAR_PIKVM_URL}}"
+            description: remote kvm
+        - IPMI:
+            icon: https://upload.wikimedia.org/wikipedia/commons/1/1d/Super_Micro_Computer_Logo.svg
+            href: "{{HOMEPAGE_VAR_IPMI_1_URL}}"
+            description: storinator
+        - IPMI:
+            icon: https://upload.wikimedia.org/wikipedia/commons/1/1d/Super_Micro_Computer_Logo.svg
+            href: "{{HOMEPAGE_VAR_IPMI_2_URL}}"
+            description: hl15
+        - Netboot:
+            icon: https://netboot.xyz/img/nbxyz-laptop.gif
+            href: "{{HOMEPAGE_VAR_NETBOOT_URL}}"
+            description: network boot utility
+        - Tripp Lite:
+            icon: https://upload.wikimedia.org/wikipedia/commons/f/f9/Tripp_Lite_logo.svg
+            href: "{{HOMEPAGE_VAR_UPS_1_URL}}"
+            description: 1500
+        - Eaton:
+            icon: https://cdn11.bigcommerce.com/s-fg272t4iw0/images/stencil/1280x1280/products/2549/2802/C-12556__63907.1557814942.jpg?c=2
+            href: "{{HOMEPAGE_VAR_UPS_2_URL}}"
+            description: 5p
+    - Home Automation:
+        - Home Assistant:
+            icon: home-assistant.svg
+            href: "{{HOMEPAGE_VAR_HOME_ASSISTANT_URL}}"
+            description: home
+            widget:
+                type: homeassistant
+                url: "{{HOMEPAGE_VAR_HOME_ASSISTANT_URL}}"
+                key: "{{HOMEPAGE_VAR_HOME_ASSISTANT_API_KEY}}"
+        - UniFi:
+            icon: https://play-lh.googleusercontent.com/DmgQvSdocOrGr0D0rxSBE9sqh23Fw3ck3BgKRN788cZnOKgcZlcEAFRYwmUbp6vMTVI
+            href: "{{HOMEPAGE_VAR_UNIFI_PROTECT_URL}}"
+            description: protect
+        - Scryped:
+            icon: https://www.scrypted.app/images/web_hi_res_512.png
+            href: "{{HOMEPAGE_VAR_SCRYPTED_URL}}"
+            description: mgmt console
+        - Broadlink Control:
+            icon: https://nwzimg.wezhan.net/contents/sitefiles3606/18030899/images/5430245.png
+            href: "{{HOMEPAGE_VAR_BROADLINK_CONTROL_URL}}"
+            description: light control
+    - Other:
+        - GitLab:
+            icon: gitlab.svg
+            href: https://gitlab.com
+            description: source code
+        - GitHub:
+            icon: github.svg
+            href: https://github.com
+            description: source code
+        - Shlink:
+            icon: https://shlink.io/images/shlink-logo-blue.svg
+            href: "{{HOMEPAGE_VAR_SHLINK_URL}}"
+            description: dashboard
+  widgets.yaml: |
+    - resources:
+        cpu: true
+        memory: true
+        disk: /
+
+    - datetime:
+        text_size: xl
+        format:
+          timeStyle: short
+  docker.yaml: ""
+

secret.yaml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+
kind: Secret
+apiVersion: v1
+type: Opaque
+metadata:
+    name: homepage-secret
+    namespace: default
+stringData:
+    HOMEPAGE_VAR_PIHOLE_API_KEY_1: ""
+    HOMEPAGE_VAR_PIHOLE_API_KEY_2: ""
+    HOMEPAGE_VAR_PIHOLE_API_KEY_3: ""
+    HOMEPAGE_VAR_PIHOLE_URL_1: ""
+    HOMEPAGE_VAR_PIHOLE_URL_2: ""
+    HOMEPAGE_VAR_PIHOLE_URL_3: ""
+    HOMEPAGE_VAR_PLEX_url: ""
+    HOMEPAGE_VAR_PLEX_API_TOKEN: ""
+    HOMEPAGE_VAR_TAUTULLI_url: ""
+    HOMEPAGE_VAR_TAUTULLI_API_key: ""
+    HOMEPAGE_VAR_HDHOMERUN_url: ""
+    HOMEPAGE_VAR_HOME_ASSISTANT_url: ""
+    HOMEPAGE_VAR_HOME_ASSISTANT_API_key: ""
+    HOMEPAGE_VAR_TRUENAS_url: ""
+    HOMEPAGE_VAR_TRUENAS_API_key: ""
+    HOMEPAGE_VAR_UNIFI_NETWORK_url: ""
+    HOMEPAGE_VAR_UNIFI_NETWORK_username: ""
+    HOMEPAGE_VAR_UNIFI_NETWORK_password: ""
+    HOMEPAGE_VAR_UNIFI_PROTECT_url: ""
+    HOMEPAGE_VAR_UPTIME_KUMA_url: ""
+    HOMEPAGE_VAR_MINIO_url: ""
+    HOMEPAGE_VAR_RACNHER_url: ""
+    HOMEPAGE_VAR_LONGHORN_url: ""
+    HOMEPAGE_VAR_PORTAINER_url: ""
+    HOMEPAGE_VAR_PORTAINER_API_key: ""
+    HOMEPAGE_VAR_PROXMOX_url: ""
+    HOMEPAGE_VAR_PROXMOX_USER: ""
+    HOMEPAGE_VAR_PROXMOX_API_key: ""
+    HOMEPAGE_VAR_UPTIME_ROBOT_API_key: ""
+    HOMEPAGE_VAR_SCRYPTED_url: ""
+    HOMEPAGE_VAR_PIKVM_url: ""
+    HOMEPAGE_VAR_NETBOOT_url: ""
+    HOMEPAGE_VAR_BROADLINK_CONTROL_url: ""
+    HOMEPAGE_VAR_IPMI_1_url: ""
+    HOMEPAGE_VAR_IPMI_2_url: ""
+    HOMEPAGE_VAR_UPS_1_url: ""
+    HOMEPAGE_VAR_UPS_2_url: ""
+    HOMEPAGE_VAR_SHLINK_url: ""
+

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/host-rancher-securely/index.html b/posts/host-rancher-securely/index.html new file mode 100644 index 0000000000..635e33da06 --- /dev/null +++ b/posts/host-rancher-securely/index.html @@ -0,0 +1 @@ + SSL, Traefik, and OAuth for Rancher! (Google, GitHub, Keycloak, Azure, and more!) | Techno Tim
Post

SSL, Traefik, and OAuth for Rancher! (Google, GitHub, Keycloak, Azure, and more!)

Do you want to self host your Rancher UI securely in your homelab? Have you thought about putting your Rancher UI behind Traefik and your reverse proxy to get free SSL certificates using Let’s Encrypt? Do you want to make your Rancher UI available publicly and secure it using 3rd party OAuth providers like Google, GitHub, Keycloak, Okta, Shibboleth, and more? Well this is the guide for you.In this step-by-step tutorial we’ll walk through setting up the Rancher UI to use Traefik reverse proxy, get SSL certificates using Let’s Encrypt, host our UI publicly, and then add 3rd party OAuth providers so that we can use 2 factor authentication (2FA) and all of the other security features auth providers give us.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/how-i-create-my-content/index.html b/posts/how-i-create-my-content/index.html new file mode 100644 index 0000000000..511465c7ed --- /dev/null +++ b/posts/how-i-create-my-content/index.html @@ -0,0 +1 @@ + All the Secrets to Creating My Tech YouTube Channel | Techno Tim
Post

All the Secrets to Creating My Tech YouTube Channel

People have asked how I’ve been able to create and grow a Tech YouTube channel and what my process is when planning, filming, editing, and producing content.Today we talk about just that.All my secrets unveiled as we celebrate 50,000 subscribers in this behind the scenes look.Thank you so much!

📺 Watch Video

See all the hardware I recommend at https://l.technotim.live/gear

Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files.

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/index.html b/posts/index.html new file mode 100644 index 0000000000..6b53e2e73b --- /dev/null +++ b/posts/index.html @@ -0,0 +1 @@ + | Techno Tim
Redirect
"/posts/", "to"=>"https://technotim.live/404.html"}" />"/posts/", "to"=>"https://technotim.live/404.html"}" /> Page Redirection If you are not redirected automatically, follow this link.
diff --git a/posts/install-age/index.html b/posts/install-age/index.html new file mode 100644 index 0000000000..df3624e872 --- /dev/null +++ b/posts/install-age/index.html @@ -0,0 +1,27 @@ + Installing Age Encryption Tool | Techno Tim
Post

Installing Age Encryption Tool

What is Age?

age is a simple, modern and secure file encryption tool, format, and Go library. It features small explicit keys, no config options, and UNIX-style composability.It is commonly used in tandem with Mozilla SOPS.It’s open source and you can read more about it on the GitHub repo. Looking for a tutorial on how use this? Checkout this video on how to use SOPS and Age for your Git Repos!

Install

We want to get the latest release of age so we need to look at their github repo for the latest version.

1
+2
+
AGE_LATEST_VERSION=$(curl -s "https://api.github.com/repos/FiloSottile/age/releases/latest" | grep -Po '"tag_name": "v\K[0-9.]+')
+
+

Then we’ll use curl to download the latest .tar.gz

1
+2
+
curl -Lo age.tar.gz "https://github.com/FiloSottile/age/releases/latest/download/age-v${AGE_LATEST_VERSION}-linux-amd64.tar.gz"
+
+

Then we’ll want to extract age.tar.gz

1
+
tar xf age.tar.gz
+

Then we’ll move both binaries (age and age-keygen) to /usr/local/bin so we can use them

1
+2
+
sudo mv age/age /usr/local/bin
+sudo mv age/age-keygen /usr/local/bin
+

Then we’ll clean up our downloads and extractions

1
+2
+
rm -rf age.tar.gz
+rm -rf age
+

Then we can test to make sure age and age-keygen are working by running

1
+
age -version
+
1
+
age-keygen -version
+

Uninstall

To uninstall, it’s as simple as removing the binaries

1
+2
+
sudo rm -rf /usr/local/bin/age
+sudo rm -rf /usr/local/bin/age-keygen
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/install-mozilla-sops/index.html b/posts/install-mozilla-sops/index.html new file mode 100644 index 0000000000..28e37e5820 --- /dev/null +++ b/posts/install-mozilla-sops/index.html @@ -0,0 +1,15 @@ + Installing Mozilla SOPS Encryption Tool | Techno Tim
Post

Installing Mozilla SOPS Encryption Tool

What is Mozilla SOPS?

SOPS is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP.It’s open source and you can read more about it on the GitHub repo.Looking for a tutorial on how use this? Check out this video on how to use SOPS and Age for your Git Repos!

Install

We want to get the latest release of SOPS so we need to look at their github repo for the latest version.

1
+
SOPS_LATEST_VERSION=$(curl -s "https://api.github.com/repos/getsops/sops/releases/latest" | grep -Po '"tag_name": "v\K[0-9.]+')
+

Then we’ll use curl to download the latest .deb

1
+2
+
curl -Lo sops.deb "https://github.com/getsops/sops/releases/download/v${SOPS_LATEST_VERSION}/sops_${SOPS_LATEST_VERSION}_amd64.deb"
+
+

Then we’ll want to install sops.deb along with any missing dependencies

1
+
sudo apt --fix-broken install ./sops.deb
+

Then we’ll clean up our download

1
+
rm -rf sops.deb
+

Then we can test to make sure sops is working by running:

1
+
sops -version
+

Uninstall

To uninstall, it’s as simple as using apt to remove it

1
+
sudo apt remove sops
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/iscsi-truenas/index.html b/posts/iscsi-truenas/index.html new file mode 100644 index 0000000000..5267351d72 --- /dev/null +++ b/posts/iscsi-truenas/index.html @@ -0,0 +1 @@ + How To Create an iSCSI Target with TrueNAS | Techno Tim
Post

How To Create an iSCSI Target with TrueNAS

Setting up iSCSI with TrueNAS and Windows 10 is super simple with TrueNAS.This is an easy way to have a hard drive installed on your machine that isn’t really attached, it lives on the network.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/jekyll-docs-site/index.html b/posts/jekyll-docs-site/index.html new file mode 100644 index 0000000000..e7836c162c --- /dev/null +++ b/posts/jekyll-docs-site/index.html @@ -0,0 +1,56 @@ + Meet Jekyll - The Static Site Generator | Techno Tim
Post

Meet Jekyll - The Static Site Generator

Jekyll is a static site generator that transforms your plain text into beautiful static web sites and blogs.It can be use for a documentation site, a blog, an event site, or really any web site you like. It’s fast, secure, easy, and open source.It’s also the same site generator I use to maintain my open source documentation.Today, we’ll be installing and configuring Jekyll using the Chirpy theme.We configure the site, create some pages with markdown, automatically build it with a GitHub action and even host it for FREE on GitHub pages.If you don’t want to host in the cloud, I show how to host it on your own server or even in Docker.

A HUGE THANK YOU to Micro Center for Sponsoring this video!

New Customers Exclusive – Get a Free 256 GB SSD at Micro Center

Browse Micro Center’s 30,000 products in stock

Be sure to ⭐ the jekyll repo and the Chrirpy theme repo

📺 Watch Video

Terminal Setup

If you need help setting up your terminal on Windows, check out these two posts which will help you configure your terminal with WSL like mine

Install Dependencies

1
+2
+
sudo apt update
+sudo apt install ruby-full build-essential zlib1g-dev git
+

To avoid installing RubyGems packages as the root user:

If you are using bash (usually the default for most)

1
+2
+3
+4
+
echo '# Install Ruby Gems to ~/gems' >> ~/.bashrc
+echo 'export GEM_HOME="$HOME/gems"' >> ~/.bashrc
+echo 'export PATH="$HOME/gems/bin:$PATH"' >> ~/.bashrc
+source ~/.bashrc
+

If you are using zsh (you know if you are)

1
+2
+3
+4
+
echo '# Install Ruby Gems to ~/gems' >> ~/.zshrc
+echo 'export GEM_HOME="$HOME/gems"' >> ~/.zshrc
+echo 'export PATH="$HOME/gems/bin:$PATH"' >> ~/.zshrc
+source ~/.zshrc
+

Install Jekyll bundler

1
+2
+
gem install jekyll bundler
+
+

Creating a site based on Chirpy Starter

Visit https://github.com/cotes2020/jekyll-theme-chirpy#quick-start

After creating a site based on the template, clone your repo

1
+
git clone git@<YOUR-USER-NAME>/<YOUR-REPO-NAME>.git
+

then install your dependencies

1
+2
+
cd repo-name
+bundle
+

After making changes to your site, commit and push then up to git

1
+2
+3
+
git add .
+git commit -m "made some changes"
+git push
+

Jekyll Commands

serving your site

1
+
bundle exec jekyll s
+

Building your site in production mode

1
+
JEKYLL_ENV=production bundle exec jekyll b
+

This will output the production site to _site

Building Site in CI

This site already works with GitHub actions, just push it up and check the actions Tab.,

For GitLab you can see the pipeline I built for my own docs site here

Building with Docker

Create a Dockerfile with the following

1
+2
+
FROM nginx:stable-alpine
+COPY _site /usr/share/nginx/html
+

Build site in production mode

1
+
JEKYLL_ENV=production bundle exec jekyll b
+

Then build your image:

docker build .

Creating a Post

Naming Conventions

Jekyll uses a naming convention for pages and posts

Create a file in _posts with the format

YEAR-MONTH-DAY-title.md
+

For example:

2022-05-23-homelab-docs.md
+2022-05-34-hardware-specs.md
+

Jekyll can delay posts which have the date/time set for a point in the future determined by the “front matter” section at the top of your post file. Check the date & time as well as time zone if you don’t see a post appear shortly after re-build.

Local Linking of Files

Image from asset:

1
+2
+
... which is shown in the screenshot below:
+![A screenshot](/assets/screenshot.webp)
+

Linking to a file

1
+
... you can [download the PDF](/assets/diagram.pdf) here.
+

See more post formatting rules on the Jekyll site

Markdown Examples

If you need some help with markdown, check out the markdown cheat sheet

I have lots of examples in my documentation site repo.Just click on the Raw button to see the code behind the page.

For more neat syntax for the Chirpy theme check their demo page on making posts https://chirpy.cotes.page/posts/write-a-new-post/

See reference repo for files

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/k3s-etcd-ansible/index.html b/posts/k3s-etcd-ansible/index.html new file mode 100644 index 0000000000..e2424a0c91 --- /dev/null +++ b/posts/k3s-etcd-ansible/index.html @@ -0,0 +1,79 @@ + Fully Automated K3S etcd High Availability Install | Techno Tim
Post

Fully Automated K3S etcd High Availability Install

Setting up k3s is hard.That’s why we made it easy.Today we’ll set up a High Availability K3s cluster using etcd, MetalLB, kube-vip, and Ansible.We’ll automate the entire process giving you an easy, repeatable way to create a k3s cluster that you can run in a few minutes.

A HUGE THANKS to our sponsor, Micro Center!

New Customers Exclusive – Get a Free 240gb SSD at Micro Center: https://micro.center/1043bc

📺 Watch Video

Prep

You’ll need to be sure you have Ansible installed on your machine and that it is at least 2.11+. If you don’t, you can use the install Ansible post on how to install and update it.

Second, you’ll need to provision the VMs. Here’s an easy way to create perfect Proxmox templates with cloud image and cloud init and a video if you need.

Next, you’ll need to fork and clone the repo.While you’re at it, give it a ⭐ too :).

1
+
git clone https://github.com/techno-tim/k3s-ansible
+

Next you’ll want to create a local copy of ansible.example.cfg.

1
+
cp ansible.example.cfg ansible.cfg
+

You’ll want to adapt this to suit your needs however the defaults should work without issue.If you’re looking for the old defaults, you can see them in this PR that remove the file.

Next you’ll need to install some requirements for ansible

1
+
ansible-galaxy install -r ./collections/requirements.yml
+

Next, you’ll want to cd into the repo and copy the sample directory within the inventory directory.

(Be sure you’re using the latest template)

1
+
cp -R inventory/sample inventory/my-cluster
+

Installing k3s

Next, edit the inventory/my-cluster/hosts.ini to match your systems.DNS works here too.

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+
[master]
+192.168.30.38
+192.168.30.39
+192.168.30.40
+
+[node]
+192.168.30.41
+192.168.30.42
+
+[k3s_cluster:children]
+master
+node
+

Edit inventory/my-cluster/group_vars/all.yml to your liking.See comments inline.

It’s best to start using these args, and optionally include traefik if you want it installed with k3s however I would recommend installing it later with helm

It’s best to start with the default values in the repo.

1
+2
+3
+4
+5
+6
+7
+8
+9
+
# change these to your liking, the only required are: --disable servicelb, --tls-san 
+extra_server_args: >-
+  
+  --node-taint node-role.kubernetes.io/master=true:NoSchedule
+  --tls-san 
+  --disable servicelb
+  --disable traefik
+extra_agent_args: >-
+  
+

I would not change these values unless you know what you are doing.It will most likely not work for you but listing for posterity.

Note: These are for an advanced use case. There isn’t a one size fits all setting for everyone and their needs, I would try using k3s with the above values before changing them.This could have undesired effects like nodes going offline, pods jumping or being removed, etc… Using these args might come at the cost of stability Also, these will not work anymore without some modifications

1
+2
+
extra_server_args: "--disable servicelb --disable traefik --write-kubeconfig-mode 644 --kube-apiserver-arg default-not-ready-toleration-seconds=30 --kube-apiserver-arg default-unreachable-toleration-seconds=30 --kube-controller-arg node-monitor-period=20s --kube-controller-arg node-monitor-grace-period=20s --kubelet-arg node-status-update-frequency=5s"
+extra_agent_args: "--kubelet-arg node-status-update-frequency=5s"
+

Start provisioning of the cluster using the following command:

1
+
ansible-playbook ./site.yml -i ./inventory/my-cluster/hosts.ini
+

Note: note: add –ask-pass –ask-become-pass if you are using password SSH login.

After deployment control plane will be accessible via virtual ip address which is defined in inventory/my-cluster/group_vars/all.yml as apiserver_endpoint

kube config

To get access to your Kubernetes cluster and copy your kube config locally run:

1
+
scp ansibleuser@192.168.30.38:~/.kube/config ~/.kube/config
+

Testing your cluster

Be sure you can ping your VIP defined in inventory/my-cluster/group_vars/all.yml as apiserver_endpoint

1
+
ping 192.168.30.222
+

Getting nodes

1
+
kubectl get nodes
+

Deploying a sample nginx workload

1
+
kubectl apply -f example/deployment.yml
+

Check to be sure it was deployed

1
+
kubectl describe deployment nginx
+

Deploying a sample nginx service with a LoadBalancer

1
+
kubectl apply -f example/service.yml
+

Check service and be sure it has an IP from metal lb as defined in inventory/my-cluster/group_vars/all.yml

1
+
kubectl describe service nginx
+

Visit that url or curl

1
+
curl http://192.168.30.80
+

You should see the nginx welcome page.

You can clean this up by running

1
+2
+
kubectl delete -f example/deployment.yml
+kubectl delete -f example/service.yml
+

Resetting your cluster

This will remove k3s from all nodes.These nodes should be rebooted afterwards.

1
+
ansible-playbook ./reset.yml -i ./inventory/my-cluster/hosts.ini
+

What’s next?

See here to get the steps for installing traefik + let’s encrypt

See here for steps to deploy rancher

Troubleshooting

Be sure to see this post on how to troubleshoot common problems

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/k3s-ha-install/index.html b/posts/k3s-ha-install/index.html new file mode 100644 index 0000000000..facf570d67 --- /dev/null +++ b/posts/k3s-ha-install/index.html @@ -0,0 +1,135 @@ + HIGH AVAILABILITY k3s (Kubernetes) in minutes! | Techno Tim
Post

HIGH AVAILABILITY k3s (Kubernetes) in minutes!

Are you running Kubernetes in your homelab or in the enterprise? Do you want an easy way to manage and create Kubernetes clusters? Do you want high availability Rancher? Join me as we walk through stalling Rancher on an existing high availability k3s cluster in this step-by-step tutorial.We install Rancher, configure a load balancer, install and configure helm, install cert-manager, configure Rancher, walk through the GUI, scale up our cluster, and set up a health check and liveness check! Join me, it’s easy in this straightforward guide.

📺 Watch Video

Load Balancer

Create a load balancer using nginx

nginx.conf

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+
#uncomment this next line if you are NOT running nginx in docker
+#load_module /usr/lib/nginx/modules/ngx_stream_module.so;
+
+events {}
+
+stream {
+  upstream k3s_servers {
+    server 192.168.60.20:6443;
+    server 192.168.60.21:6443;
+  }
+
+  server {
+    listen 6443;
+    proxy_pass k3s_servers;
+  }
+}
+

k3s servers

On your k3s servers

1
+
export K3S_DATASTORE_ENDPOINT='mysql://username:password@tcp(database_ip_or_hostname:port)/database'
+

Note: It’s advised you consult the Rancher Support Matrix to get the recommended version for all Rancher dependencies.

then

1
+
curl -sfL https://get.k3s.io | sh -s - server --node-taint CriticalAddonsOnly=true:NoExecute --tls-san load_balancer_ip_or_hostname
+

test with

1
+
sudo k3s kubectl get nodes
+

to add additional servers, get token from first server

1
+
sudo cat /var/lib/rancher/k3s/server/node-token
+

then run the same command but add the token (replace SECRET with token from previous command)

1
+
curl -sfL https://get.k3s.io | sh -s - server --token=SECRET --node-taint CriticalAddonsOnly=true:NoExecute --tls-san load_balancer_ip_or_hostname
+

on agents / workers

to run without sudo

1
+
sudo chmod 644 /etc/rancher/k3s/k3s.yaml` on the servers
+

get token

1
+
sudo cat /var/lib/rancher/k3s/server/node-token
+

k3s agents / workers

1
+
curl -sfL https://get.k3s.io | K3S_URL=https://load_balancer_ip_or_hostname:6443 K3S_TOKEN=mynodetoken sh -
+

other

To install kubectl see this link

kubeconfig location on server

/etc/rancher/k3s/k3s.yaml

1
+
sudo cat /etc/rancher/k3s/k3s.yaml
+

copy contents to your dev machine

~/.kube/config

Be sure to update the server: to your load balancer ip or hostname

kubernetes dashboard

check releases for the command to use. At time or filming it’s:

1
+
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.4/aio/deploy/recommended.yaml
+

Dashboard RBAC Configuration

dashboard.admin-user.yml

1
+2
+3
+4
+5
+
apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: admin-user
+  namespace: kubernetes-dashboard
+

dashboard.admin-user-role.yml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+
apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: admin-user
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cluster-admin
+subjects:
+- kind: ServiceAccount
+  name: admin-user
+  namespace: kubernetes-dashboard
+

Deploy the admin-user configuration:

(if you’re doing this from your dev machine, remove sudo k3s and just use kubectl)

1
+
sudo k3s kubectl create -f dashboard.admin-user.yml -f dashboard.admin-user-role.yml
+

get bearer token

1
+
sudo k3s kubectl -n kubernetes-dashboard create token admin-user
+

start dashboard locally

1
+
sudo k3s kubectl proxy
+

Then you can sign in at this URL using your token we got in the previous step:

http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/

here’s testdeploy.yml you can use

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+
apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: mysite
+  labels: 
+    app: mysite
+spec:
+  replicas: 1
+  selector: 
+    matchLabels:
+      app: mysite
+  template:
+    metadata:
+      labels: 
+        app : mysite
+    spec:
+      containers:
+        - name : mysite
+          image: nginx
+          ports:
+            - containerPort: 80
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/k3s-traefik-rancher/index.html b/posts/k3s-traefik-rancher/index.html new file mode 100644 index 0000000000..7b953bfd26 --- /dev/null +++ b/posts/k3s-traefik-rancher/index.html @@ -0,0 +1,51 @@ + Configuring Traefik 2 Ingress for Kubernetes | Techno Tim
Post

Configuring Traefik 2 Ingress for Kubernetes

This guide is for installing traefik 2 on k3s.If you’re not using rancher, that’s fine, just skip to Reconfiguring k3s

Note: There is an updated tutorial on installing traefik + cert-manager on Kubernetes here. However, if you want to store your certificates on disk, this tutorial here is perfectly fine.

It assumes you have followed:

There is a little bit of “undoing” we’ll have to do since k3s ships with traefik and Rancher doesn’t play well with service load balancer. So, we’ll pick up after instaling these two.

Reconfigure Rancher

Make note of your version of Rancher

Remove Rancher

1
+
helm uninstall rancher
+

Install Rancher

(replace with version above)

1
+2
+3
+4
+
helm install rancher rancher-stable/rancher \
+  --namespace cattle-system \
+  --set hostname=rancher.example.com \
+  --version 2.5.6
+

Reconfiguring k3s

Get the version of k3s that’s currently running

1
+2
+
k3s --version
+export INSTALL_K3S_VERSION=v1.20.5+k3s1
+

Run the same command you ran initially to install k3s on your servers but add --disable traefik --disable servicelb and be sure to set your version.

example (be sure you are using the right version)

1
+
export INSTALL_K3S_VERSION=v1.20.5+k3s1
+
1
+
curl -sfL https://get.k3s.io | sh -s - server --node-taint CriticalAddonsOnly=true:NoExecute --tls-san your.load.balancer.ip --write-kubeconfig-mode 644 --disable traefik --disable servicelb
+

This should reconfigure your servers.Just run it on all server nodes, not agent nodes.

Install Metal LB

Metal LB installation

You can follow Self-Hosting Your Homelab Services with SSL to get the idea of Metal LB. It’s recommended to:

Exposing Rancher directly to your Metal LB

It’s a good idea to do this until traefik is configured otherwise you won’t have access to the Rancher UI

1
+
kubectl expose deployment rancher -n cattle-system --type=LoadBalancer --name=rancher-lb --port=443
+

Then, you can access Rancher UI after getting external-IP

1
+
kubectl get service/rancher-lb -n cattle-system
+

Install Traefik 2

You can can choose between creating Ingress in Rancher or IngresRoute with traefik

If you choose IngressRoute see IngressRoute otherwise continue on.

  • You must have a persistent volume set up already for acme.json certificate
  • This uses cloudflare, check providers if you want to switch
  • This will get wildcard certs
  • This is pointed at staging, if you want production be sure comment staging the line (and delete your staging certs)

We will be installing this into the kube-system namespace, which already exists. If you are going to use anther namespace you will need change it everywhere.

(Optional) Make sure that persistent volume claim is available

The dynamic configuration for Traefik is stored in a persistent volume. If you want to persist the certificate, it’s better to create one now to claim later.

To create a persistent volume, it’s better to check out Cloud Native Distributed Storage in Kubernetes with Longhorn.

If not, just create one from Rancher UI > Clusters (Choose your cluster) > Storage > Persistent Volume > Add volume

Add traefik helm repo and update

1
+2
+
helm repo add traefik https://helm.traefik.io/traefik
+helm repo update
+

Edit & apply ConfigMap

  • Create traefik-config.yaml with the contents of /config/traefik-config.yaml from /config
  • This holds our cloudflare secrets along with a configmap
  • Update this file with your values
  • Re-check if you have a persistent volume ready to claim
  • Apply the config
1
+
kubectl apply -f traefik-config.yaml
+

Edit & install Traefik helm chart

  • Create traefik-chart-values.yaml with the contents of /config/traefik-chart-values.yaml from /config
  • Update loadBalancerIP in traefik-chart-values.yaml with your Metal LB IP

Before running this, be sure you only have one default storage class set.

If you are using Rancher it is Cluster > Storage > Storage Classes. Make sure only one is default.

  • Install Traefik with chart values
1
+
helm install traefik traefik/traefik --namespace=kube-system --values=traefik-chart-values.yaml
+

More configuration value can be add from this default-value.yaml from Traefik github.

If all went well, you should now have traefik 2 installed and configured.

Check for container logs

To check if the Traefik instance is running correctly, see the logs:

1
+
kubectl -n kube-system logs $(kubectl -n kube-system get pods --selector "app.kubernetes.io/name=traefik" --output=name)
+

It should be level=info msg="Configuration loaded from flags."

Traefik Dashboard

To see all router to Traefik, we can install and expose Traefik Dashboard.

First you will need htpassword to generate a password for your dashboard.

1
+2
+
sudo apt-get update
+sudo apt-get install apache2-utils
+

You can then generate one using this, be sure to swap your username and password.

1
+
htpasswd -nb techno password | openssl base64
+

It should output:

1
+
dGVjaG5vOiRhcHIxJFRnVVJ0N2E1JFpoTFFGeDRLMk8uYVNaVWNueG41eTAKCg==
+

Save this in a secure place, it will be the password you use to access the traefik dashboard.

Copy traefik-dashboard-secret.yaml locally and update it with your credentials.

Copy traefik-dashboard-ingressroute.yaml and update it with your hostname, then apply:

1
+2
+
kubectl apply -f traefik-dashboard-secret.yaml
+kubectl apply -f traefik-dashboard-ingressroute.yaml
+

This should create:

  • A secret in Kubernetes cluster name traefik-dashboard-auth
  • A middleware for Traefik name traefik-dashboard-basicauth
  • An ingress route for Traefik name dashboard

Check out the Traefik Dashboard with the URL you specify earlier.

Exposing a service with traefik and Rancher Ingress

In Rancher go to Load Balancing

  • create ingress
  • choose a host name (service.example.com)
  • choose a target (your workload)
  • set the port to the exposed port within the container
  • go to labels and annotations and add kubernetes.io/ingress.class = traefik-external
  • note, traefik-external comes from --providers.kubernetesingress.ingressclass=traefik-external in traefik-chart-values.yml.If you used something else, you will need to set your label properly.
  • when you visit your website (https://service.example.com) you should now see a certificate issues.If it’s a staging cert, see the note about switching to production in traefik-chart-values.yaml.After changing, you will need to delete your certs in storage and reapply that file
1
+2
+
kubectl delete -n kube-system persistentvolumeclaims acme-json-certs
+kubectl apply -f traefik-config.yaml
+

Exposing a service with traefik IngressRoute

copy the contents of config-ingress-route/kubernetes to your local machine

then run

1
+
kubectl apply -f kubernetes
+

This will create the deployment, service, and ingress.

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/k8s-reflector/index.html b/posts/k8s-reflector/index.html new file mode 100644 index 0000000000..f053ef86a5 --- /dev/null +++ b/posts/k8s-reflector/index.html @@ -0,0 +1,61 @@ + Mirror your Kubernetes configs, secrets, and resources to other namespaces | Techno Tim
Post

Mirror your Kubernetes configs, secrets, and resources to other namespaces

What is Reflector?

Reflector is a Kubernetes addon designed to monitor changes to resources (secrets and configmaps) and reflect changes to mirror resources in the same or other namespaces.Since secrets and configs are scoped to a single namespace, this helps you create and change resources in one namespace and “reflect” them to resources in other namespaces.This is especially helpful for things like certificates and configs that are needed in multiple namespaces.You can find the GitHub repo here!

Install

This might go without saying but you’ll want to be sure you have a working Kubernetes cluster! If you need help setting on up, check out my Ansible Playbook!

You’ll also want to be sure you have helm installed.

Then we’ll run:

1
+2
+3
+
helm repo add emberstack https://emberstack.github.io/helm-charts
+helm repo update
+helm upgrade --install reflector emberstack/reflector
+

This command will add the helm repo locally, then update the repo, then install reflector in your cluster.

Reflecting Resources

Now that it’s installed, all we need to do is add some annotations to “reflect” our resources to other namespaces.

Secrets

Let’s say you create the following Secret with the annotation below:

1
+2
+3
+4
+5
+6
+7
+8
+9
+
apiVersion: v1
+kind: Secret
+metadata:
+ name: some-secret
+ annotations:
+   reflector.v1.k8s.emberstack.com/reflection-allowed: "true"
+   reflector.v1.k8s.emberstack.com/reflection-allowed-namespaces: "namespace-1,namespace-2,namespace-[0-9]*"
+data:
+ ...
+

This will:

  • create a Secret
  • “reflect” the same secret to namespace-1 , namespace-2 and all other namespaces that match the pattern namespace-[0-9]*

ConfigMaps

ConfigMaps are just as easy! Let’s say you have a ConfigMap with the following contents:

1
+2
+3
+4
+5
+6
+7
+8
+9
+
apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: source-config-map
+ annotations:
+   reflector.v1.k8s.emberstack.com/reflection-allowed: "true"
+   reflector.v1.k8s.emberstack.com/reflection-allowed-namespaces: "namespace-1,namespace-2,namespace-[0-9]*"
+data:
+ ...
+

This will:

  • create a ConfigMap
  • “reflect” the same ConfigMap to namespace-1 , namespace-2 and all other namespaces that match the pattern namespace-[0-9]*

Certificates

This is the real reason I brought this chart into my cluster, was support for cert-manager certificates. There are many cases where I need to create the same certificate in multiple namespaces and rather than create them manually, I have reflector create them for me.

1
+2
+3
+4
+5
+6
+7
+8
+9
+
apiVersion: cert-manager.io/v1
+kind: Certificate
+...
+spec:
+  secretTemplate:
+    annotations:
+      reflector.v1.k8s.emberstack.com/reflection-allowed: "true"
+      reflector.v1.k8s.emberstack.com/reflection-allowed-namespaces: "namespace-1,namespace-2,namespace-[0-9]*"
+  ...
+

This will:

  • create a Certificate
  • “reflect” the same Certificate to namespace-1 , namespace-2 and all other namespaces that match the pattern namespace-[0-9]*

The benefit of doing it this way with cert-manager is that when your certificates are updated with something like Let’s Encrypt, all certificates you reflect are also updated! Of course you will only want to limit your reflections to other namespaces you trust.If you’d like to check out cert-manager see my post on how to install traefik and cert-manager!

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/keepalived-ha-loadbalancer/index.html b/posts/keepalived-ha-loadbalancer/index.html new file mode 100644 index 0000000000..843f46f620 --- /dev/null +++ b/posts/keepalived-ha-loadbalancer/index.html @@ -0,0 +1,145 @@ + Meet keepalived - High Availability and Load Balancing in One | Techno Tim
Post

Meet keepalived - High Availability and Load Balancing in One

In my quest to make my services highly available I decided to use keepalived.keepalived is a framework for both load balancing and high availability that implements VRRP.This is a protocol that you see on some routers and has been implemented in keepalived. It creates a Virtual IP (or VIP, or floating IP) that acts as a gateway to route traffic to all participating hosts.This VIP that can provide a high availability setup and fail over to another host in the event that one is down. In this video, we’ll set up and configure keepalived, we’ll test our configuration to make sure it’s working, and we’ll also talk about some advanced use cases like load balancing.

📺 Watch Video

Installation

1
+2
+3
+
sudo apt update
+sudo apt install keepalived
+sudo apt install libipset13
+

Configuration

Find your IP

1
+
ip a 
+

edit your config

1
+
sudo nano /etc/keepalived/keepalived.conf
+

First node

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+
vrrp_instance VI_1 {
+  state MASTER
+  interface ens18
+  virtual_router_id 55
+  priority 150
+  advert_int 1
+  unicast_src_ip 192.168.30.31
+  unicast_peer {
+    192.168.30.32
+  }
+
+  authentication {
+    auth_type PASS
+    auth_pass C3P9K9gc
+  }
+
+  virtual_ipaddress {
+    192.168.30.100/24
+  }
+}
+

Second node

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+
vrrp_instance VI_1 {
+  state BACKUP
+  interface ens18
+  virtual_router_id 55
+  priority 100
+  advert_int 1
+  unicast_src_ip 192.168.30.32
+  unicast_peer {
+    192.168.30.31
+  }
+
+  authentication {
+    auth_type PASS
+    auth_pass C3P9K9gc
+  }
+
+  virtual_ipaddress {
+    192.168.30.100/24
+  }
+}
+

Start and enable the service

1
+
sudo systemctl enable --now keepalived.service
+

stopping the service

1
+
sudo systemctl stop keepalived.service
+

get the status

1
+
sudo systemctl status keepalived.service
+

nginx example

create index.html to mount

1
+
nano /home/user/docker_volumes/nginx/index.html
+
1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+
<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta http-equiv="X-UA-Compatible" content="ie=edge">
+    <title>Hello From Primary Node</title>
+    <style>
+        h1{
+            font-weight:lighter;
+            font-family: Arial, Helvetica, sans-serif;
+        }
+    </style>
+</head>
+<body>
+
+    <h1>
+        Hello World 1
+    </h1>
+
+</body>
+</html>
+

install nginx via docker

1
+
docker run --name some-nginx -v /home/user/docker_volumes/nginx:/usr/share/nginx/html:ro -d -p 8080:80 nginx
+

visit your VIP on port 8080

PiHole

In this video we covered the PiHole use case.After setting this up, be sure to check out the tutorial on Gravity Sync

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/kube-grafana-prometheus/index.html b/posts/kube-grafana-prometheus/index.html new file mode 100644 index 0000000000..c6cabd83bd --- /dev/null +++ b/posts/kube-grafana-prometheus/index.html @@ -0,0 +1,85 @@ + Beautiful Dashboards with Grafana and Prometheus - Monitoring Kubernetes Tutorial | Techno Tim
Post

Beautiful Dashboards with Grafana and Prometheus - Monitoring Kubernetes Tutorial

Grafana and Prometheus are a powerful monitoring solution.It allows you to visualize, query, and alert metrics no matter where they are stored.Today, we’ll install and configure Prometheus and Grafana in Kubernetes using kube-prometheus-stack. By the end of this tutorial you be able to observe and visualize your entire Kubernetes cluster with Grafana and Prometheus.

📺 Watch Video

A HUGE thanks to Datree for sponsoring this video!

Combat misconfigurations. Empower engineers.

https://www.datree.io

Getting Started

If you need to install a new kubernetes cluster you can use my Ansible Playbook to install one.

k3s

If you want to get metrics from your k3s servers, you will need to provide some additional flags to k3s.

Additional k3s flags used in the video:

1
+
extra_server_args: "--no-deploy servicelb --no-deploy traefik --kube-controller-manager-arg bind-address=0.0.0.0 --kube-proxy-arg metrics-bind-address=0.0.0.0 --kube-scheduler-arg bind-address=0.0.0.0 --etcd-expose-metrics true --kubelet-arg containerd=/run/k3s/containerd/containerd.sock"
+

helm

1
+2
+3
+
curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
+chmod 700 get_helm.sh
+./get_helm.sh
+

Install helm

The helm chart we will be using to install Grafana, Preometheus, and Alert Manager is kube-prometheus-stack

Installing

Verify you can communicate with your cluster

1
+
kubectl get nodes
+
1
+2
+3
+4
+5
+6
+
NAME     STATUS   ROLES                       AGE   VERSION
+k3s-01   Ready    control-plane,etcd,master   10h   v1.23.4+k3s1
+k3s-02   Ready    control-plane,etcd,master   10h   v1.23.4+k3s1
+k3s-03   Ready    control-plane,etcd,master   10h   v1.23.4+k3s1
+k3s-04   Ready    <none>                      10h   v1.23.4+k3s1
+k3s-05   Ready    <none>                      10h   v1.23.4+k3s1
+

Verify helm is installed

1
+
helm version
+
1
+
version.BuildInfo{Version:"v3.8.0", GitCommit:"d14138609b01886f544b2025f5000351c9eb092e", GitTreeState:"clean", GoVersion:"go1.17.5"}
+

Add helm repo

1
+
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
+

Update repo

1
+2
+
helm repo update
+
+

Create a Kubernetes Namespace

1
+
kubectl create namespace monitoring
+

Echo username and password to a file

1
+2
+
echo -n 'adminuser' > ./admin-user # change your username
+echo -n 'p@ssword!' > ./admin-password # change your password
+

Create a Kubernetes Secret

1
+
 kubectl create secret generic grafana-admin-credentials --from-file=./admin-user --from-file=admin-password -n monitoring
+

You should see

1
+
secret/grafana-admin-credentials created
+

Verify your secret

1
+
kubectl describe secret -n monitoring grafana-admin-credentials
+

You should see

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+
Name:         grafana-admin-credentials
+Namespace:    monitoring
+Labels:       <none>
+Annotations:  <none>
+
+Type:  Opaque
+
+Data
+====
+admin-password:  9 bytes
+admin-user:      9 bytes
+

Verify the username

1
+
kubectl get secret -n monitoring grafana-admin-credentials -o jsonpath="{.data.admin-user}" | base64 --decode
+

You should see

1
+
adminuser%
+

Verify password

1
+
kubectl get secret -n monitoring grafana-admin-credentials -o jsonpath="{.data.admin-password}" | base64 --decode
+
1
+
p@ssword!%
+

Remove username and password file from filesystem

1
+
rm admin-user && rm admin-password
+

Create a values file to hold our helm values

1
+
nano values.yaml
+

paste in values from here

Create our kube-prometheus-stack

1
+
helm install -n monitoring prometheus prometheus-community/kube-prometheus-stack -f values.yaml
+

Port Forwarding Grafana UI

(be sure to change the pod name to one that matches yours)

1
+
kubectl port-forward -n monitoring grafana-fcc55c57f-fhjfr 52222:3000
+

Visit Grafana

http://localhost:52222

If you make changes to your values.yaml you can deploy these changes by running

1
+
helm upgrade -n monitoring prometheus prometheus-community/kube-prometheus-stack -f values.yaml
+

Examples:

Traefik Ingress example

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/kube-traefik-cert-manager-le/index.html b/posts/kube-traefik-cert-manager-le/index.html new file mode 100644 index 0000000000..7d40405249 --- /dev/null +++ b/posts/kube-traefik-cert-manager-le/index.html @@ -0,0 +1,147 @@ + Wildcard Certificates with Traefik + cert-manager + Let's Encrypt in Kubernetes Tutorial | Techno Tim
Post

Wildcard Certificates with Traefik + cert-manager + Let's Encrypt in Kubernetes Tutorial

Traefik, cert-manager, Cloudflare, and Let’s Encrypt are a winning combination when it comes to securing your services with certificates in Kubernetes.Today, we’ll install and configure Traefik, the cloud native proxy and load balancer, as our Kubernetes Ingress Controller.We’ll then install and configure cert-manager to manage certificates for our cluster.We’ll set up Let’s Encrypt as our Cluster Issuer so that cert-manager can automatically provision TLS certificates and even wildcard certificates using Cloudflare DNS challenge absolutely free.We’ll walk through all of this, step by step, so you can help secure your cluster today.

📺 Watch Video

A HUGE thanks to Datree for sponsoring this video!

Combat misconfigurations. Empower engineers.

https://www.datree.io

Getting Started

If you need to install a new kubernetes cluster you can use my Ansible Playbook to install one.

Resources

You can find all of the resources for this tutorial here

Helm

1
+2
+3
+
curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
+chmod 700 get_helm.sh
+./get_helm.sh
+

For other ways to install Helm see the installation docs here

Installing

Verify you can communicate with your cluster

1
+
kubectl get nodes
+

You should see

1
+2
+3
+4
+5
+6
+
NAME     STATUS   ROLES                       AGE   VERSION
+k3s-01   Ready    control-plane,etcd,master   10h   v1.23.4+k3s1
+k3s-02   Ready    control-plane,etcd,master   10h   v1.23.4+k3s1
+k3s-03   Ready    control-plane,etcd,master   10h   v1.23.4+k3s1
+k3s-04   Ready    <none>                      10h   v1.23.4+k3s1
+k3s-05   Ready    <none>                      10h   v1.23.4+k3s1
+

Verify helm is installed

1
+
helm version
+

You should see

1
+
version.BuildInfo{Version:"v3.8.0", GitCommit:"d14138609b01886f544b2025f5000351c9eb092e", GitTreeState:"clean", GoVersion:"go1.17.5"}
+

Traefik

These resources are in the launchpad/kubernetes/traefik-cert-manager/traefik/ folder

Add repo

1
+
helm repo add traefik https://helm.traefik.io/traefik
+

Update repo

1
+
helm repo update
+

Create our namespace

1
+
kubectl create namespace traefik
+

Get all namespaces

1
+
kubectl get namespaces
+

We should see

1
+2
+3
+4
+5
+6
+7
+
NAME              STATUS   AGE
+default           Active   21h
+kube-node-lease   Active   21h
+kube-public       Active   21h
+kube-system       Active   21h
+metallb-system    Active   21h
+traefik           Active   12s
+

Install traefik

1
+
helm install --namespace=traefik traefik traefik/traefik --values=values.yaml
+

Check the status of the traefik ingress controller service

1
+
kubectl get svc --all-namespaces -o wide
+

We should see traefik with the specified IP

1
+2
+3
+4
+5
+6
+
NAMESPACE        NAME              TYPE           CLUSTER-IP      EXTERNAL-IP     PORT(S)                      AGE   SELECTOR
+default          kubernetes        ClusterIP      10.43.0.1       <none>          443/TCP                      16h   <none>
+kube-system      kube-dns          ClusterIP      10.43.0.10      <none>          53/UDP,53/TCP,9153/TCP       16h   k8s-app=kube-dns
+kube-system      metrics-server    ClusterIP      10.43.182.24    <none>          443/TCP                      16h   k8s-app=metrics-server
+metallb-system   webhook-service   ClusterIP      10.43.205.142   <none>          443/TCP                      16h   component=controller
+traefik          traefik           LoadBalancer   10.43.156.161   192.168.30.80   80:30358/TCP,443:31265/TCP   22s   app.kubernetes.io/instance=traefik,app.kubernetes.io/name=traefik
+

Get all pods in traefik namespace

1
+
kubectl get pods --namespace traefik
+

We should see pods in the traefik namespace

1
+2
+3
+4
+
NAME                       READY   STATUS    RESTARTS   AGE
+traefik-76474c4d47-l5z74   1/1     Running   0          11m
+traefik-76474c4d47-xb282   1/1     Running   0          11m
+traefik-76474c4d47-xx5lw   1/1     Running   0          11m
+

middleware

Apply middleware

1
+
kubectl apply -f default-headers.yaml
+

Get middleware

1
+
kubectl get middleware
+

We should see our headers

1
+2
+
NAME              AGE
+default-headers   25s
+

dashboard

Install htpassword

1
+2
+
sudo apt-get update
+sudo apt-get install apache2-utils
+

Generate a credential / password that’s base64 encoded

1
+
htpasswd -nb techno password | openssl base64
+

Apply secret

1
+
kubectl apply -f secret-dashboard.yaml
+

Get secret

1
+
kubectl get secrets --namespace traefik
+

Apply middleware

1
+
kubectl apply -f middleware.yaml
+

Apply dashboard

1
+
kubectl apply -f ingress.yaml
+

Visit https://traefik.local.example.com

Sample Workload

These resources are in the launchpad/kubernetes/traefik-cert-manager/nginx/ folder

1
+2
+3
+
kubectl apply -f deployment.yaml
+kubectl apply -f service.yaml
+kubectl apply -f ingress.yaml
+

Or you can apply an entire folder at once!

1
+
kubectl apply -f nginx
+

cert-manager

These resources are in the launchpad/kubernetes/traefik-cert-manager/cert-manager/ folder

Add repo

1
+
helm repo add jetstack https://charts.jetstack.io
+

Update it

1
+
helm repo update
+

Create our namespace

1
+
kubectl create namespace cert-manager
+

Get all namespaces

1
+
kubectl get namespaces
+

We should see

1
+2
+3
+4
+5
+6
+7
+8
+
NAME              STATUS   AGE
+cert-manager      Active   12s
+default           Active   21h
+kube-node-lease   Active   21h
+kube-public       Active   21h
+kube-system       Active   21h
+metallb-system    Active   21h
+traefik           Active   4h35m
+

Apply crds

Note: Be sure to change this to the latest version of cert-manager

1
+
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.9.1/cert-manager.crds.yaml
+

Install with helm

1
+
helm install cert-manager jetstack/cert-manager --namespace cert-manager --values=values.yaml --version v1.9.1
+

Apply secrets

Be sure to generate the correct token if using Cloudflare.This is using an API Token and not a global key.

From issuers folder

1
+
kubectl apply -f secret-cf-token.yaml
+

Apply staging ClusterIssuer

From issuers folder

1
+
kubectl apply -f letsencrypt-staging.yaml
+

Create certs

staging

From certificates/staging folder

1
+
kubectl apply -f local-example-com.yaml
+

Check the logs

1
+
kubectl logs -n cert-manager -f cert-manager-877fd747c-fjwhp
+

Get challenges

1
+
kubectl get challenges
+

Get more details

1
+
kubectl describe order local-technotim-live-frm2z-1836084675
+

production

Apply production ClusterIssuer

From issuers folder

1
+
kubectl apply -f letsencrypt-production.yaml
+

From certificates/production folder

1
+
kubectl apply -f local-example-com.yaml
+

Learn More

If you’re using cert-manager to manage certificates, you might want to check out this post on how to mirror your Kubernetes configs, secrets, and resources to other namespaces. This is helpful when you need to share you secrets / certificates across namespaces!

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/librespeed/index.html b/posts/librespeed/index.html new file mode 100644 index 0000000000..991dbfbe71 --- /dev/null +++ b/posts/librespeed/index.html @@ -0,0 +1 @@ + Self-host your own internet speed test with LibreSpeed! | Techno Tim
Post

Self-host your own internet speed test with LibreSpeed!

Internet speed tests are full of junk, ads, tracking, and some even contain deprecated plug-ins.Who needs this when we can self-host an open source one? LibreSpeed is a lightweight speedtest implemented in JavaScript using XHR requests and web workers.It’s fast, feature rich, and supports every modern browser.Say goodbye to those other speed tests and host your own containerized in Docker or Kubernetes today!

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/living-room-nas/index.html b/posts/living-room-nas/index.html new file mode 100644 index 0000000000..a6f2d0ec89 --- /dev/null +++ b/posts/living-room-nas/index.html @@ -0,0 +1 @@ + I turned a gaming case into a living room NAS | Techno Tim
Post

I turned a gaming case into a living room NAS

This case was meant for gaming but I decided to do a little tinkering to see if I could truly turn this build into a NAS for a good-looking home server in your living room.

📺 Watch Video

Info

I originally built a standalone media server on Windows that focused on low energy use, but decided to take it one step further.

📦 Products in video (affiliate links):

Check out the whole kit here: https://kit.co/TechnoTim/low-power-media-server

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/localsend/index.html b/posts/localsend/index.html new file mode 100644 index 0000000000..6c68148c75 --- /dev/null +++ b/posts/localsend/index.html @@ -0,0 +1,31 @@ + Meet LocalSend - A Cross Platform, Open Source Alternative to AirDrop | Techno Tim
Post

Meet LocalSend - A Cross Platform, Open Source Alternative to AirDrop

LocalSend is an open source application that securely transfers files between devices without the internet. It’s cross platform meaning that it’s available for Windows, Mac, Linux, iOS (iPhone, iPad), and Android devices. This is a great alternative to AirDrop or QuickSend and can send and receive files to other devices without a 3rd party service like Google Drive.

📺 Watch Video

Disclosures:

  • Nothing in this video was sponsored

Don’t forget to ⭐ localsend on GitHub!

Installing on Windows

From a terminal:

Using Winget

1
+
winget install localsend
+

Using Chocolatey

1
+
choco install localsend
+

Install from GitHub https://github.com/localsend/localsend/releases

Installing on iOS

App Store recommended for most users.

Download on the App Store

Installing on Android

App Store recommended for most users.

Get it on Google Play

Install using an APK https://github.com/localsend/localsend/releases

Installing on Linux

Package Manager:

Install with terminal.

Ubuntu / Debian

Download deb file https://github.com/localsend/localsend/releases

1
+2
+3
+4
+
cd ~/Downloads #change to download folder
+sudo dpkg -i LocalSend-1.14.0-linux-x86-64.deb #change version to match download
+sudo apt install -f # install missing dependencies
+sudo dpkg -i LocalSend-1.14.0-linux-x86-64.deb #change version to match download
+

Flathub

1
+2
+
flatpak install flathub org.localsend.localsend_app
+flatpak run org.localsend.localsend_app
+

AUR

1
+
yay -S localsend-bin
+

Nix

1
+2
+
nix-shell -p localsend
+pkgs.localsend # Config
+

Installing on macOS

Package Managers:

Install with terminal.

Homebrew

1
+2
+
brew tap localsend/localsend
+brew install localsend
+

Nix

1
+2
+
nix-shell -p localsend
+pkgs.localsend # Config
+

Binaries:

Download for offline usage. https://github.com/localsend/localsend/releases

App Store recommended for most users.

Download on the App Store

See all releases https://github.com/localsend/localsend/releases

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/longhorn-install/index.html b/posts/longhorn-install/index.html new file mode 100644 index 0000000000..5f16650bd3 --- /dev/null +++ b/posts/longhorn-install/index.html @@ -0,0 +1,27 @@ + Cloud Native Distributed Storage in Kubernetes with Longhorn | Techno Tim
Post

Cloud Native Distributed Storage in Kubernetes with Longhorn

Storage in Kubernetes is hard, complicated, and messy.Configuring volumes, mounts, and persistent volumes claims and getting it right can be a challenge.It’s also challenging to manage that storage and replicate it across all your Kubernetes clusters.It’s also been very challenging to do this on bare metal, outside of a cloud provider.That’s where Longhorn comes.Longhorn is an open source, a CNCF distributed block storage system for Kubernetes.It comes with a UI, backups, snapshots, cluster disaster recovery, and it does all this with or without Rancher.Rancher is NOT a requirement.

📺 Watch Video

Installation

Additional Dependencies

There are some additional dependencies you might want to install on target nodes prior to configuring

1
+2
+3
+4
+
sudo apt update
+sudo apt install nfs-common open-iscsi
+#start the service now and on reboot
+sudo systemctl enable open-iscsi --now
+

Install Methods

Rancher app catalog

See the app catalog within Rancher

Kubectl

1
+
kubectl apply -f https://raw.githubusercontent.com/longhorn/longhorn/master/deploy/longhorn.yaml
+
1
+2
+3
+
kubectl get pods \
+--namespace longhorn-system \
+--watch
+

See more at https://longhorn.io/docs/1.0.0/deploy/install/install-with-kubectl

Helm

helm3

1
+2
+
kubectl create namespace longhorn-system
+helm install longhorn ./longhorn/chart/ --namespace longhorn-system
+
1
+
kubectl -n longhorn-system get pod
+

Taints

This is not required, nor do I taint nodes anymore.I allow Longhorn storage to use any available space on any node that is not running etcd / control plane.You can simply skip this step and it will work like this.If you’re still convinced you need dedicated nodes, it’s much easier doing it in the Longhorn UI after a node joins the cluster than with taints.

I ended up tainting my storage nodes using this command

1
+2
+
kubectl taint nodes luna-01 luna-02 luna-03 luna-04 CriticalAddonsOnly=true:NoExecute
+kubectl taint nodes luna-01 luna-02 luna-03 luna-04 StorageOnly=true:NoExecute
+

Then applying that toleration to Longhorn in settings

StorageOnly=true:NoExecute;CriticalAddonsOnly=true:NoExecute

This ensures that the storage nodes won’t take on any general workloads and still allow Lonhorn to use these as storage.

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/low-power-cluster/index.html b/posts/low-power-cluster/index.html new file mode 100644 index 0000000000..02b1465266 --- /dev/null +++ b/posts/low-power-cluster/index.html @@ -0,0 +1,83 @@ + Low Power Cluster - Small, Efficient, BUT Powerful! | Techno Tim
Post

Low Power Cluster - Small, Efficient, BUT Powerful!

I’ve been running a few clusters in my HomeLab over the past few years but they have always been virtualized inside of Proxmox.That all changed today when I decided to run my Kubernetes cluster on these 3 low power, small, and efficient, Intel NUCs.

📺 Watch Video

I built a lower power, efficient, and near silent server cluster! Although this cluster is small and efficient, it’s still powerful enough to run a high availability Kubernetes cluster with many services running in High Availability mode! There are so many options with running a small cluster like this, the possibilities are endless!

Where to Buy

A HUGE thanks to Datree for sponsoring this video!

Combat misconfigurations. Empower engineers. https://www.datree.io

See the whole kit here - https://kit.co/TechnoTim/efficient-low-power-powerful-virtualization-server

(Affiliate links are included in this description. I may receive a small commission at no cost to you.)

Hardware

These Intel NUCs are probably my favorite small form factor devices.They are only 4x4 inches and pack quite a punch.That’s because these NUCs have anywhere from a Core i3, to a Core i5, to a Core i7 processor in them.This one has a Core i7 with 4 cores and 8 threads and has a base clock speed of 2.8 GHz and can turbo boost up to 4.70 GHz.It even has QuickSync on this chip too so that I can offload encoding if I need to.You can check out the specs here.

Intel NUC Stack My Intel NUC Cluster!

I maxed out the ram on each machine, giving it 64 GB of DDR4 RAM.Should just be just enough to run some of my workloads and another reason I chose not to run a hypervisor on these machines, I wanted to conserve resources.I added a 1 TB Samsung NVMe drive for the OS and to run all of my workloads, and then a second SSD for additional Kubernetes storage that will be replicated across all 3 devices.I may expand this in the future however this was one of many SSDs I had laying around.

Intel NUC Internals Intel NUC Internals

Installing in the Rack

So once I had all of the hardware buttoned up then I had to decide where exactly I was going to put these devices.Now I could have put these on my workbench or my desk, but I have a server rack in my basement that I wanted to take advantage of.I have a few general purpose shelves but I thought that these NUC deserved a little bit better home than that.I wanted a rack mount system that would hold 3 NUCs, hold them securely in place, and even give me some cable management and that’s when I found this small company that makes all kinds of small form factor rack mount systems.Mk1 Manufacturing makes all kinds of rack mount kits for small form factor devices like Mac Studios, Lenovo ThinkStations, Mac Minis, and of course Intel NUCs.The nice part about these racks too is that they are made here in the US. I purchased one for my Intel NUCs and quick rack mounted all 3.It was super easy to mount these and they even thought about the cable management for both power and networking.

Intel NUC Internals Intel NUC, 1U Rack Mount System

Remote Control

I bet you’re wondering how I remote control these devices, because I wondered that too.Well, if you remember from a previous video, I picked up a PiKVM and I was able to attach multiple devices to it using an HDMI switch.Ths current switch lets me connect up to 4 devices, but I am going to try to expand to 8 later on. From the PiKVM I can even power on these devices using WAKE ON LAN that will send a magic packet to wake them up.And in the case that Wake On LAN doesn’t work, I can then use my UniFI Smart PDU Pro to toggle the power off then on to force them to wake up.

Intel NUC Internals Intel NUC, 1U Rack Mount System

Operating System

After getting this all hooked up and on my network, I then had to figure out how I was going to get an operating system on them.I ended up using MAAS or metal as a service to boot and provision these machines.I chose to go with Ubuntu server for these, well, because I like Ubuntu and so is the rest of my infrastructure so it makes it really easy to manage it.I was sure to reserve a static IP for these devices as well as create a DNS entry for them.

Why Kubernetes

Now, for the most difficult part of this all, installing kubernetes.I bet you’re asking, why Kubernetes?

Because.

Kubernetes

So to install Kubernetes I can do it one of a million different ways and on top of that I have my distributions to choose from.I ended up going with k3s because I like how lightweight that it is as well as the active community behind it.

As far as installation goes I could spend the 20+ hours doing it manually but I’ve already created an Ansible playbook that can do this all for me.It does everything that I need to give me a high availability Kubernetes cluster, with both an HA Kubernetes API as well as an HA service load balancer.With three nodes I can lose 1 node and everything will still function normally.

After setting my IP address it was off to the races. 🚀

I sat back and watched the automation run for about 3 minutes, and shortly after that I had a highly available Kubernetes cluster to run my workloads.If you’d like to do the same thing I will leave a link to the documentation and the video where I walk you through all of this.

Running the k3s-ansible playbook Running the k3s-ansible playbook

Installing Apps & Services

So once I had Kubernetes installed I then copied my kube config file locally so I could communicate with the cluster.I was able to ping the Kubernetes API that is really a VIP and it responded.I then asked Kubernetes to show me all of my nodes and there they were, all three of them.So that was there to do next? Next I wanted to install some workloads to test out HA.Now typically I would install Traefik as my reverse proxy and cert-manager to manage my certificates, and LOKI, Grafana, and Prometheus for logging, monitoring, and visualization; however I just wanted to test out a few things before I go all in.

So I decided to install a simple web server that runs nginx to host it.This web site is just a tiny nginx web server that services a single page that shows its hostname, IP address, and port, and a few other things.This was going to be a good test to test high availability. My plan was to create this workload with 3 replicas and then pull the plug on one of the nodes and make sure that both Kubernetes was still up as well as this web page.

So, that’s what I did.

I created a Kubernetes deployment for this container and set the replicas to this.This will ensure that 3 are running but I wanted to be sure that they were spread out across all three nodes.I did this by setting a typology constraint of hostname.This will make sure that only more than one pod is never scheduled on the same node so that I can ensure HA.

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+
---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx
+spec:
+  selector:
+    matchLabels:
+      app: nginx
+  replicas: 3
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      containers:
+        - name: nginx
+          image: nginxdemos/hello
+          ports:
+            - containerPort: 80
+      topologySpreadConstraints:
+        - maxSkew: 1
+          topologyKey: kubernetes.io/hostname
+          whenUnsatisfiable: DoNotSchedule
+          labelSelector:
+            matchLabels:
+              app: nginx
+

So once this was set, I then deployed the Kubernetes deployment and could see that I had 3 pods, all spread across 3 nodes, awesome.

But how to I actually get to this web page? Well, remember how I mentioned that I typically use Traefik as my reverse proxy? Well, that’s where this would come in handy.It would allow me to expose multiple services on the same IP, but since I don’t have it installed, I will just expose it on the metal lb load balancer that comes with my playbook.

To open up an IP on the virtual load balancer, all I have to do is create a service with a type of LoadBalancer.This will expose the service on one of the Metal LB Ip addresses so that we can see our web page.

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+
---
+apiVersion: v1
+kind: Service
+metadata:
+  name: nginx
+spec:
+  ipFamilyPolicy: PreferDualStack
+  selector:
+    app: nginx
+  ports:
+    - port: 80
+      targetPort: 80
+  type: LoadBalancer
+
+

After deploying that service, we can then check the service to see which IP address it was assigned.Once we have that IP address we can then get to this web page.

After, we see our web page here so we know it’s working.And it should be HA because we have one of these pods running on each of the servers!

Running the k3s-ansible playbook NGINX demo page

Now we need to introduce some chaos.

No, no no no, not that much chaos, just simply removing one of the nodes.

So, before doing that let’s ping our Kubernetes API to be sure that it ups, and you can see it’s up and responding.Next let’s open the web page and keep refreshing it.

Now, we can introduce chaos by shutting down one of the nodes.I can pick anyone that I like but let’s go with 2.Let’s also ping node 2 so you can see it going down.

So we shut down node 2 and wait.We can see that it’s down but out Kubernetes API is still up.We can do a kubectl get nodes and see all of our nodes, and if we refresh our web page we can see that the web site never went down.Now if we shutdown one more now, we will lose access to our Kubernetes api and web page, so let’s shutdown node 1.And as you can see we can’t get to it anymore, but if we bring up node 2 and leave node 1 down we can.

HA NGINX Test Testing my HA NGINX install, you can see that node 2 is down, but the Kubernetes API still responds and the web page is still up!

What else can we do?

Awesome, so now we have an HA cluster but what can we do with it? Well, I mentioned a few things but you can do some awesome home Kubernetes stuff like install Home Assistant, game servers, web sites, or many other workloads, just remember that not all workloads can be HA out of the box, they have to be stateless like my nginx container, meaning they have no state like storage mounts or state in memory, but they get their state from outside of the container like an external database.

Stateless k8s apps This diagram explains how stateless Kubernetes apps should be architected

How efficient is it?

I bet you’re wondering how much power these three devices use, well I wondered the same thing and I checked my UniFi PDU to be sure.I let all three NUCs run a few workloads and kept them on for a few hours and each of them uses about 20 watts of power.Keep in mind that my PDU only shows average power over time so I think they are using anywhere from 15-25 watts.Is that as good as a raspberry pi? Well, no, but what I do get is an x86 processor with 8 cores, lots of high speed storage, 2.5 Gigabit networking, AES instructions, and even a GPU for quick sync if I wanted to do any kind of transcoding.Also, it has enough compute to run anything I can throw at it because remember it’s a core i7.

Stateless k8s apps Each Intel NUC only uses around 9 watts of power on average, with an idle k3s cluster!

What do I think?

So, what do I think of these lower power, small, yet powerful devices? Well, I think they are pretty awesome if you couldn’t tell by the fact that I bought 3.You can find these devices relatively cheap if you go with a model from a previous year.Is it as cheap as picking up older small form factor desktops? It’s not, what that might be a perfectly fine option for you if you want to save some money, but I didn’t have 3 devices that I could keep around for years to come, not to mention that I still have my first NUC from almost 9 years ago. These little devices are great for servers, especially if you are considering clustering them.And rack mounting them is a great solution if you’re thinking about picking up a few.

Well, I learned a lot today about low power servers, Intel NUCs, and cluster Kubernetes and I hope you learned something too.And remember if you found anything in this video helpful, don’t’ forget to share, like, and subscribe. Thanks for reading and watching!

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/low-power-efficient-proxmox/index.html b/posts/low-power-efficient-proxmox/index.html new file mode 100644 index 0000000000..15f853fa35 --- /dev/null +++ b/posts/low-power-efficient-proxmox/index.html @@ -0,0 +1 @@ + Build a Low Power, Efficient, Small Form Factor but Powerful Proxmox Server | Techno Tim
Post

Build a Low Power, Efficient, Small Form Factor but Powerful Proxmox Server

Have you been thinking about building a low power, efficient, small form factor but performant Proxmox server? This is the perfect home server build for anyone who wanted to virtualize some machines while still staying green.This tiny, silent, and efficient build is one that won’t drive up your electricity bill either.

A HUGE thanks to Micro Center for sponsoring this video!

New Customers Exclusive – Get a Free 240gb SSD at Micro Center: https://micro.center/4e48d4

📺 Watch Video

See the kit here: https://kit.co/technotim/efficient-low-power-powerful-virtualization-server

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/low-power-efficient-server/index.html b/posts/low-power-efficient-server/index.html new file mode 100644 index 0000000000..1d38ad5a05 --- /dev/null +++ b/posts/low-power-efficient-server/index.html @@ -0,0 +1,263 @@ + Building a Low Power, All-in-One, Silent Server | Techno Tim
Post

Building a Low Power, All-in-One, Silent Server

What if I told you that this little machine is the perfect Proxmox Virtualization server? And what if I told you I crammed an intel core i5, 64 GB of RAM, a 1 TB NVMe SSD, another 1TB SSD all in this tiny little box that’s dead silent without any fans? And what if I told you it can run Proxmox Virtual Server, host a pfsense router, runTrueNAS with a TB of storage, run Ubuntu server with Portainer running a few docker containers, run Windows 10 or Windows 11, and run ubuntu Desktop and pass though all of the hardware so I can use this server as a desktop, all while running a Plex Server and doing hardware transcoding with 3 - 4k streams?

No Way!

Yeah, I thought you’d say that.

📺 Watch Video

You might have heard of Protectli before.They’re known for making really great appliances for many open source software distributions.Most people think of Protectli devices as the perfect device for a router like pfSense. And that makes sense considering that their devices come with anywhere from 2 - 6 network ports.But their devices can be used to run almost any software imaginable, from Linux, to Windows, to a dedicated firewall, to even a virtualization host or a hypervisor.

How is that possible?

Where to Buy

A HUGE thanks to Protectli for sending this device for me to test!

See the whole kit here! - https://kit.co/TechnoTim/building-a-low-power-all-in-one-silent-server

CPU

That’s possible because of the hardware that these devices ship with.Protectli sent me a VP4560 to help with some of my HomeLab projects and this device is a beast. This is the VP4650 and comes with an intel Core i5 quad core CPU with hyper-threading that is rated at 1.6 GHz and can turbo boost up to 4.2 GHz.The nice thing about this CPU is that it supports VTx for virtualization and VT-d for IOMMU so I can pass through devices though to the guest.And because it’s an Intel x86 processor it comes with AES-NI support, which is super nice for encryption / decryption for VPN or TLS.

Memory

It supports up to 64GB of RAM which is plenty for what I will be using it for, but you can scale back if you need, all the way down to 4 GB.

Network

It comes with 6 intel 2.5 gigabit NIC ports giving you enough throughput for most of your networking needs.

Protectli Network ports Protectli VP4650 has 6 - 2.5 Gb/s network ports!

Storage

It also ships with a 16GB eMMC module on board and many options for storage.Also, because this machine has an NVMe slot and a SATA port you can mix and match your storage to fit your needs.I opted for a 1 TB Samsung M.2 NVMe and a 1 TB Samsung EVO drive.

Protectli Device Internals Protectli VP4650 Internals

Extras

You also get the choice of adding WiFi modules and 4g LTE modems however I decided not to on this device because they also sent a lower powered VP2420 that has 4 network ports along with WiFI and LTE modules to help me build the ultimate router which you’ll be seeing in a future video.

Protectli Ultimate Router Protectli Ultimate Router (Coming soon!)

Cooling

If you noticed from everything I listed, you didn’t hear anything about fans.That’s not something that’s obvious from the specs on paper, but taking one look at this device you can see this huge heatsink that passively cools the entire device.It definitely looks like a grill but I promise you can’t cook anything on here.

Connectivity

Protectli Connectivity Protectli devices come with plenty of options to connect all of your other devices devices_

As far as connectivity goes, you have plenty of options for connecting devices, from USB 2.0, 3.0, USB C, to HDMI, to Display power, and even a micro USB port for console access.

BIOS

Protectli BIOS You can choose between AMI BIOS and and open source BIOS called “coreboot”_

One thing that I like about these devices is that you have your choice in firmware to use.You can use a standard AMI BIOS that works great, or your can use coreboot BIOS, which is a bare bones open source BIOS that lets you customize some cool features.For instance, if you flash their devices with core boot, you can boot to the network and download and install many different operating systems from the network.This is a neat feature that I welcome and it saves you the hassle of loading up that Ventoy USB disk with new ISO.I did however opt for AMI BIOS because I did have a few issues with coreboot related to using my Ventoy USB disk.But that’s the nice thing about this BIOS being open source, it will get better and more secure over time with more eyes looking at it and more engineers contributing to it.

The Build

So what did I do with all of this hardware? The better question is what didn’t I do?

I knew that I wanted thai build to be a complete silent hypervisor and I knew that it was going to run Proxmox.

The first decision I had to make was where I was going to install proxmox.Remember I have the choice between the NVMe drive, the SATA drive, and the eMMC module.Turns out the eMMC mobile isn’t really an option because Proxmox won’t let you install it there without some hacks and I didn’t want to hack this device so I decided to install it on the NVMe drive and use the rest of the partition for virtual machines.Typically I would have installed the OS on the slower drive and save the NVMe for VMs but I have other plans for that. Installing Proxmox was straightforward, just like any other Proxmox installation.After it was installed I then configured IOMMU so I can pass devices through to guest machines and everything else I have on my First 11 Things on Proxmox video.After that was all set it was now time to install some VMs.

Router

I knew that I wanted to install a router on this machine.This will give me the flexibility to run a network firewall for all of these devices and give me the option to protect any device I use when I travel, but more on that later.

So I installed pfsense, and passed through 2 NICs from the host down to the guest. This first NIC is the WAN port, so an upstream provider like an ISP or even some network I don’t trust, and then one port for LAN if I do want to connect all of these devices to the local network. Passing these through and configuring them was pretty simple and if I forget which port is which they even included some stickers for me to label the ports.I also added another network port that’s used as a network bridge in case I want these VMs to use an internal network.

Protectli Stickers for network ports Protectli Network interface stickers

NAS

Now that the router was done, I wanted to configure a NAS on this device.This NAS could be any open source NAS but I chose to go with TrueNAS SCALE.I went with TrueNAS because, well it’s TrueNAS,and I went with SCALE because I wanted a Linux based OS that plays better with Proxmox.After installing TrueNAS I then created a 1 TB drive in Proxmox and assigned it to TrueNAS so that I can have 1 TB of storage on my NAS.I know it’s not ZFS and I don’t have redundant drives, so if you do the same you’ll want to be sure that you have your data backed up to another machine.Once I had TrueNAS up and running I could set up NFS and Samba shares just like I would normally with a physical install.I can also pass through one of the NICs to my NAS so that it can have a dedicated 2.5 Gb/s NIC if I like.

Ubuntu Server + Portainer

Next up I needed something to run my containers.Yes, I know I can use TrueNAS to do that but I wanted to go with my preferred combination of Ubuntu Server + Docker + Portainer.Having a dedicated Ubuntu server running Portainer gives me a great UI and so many possibilities.After installing and configuring I then created a few containers.This is a perfect host now to run all of my self-hosted services.

Desktop

After getting my foundation all set up, I then had my choice of desktop OSes.I could choose between Windows and Ubuntu Desktop, then I looked at how much disk space and RAM I had left and I thought to myself, why not both.This is where things got a little bit interesting too. I first installed Windows 11 and configured it, no problems there, but after installing Windows I wanted to passthrough the GPU on the device to the VM, along with sound card and USB devices so I could use this all in one server as a desktop too.After messing with this for hours I could not get the single Intel GPU to display anything on the screen even though it was definitely passed through to the guest machine and I could see it over Remote Desktop.I thought maybe it was Windows 11 so I created a Windows 10 machine and it did the same thing.

Protectli Proxmox Desktop Ubuntu Virtual machine running on Proxmox with the hardware passed through from host to guest so I can use it as a desktop simultaneously

So I decided to try it again, but with Ubuntu Desktop and sure enough it worked! I was able to pass through the integrated GPU front he host down to the guest and use this machine as a desktop.I will be the first to admit that it wasn’t winning any performance awards but I was able to do most tasks that I would expect to do on a laptop.I installed VSCode, customize the desktop, watched some YouTube, and even passed through the thermal subsystem so I could monitor the temperature of the host.

After I had this working I decided to install Plex on this machine so that I could see if I could get QuickSync working.QuickSync is a technology and a dedicated chip on most modern intel processors that lets you off load decoding and encoding video from the processor to this chip.This technology is similar to NVENC from NVIDIA, and AMF from AMD, but the idea is that you give this work to another part of the processor instead of pegging all of your CPU cores.Plex can take advantage of this if you have a plex pass and I do, so I wanted to see if I could get it working.

That’s where I started to run into troubles.I thought that since I had the GPU passed through to this Ubuntu machine that Plex would just see QuickSync and use it. No matter what I tried I could not get Plex do hardware encoding, I even tried using Docker containers which supposedly should work if the hardware is mapped properly however I couldn’t get it to work.

Protectli Intel GPU over RDP I could see the Intel GPU using Remote Desktop on Windows

Then I decided to try my Windows VM.I could see the Intel GPU when using Remote Desktop so there was hope.Sure enough that when I installed plex and started streaming a video the hardware enabled transcoding kicked it and the CPU barely budged! I was able to transcode 3-4k streams down to 1080, 720, and even 480, no problem!

Protectli Plex Transcoding I could encode 3 - 4k streams on Plex using Intel’s Quick Sync!

This was awesome and puzzling at the same time.The WIndows machine could see the GPU and take advantage of QuickSync but I couldn’t output the display from the HDMI or DisplayPort, and the Ubuntu machine could output to the monitor over HDMI but couldn’t use QuickSync.Judging by the fact that I was able to cover both of these use cases with different operating systems this told me that it’s something with software and not hardware so I chalked it up as software issue and it may be fixed some day.

Power

Protectli Device Power Draw Protectli VP4650 power draw with 4 virtual machines running and hardware attached

You might think that running 4 virtual machines on this device would draw a lot of power and generate a lot of heat.Well, I thought the same thing until I pulled out my kill-a-watt and decided to measure it.This Protectli machine running 4 VMs and the host itself with all of these devices plugged in pulled anywhere from 20-30 watts, which I think is pretty good considering I have all of this functionality in one device.If I wanted to save some more power I could power down any of these virtual machines when not using them.

Protectli Device Temperatures

Protectli VP4650 temperatures with 4 virtual machines running and hardware attached

And as far as heat goes? Well, do you hear that fan? That’s right, no fan equals no noise but that also means that it’s going to heat up these fins.As you saw earlier that the thermals were around 56 celsius on the die, it’s actually much cooler on the heatsink fins so you definitely can’t cook anything on it.

Final Thoughts

As you saw I was able to create quite a few virtual machines and spin up an absolutely quiet hypervisor and use it as a desktop, which goes to show just how flexible these devices are.If you go with Protectli you are getting a blank slate where you can create and build anything you want.From a full fledged server with virtual machines to a small dedicated development environment.

Now it wouldn’t be fair if I didn’t mention some of the beefs I have with it too.Remember that eMMC drive I mentioned? Well, if you’re planning on using it with Proxmox it’s almost useless.Proxmox can’t be installed on that device and even if it could it’s only 16GB.I’d love to see another option other than the eMMC module or even space for another SSD.The other things that some mention is the price.These devices are a little more expensive than some of the other small form factor devices out there, so I wish the price would come down just a bit.However these devices are purpose built, have lots of customization options like WiFi and 4g LTE, are industrial quality, offer support for all of their devices, and allow you to swap out firmware for coreboot anytime you like and those options might be enough for you to justify the premium cost, because I think these are truly premium devices.

Well, I learned a lot about running Proxmox on Protectli devices and I hope you learned something too.And remember if you found anything in this video helpful, don’t forget to like and subscribe.Thanks for reading and watching!

Configuration

Here is my configuration for each virtual machine on my Proxmox server.Please note that (as seen in this article and the video) I did have issues getting the Windows machines to output their display to a physical monitor however Quick Sync to encode videos worked just fine and I could output the display using Ubuntu desktop however I could not use Quick Sync.If you have a fix, let me know in the comments!

pfSense

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+
boot: order=virtio0;ide2;net0
+cores: 4
+cpu: host,flags=+aes
+hostpci0: 0000:06:00
+ide2: none,media=cdrom
+memory: 2048
+meta: creation-qemu=7.2.0,ctime=1680150221
+name: pfsense
+net0: virtio=12:70:A1:22:F9:2F,bridge=vmbr1
+numa: 0
+ostype: other
+scsihw: virtio-scsi-single
+smbios1: uuid=0388a78d-7950-49e7-8ef9-19a9744e8ee2
+sockets: 1
+startup: order=1,up=30,down=30
+vga: qxl
+virtio0: local-lvm:vm-100-disk-0,discard=on,iothread=1,size=20G
+vmgenid: 314798d0-820e-40bd-89ad-ac364b03b83c
+

Windows 11

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+
agent: 1
+balloon: 0
+bios: ovmf
+boot: order=ide0;ide2;virtio0;net0
+cores: 8
+cpu: host
+efidisk0: local-lvm:vm-101-disk-0,efitype=4m,pre-enrolled-keys=1,size=4M
+hostpci0: 0000:00:02,pcie=1
+hostpci1: 0000:00:12.0
+ide0: local:iso/virtio-win-0.1.229.iso,media=cdrom,size=522284K
+ide2: none,media=cdrom
+machine: pc-q35-7.2
+memory: 32768
+meta: creation-qemu=7.2.0,ctime=1680233057
+name: windows-11
+net0: virtio=DE:AB:E8:6B:9F:B7,bridge=vmbr2,firewall=1,tag=60
+numa: 0
+ostype: win11
+scsihw: virtio-scsi-single
+smbios1: uuid=5f7d30a5-b3df-4a29-800c-730c7a43668d
+sockets: 1
+tpmstate0: local-lvm:vm-101-disk-1,size=4M,version=v2.0
+vga: std
+virtio0: local-lvm:vm-101-disk-2,cache=unsafe,discard=on,iothread=1,size=10>vmgenid: 9193bc41-1b82-4069-bc42-8cbb0dfca31d
+

Ubuntu Desktop

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+
agent: 1
+balloon: 0
+boot: order=scsi0;ide2;net0
+cores: 8
+cpu: host
+hostpci0: 0000:00:02,pcie=1,rombar=0,x-vga=1
+hostpci1: 0000:00:1f
+hostpci2: 0000:00:1a
+hostpci3: 0000:00:12,pcie=1
+ide2: none,media=cdrom
+machine: q35
+memory: 16384
+meta: creation-qemu=7.2.0,ctime=1680232192
+name: ubuntu
+net0: virtio=1E:05:6A:E7:68:85,bridge=vmbr2,tag=60
+numa: 0
+ostype: l26
+scsi0: local-lvm:vm-102-disk-0,cache=writeback,discard=on,iothread=1,size=8>scsihw: virtio-scsi-single
+smbios1: uuid=7b2a286b-197d-4382-9c04-5a0544596b89
+sockets: 1
+startup: order=4,up=30,down=30
+usb0: host=24f0:0142
+usb1: host=045e:0724
+vga: none
+vmgenid: e93460b1-66f7-4694-a528-98ed006eb770
+

Ubuntu Server

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+
agent: 1
+balloon: 0
+boot: order=scsi0;ide2;net0
+cores: 4
+cpu: host
+ide2: none,media=cdrom
+memory: 8192
+meta: creation-qemu=7.2.0,ctime=1680232488
+name: ubuntu-server
+net0: virtio=F6:BF:85:17:B6:0F,bridge=vmbr2,firewall=1,tag=60
+numa: 0
+ostype: l26
+scsi0: local-lvm:vm-103-disk-0,cache=unsafe,discard=on,iothread=1,size=32G
+scsihw: virtio-scsi-single
+smbios1: uuid=7bc4309c-dc9a-4632-bfd5-2e5f8a5e4fcd
+sockets: 1
+startup: order=3,up=30,down=30
+vmgenid: 2500d141-f7be-4c7b-ab9f-0a0f0075ea97
+

TrueNAS

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+
agent: 1
+balloon: 0
+boot: order=scsi0;ide2;net0
+cores: 4
+cpu: host
+ide2: none,media=cdrom
+machine: q35
+memory: 8192
+meta: creation-qemu=7.2.0,ctime=1680314889
+name: truenas
+net0: virtio=DE:16:B3:D8:6C:C7,bridge=vmbr2,firewall=1,tag=60
+numa: 0
+ostype: l26
+scsi0: local-lvm:vm-104-disk-0,discard=on,iothread=1,size=32G,ssd=1
+scsi1: evo:vm-104-disk-0,discard=on,iothread=1,size=1000G,ssd=1
+scsihw: virtio-scsi-single
+smbios1: uuid=2ab225ac-44d8-4fb0-b5eb-0ada70e05f33
+sockets: 1
+startup: order=2,up=30,down=30
+vmgenid: 79db20a3-ff24-457c-8abb-6dc4df3c6e38
+

Windows 10

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+
agent: 1
+balloon: 0
+bios: ovmf
+boot: order=ide0;ide2;scsi0;net0
+cores: 8
+cpu: host
+efidisk0: local-lvm:vm-105-disk-0,efitype=4m,pre-enrolled-keys=1,size=4M
+hostpci0: 0000:00:02,pcie=1
+hostpci1: 0000:00:12,pcie=1
+hostpci2: 0000:00:1f
+ide0: none,media=cdrom
+ide2: none,media=cdrom
+machine: pc-q35-7.2
+memory: 32768
+meta: creation-qemu=7.2.0,ctime=1680459394
+name: windows-10
+net0: virtio=72:B4:A4:CD:C6:96,bridge=vmbr2,firewall=1,tag=60
+net1: virtio=C6:9F:2F:F2:73:7B,bridge=vmbr1,firewall=1,link_down=1
+numa: 0
+ostype: win10
+scsi0: local-lvm:vm-105-disk-1,cache=unsafe,discard=on,iothread=1,size=150G>scsihw: virtio-scsi-single
+smbios1: uuid=74ff8b62-d60d-4d5c-81a0-e3939baa380c
+sockets: 1
+startup: order=4,up=30,down=30
+vga: none
+vmgenid: f4593d16-12ab-4483-8962-6c27ee576f05
+

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/mac-studio-rack/index.html b/posts/mac-studio-rack/index.html new file mode 100644 index 0000000000..210d934349 --- /dev/null +++ b/posts/mac-studio-rack/index.html @@ -0,0 +1 @@ + More than a Rackmount Case for a Mac | Techno Tim
Post

More than a Rackmount Case for a Mac

I debated buying a new Mac due to its limited options for expandability. This all changed when I found a way to not only rackmount my Mac, but add PCIe slots to add additional components like NVMe SSDs, video capture cards, dual 10 gig networking, and even testing a video card.

Thank you to Sonnet for sending this xMac Studio / Echo III / M.2 8x4 Silent Gen4 PCIe Card to help complete my video editing / software development Machine!

Disclosures:

  • I was not paid
  • I chose Sonnet and contacted them after researching alternatives
  • SSDs are on loan and will be sent back

Thinking about expanding your Mac/Windows/Linux Machines? Check out Sonnet!

📺 Watch Video

More than a Rackmount Case

I racked my Mac Studio using this rackmount case and it gives me so many connectivity options. It not only serves as a rackmount but it also expands its capabilities by adding a Thunderbolt enclosure that can fit 3 full length PCIe cards and connects over Thunderbolt 3 or 4. This unlocks the Mac’s full potential by allowing you to connect PCIe cards like network adapters, video capture cards, or even add super fast storage using this 16x PCIe card that can fit up to 8 NVMe SSD drives. the xMac Studio rackmount case also has a built-in USB hub, cut outs that still let you access the IO ports, an easy to reach out button, and even an area to keep USB or Thunderbolt drives if you’ve decided to connect those.

Sonnet xMac Studio Sonnet xMac Studio enclosure with the Echo III expansion system

Today we’re going to take a look at the xMac Studio Pro Rackmount System from Sonnet, with the Echo III expansion system, and even one of their m.2 8x4 silent gen4 PCIe cards to add some additional storage. We’re going through all of this today, including the rackmount case, the enclosure, testing different cards that work with a Mac, and even do some speed tests using the included PCIe NVMe card. This kind of expandability makes it hard to know why the Mac pro even exists.

Testing cards with the xMac Studio I tested lots of PCIe cards

Why a Mac Studio over a Mac Mini?

I bet you’re wondering, why a Mac Studio, and why not a Mac Mini? I debated this for quite some time and even started configuring a Mac Mini and after I started comparing the specs of what I wanted out of a Mac Mini m2 and a Mac Studio m2, I found that for only 100 dollars more I was able to get twice the GPU cores (38 in total), twice the RAM (64 in total), 2 additional USB C ports, a media card reader, faster on board SSDs and even faster memory. I did have to reduce the storage down to 1 TB but that’s a sacrifice I was willing to make and knew I could supplement storage with a system like this from Sonnet. Don’t get me wrong, the Mac Mini is a great Machine but once you start getting into the upper end of the specs, you’re better off going with a Mac Studio. Oh, also sonnet makes a Mac Mini rack too, which I’d love to test out in the future as a Mac build / render server.

Mac vs Mac Mini If you’re going to increase the specs of the Mac Mini, at some point you’re better off getting a Mac Studio

Why Rack a Mac?

The next question you’re probably asking is why rack a Mac system at all, I mean, aren’t they meant to be looked at? Joking. Kind of. I chose to rackmount my Mac Studio, not because it’s on brand (ding), but because I wanted better cable management. Wait, cable management? Yeah, cable management. Being a content creator, streamer, and developer, I have lots of cables and cords to connect lots of devices, like this 4kHDMI capture card that I connect cameras and devices to capture their output. The same goes for audio equipment, USB devices, XLR cables, and on and on. While building my server rack in my basement, I found that having everything in one cabinet, like a server rack, makes wire management much easier, or at least easier to hide. So recently I picked up a smaller server rack to rack both my Mac and my upcoming Windows / Linux build in a Sliger water cooled case.

But there are many audio and video creative professionals who do rack their equipment and I am adapting it to fit my needs. Will it work? Let’s find out.

xMac Studio Rack Case

The xMac Studio rack mount case isn’t just a case to keep it safe, but a way to expand the capabilities of your Mac Studio.

xMac Studio xMac Studio rakcmount case by Sonnet

Features:

  • 3u rackmount
  • Rack mountable with rails (we’ll mount it later)
  • Rugged
  • Easy to access, front panel is removable
  • Power button
  • 4 USB-A 3.0 Hub
  • PCIe expansion Module
  • SSD Storage Space for up to 2 Thunderbolt or USB SSDs
    • Great for extra storage or even time Machine backups on the go
  • Front to back airflow so nothing is recirculated

Echo III PCIe Enclosure

The enclosure that comes with the xMac Studio / Echo III combo is actually a desktop enclosure that converts to a rack mount enclosure. It’s the same internals but without the outer case from the desktop module. This is a professional level enclosure for creative pros and can be connected to any device that has a Thunderbolt connection, but I opted for the rack mounted version without the desktop case. Let’s take a look at it.

Echo III PCIe Enclosure Echo III PCIe Enclosure

Features:

  • 3 PCIe Slots
  • One is 16x and the other 2 are 8x
  • These slots can be filled with any cards you can think of with the exception of video cards due to Apple’s limitation, but we’ll populate some here in a few, even a video card for fun
  • All 3 are PCIe 3
  • Power supply is a 400w power supply easily power everything connected
  • 75w auxiliary power connector for cards that require extra power
  • Automatically power on and off based on your Machine’s power
  • 2 Noctua fans that are temperature controlled and variable speed
  • Thunderbolt 3 (which is better than Thunderbolt for for this use case. See Sonnet’s video explaining the differences)

So what am I going to put in the slots? Well one of them for sure is the Sonnet M.2 8x4 silent Gen4 PCIe Card

M.2 8x4 Silent Gen4 PCIe Card (NVMe SSD)

This is the Sonnet M.2 8x4 Silent Gen4 PCIe Card and it’s a professional level card. That’s blazing fast! It’s a 16x card, and the bandwidth is available to all of the connected NVMe SSD which help facilitate maximum speeds. It works with Windows, Mac, or Linux computers that have an x16 slot and is compatible with a variety of m.2 NVMe Gen4 and Gen3 SSDs, but you’ll want Gen 4 if you’re going for speed.

Sonnet M.2 8x4 Silent Gen4 PCIe Card This card is blazing fast!

Here’s the cool thing about this card too, is that it doesn’t require a specific motherboard for raid or any other features, and it does not require PCIe bifurcation. PCIe bifurcation is just a fancy word that means taking something and dividing it into parts. If the card didn’t support this, we would only see one device or need a special motherboard, but because this card does support bifurcation the card presents multiple devices to the computer so we can see each individual drive. That makes this card very flexible. I did install 8 NVMe SSDs into this card, installed the thermal transfer pad to transfer the heat from the ssd drives to the cooler. This helps keep the drive cool and avoid any kind of thermal throttling.

Sonnet M.2 8x4 Silent Gen4 PCIe Card Loaded it up with 8 NVMe drives!

Features:

  • Eight M.2 NVMe SSD Slots on a PCIe 4.0 x16 Card
  • Works with Windows / Mac / Linux
  • Up to 64 GB
  • Silent, no fans
  • Though the case does have super quiet noctua fans
  • This Sonnet card doesn’t require a specific motherboard to operate or specific SSDs to support RAID features – no PCIe bifurcation required

This allows me to connect 8 NVMe SSDs via Thunderbolt port using Echo III PCIe expansion enclosure which pops right into the xMac Studio.

So let’s put all of this together, add some PCIe cards, and test various speeds and compatibility.

Testing PCIe cards on a Mac

First of all, it’s worth mentioning that this card is really intended for a high performance server or desktop that is connected to a PCIe 4.0 device and can take advantage of all 16 lanes of PCIe. This is not the case with my Mac Studio since it is limited by Thunderbolt and the enclosure only supports PCIe 3.0. This because Thunderbolt does not support PCIe 4.0. I know this all sounds complicated, because it is 😀.

When testing in this enclosure over Thunderbolt, here are the speeds I was able to achieve:

~2800 MB/s Read / Write.

Speed testing SSDs This speed test maxed out Thunderbolt speeds!

This is roughly 22 Gbs, which is no slouch, but that’s a far cry from the 40 Gbs that Thunderbolt supports?

This is actually the theoretical max of Thunderbolt, it reserves half for downstream devices like monitors so that card, enclosure, and even Thunderbolt is performing as it should. This isn’t a limitation of the card or the enclosure, it’s a limitation of Thunderbolt.

I will test this some more in my next rackmount project which is building my new Windows/Linux workstation in a Sliger case that’s water cooled.

As a side note, I tested many other cards which aren’t covered here but can be seen in the video!

More than a Rackmount for a Mac

Speed testing SSDs This speed test maxed out Thunderbolt speeds!

Overall, I am very happy with my Sonnet xMac Studio and Echo III module. If you’re looking to rack your Mac Studio, there are few mounting options, but xMac Studio offers the additional Thunderbolt expansion system that really takes this to the next level. The combination of these two give me the flexibility I need to use my Mac how I want to use it. Thunderbolt connectivity ensures that I can connect this to any system I want, a new, a Windows Machine, or Linux, and even if they are a laptop. Overall it’s a great system even if Thunderbolt has some limitations. Well, I learned a lot about Thunderbolt 3 and 4, the Mac Studio, the xMac Studio system and I hope you learned something too. And remember if you found anything in this post helpful, don’t forget share! Thanks for reading!

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/meet-file-browser/index.html b/posts/meet-file-browser/index.html new file mode 100644 index 0000000000..bbebca99e4 --- /dev/null +++ b/posts/meet-file-browser/index.html @@ -0,0 +1,43 @@ + Meet File Browser, a Small but Mighty Web File Browser | Techno Tim
Post

Meet File Browser, a Small but Mighty Web File Browser

Meet File Browser, an open source, self-hosted alternative to services like Dropbox and other web based file browsers.Today we’ll configure a containerized version of File Browser and have you up and going in just a few minutes.We’ll also walk through creating, editing, moving, copying, and even sharing files and folders so that you get a better understanding about what File Browser is all about.

📺 Watch Video

Docker Setup

See this post on how to install docker and docker-compose

Running the container

If you’re using Docker compose

1
+2
+3
+4
+5
+6
+
mkdir filebrowser
+cd filebrowser
+touch docker-compose.yml
+nano docker-compose.yml # copy the contents from below
+touch filebrowser.db
+docker-compose up -d --force-recreate
+

docker-compose.yml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+
---
+version: '3'
+services:
+  file-browser:
+    image: filebrowser/filebrowser
+    container_name: file-browser
+    user: 1000:1000
+    ports:
+      - 8081:80
+    volumes:
+      - /home/serveradmin/:/srv
+      - /home/serveradmin/filebrowser/filebrowser.db:/database.db
+    restart: unless-stopped
+    security_opt:
+      - no-new-privileges:true
+

If you’re using Rancher, Portainer, Open Media Vault, Unraid, or anything else with a GUI, just copy and paste the environment variables above into the form on the web page.

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/meet-harvester/index.html b/posts/meet-harvester/index.html new file mode 100644 index 0000000000..f0d7ff8d53 --- /dev/null +++ b/posts/meet-harvester/index.html @@ -0,0 +1 @@ + A Hypervisor Built on Kubernetes - Cloud Native HCI with Harvester | Techno Tim
Post

A Hypervisor Built on Kubernetes - Cloud Native HCI with Harvester

Rancher released a next generation open source HCI software hypervisor built on Kubernetes that helps you run virtual machines.With Harvester you can create Linux, Windows, or any virtual machine that can be easily scaled and cluster giving your high availability virtual machines with a few clicks.It also gives you a platform to automatically create HA RKE1, RKE2, and K3S Kubernetes clusters with etcd along with the virtual machines it runs on.Now you can run virtual machines and kubernetes on the edge on one machine.

📺 Watch Video

⬇️ Download Harvester

📖 Harvester Documentation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/metal-as-a-service-packer/index.html b/posts/metal-as-a-service-packer/index.html new file mode 100644 index 0000000000..b0de09529f --- /dev/null +++ b/posts/metal-as-a-service-packer/index.html @@ -0,0 +1,87 @@ + Deploying Machines with MaaS and Packer - Metal as a Service + Hashicorp Packer Tutorial | Techno Tim
Post

Deploying Machines with MaaS and Packer - Metal as a Service + Hashicorp Packer Tutorial

MaaS or Metal as a service from Canonical is a great way to provision bare metal machines as well as virtual machines.MaaS allows you to deploy Windows, Linux, ESXi, and many other operating systems to your systems helping you to build a bare metal cloud.You can even use Packer from Hashicorp to configure custom images too! We’ll cover all of this and more in this tutorial on how to install and configure MaaS from start to finish with Packer!

📺 Watch Video

New Customer Exclusive - $25 Off ALL Processors: https://micro.center/3si

Check out Micro Center’s Custom PC Builder: https://micro.center/wcx

Submit your build to Micro Center’s Build Showcase: https://micro.center/dcm

Visit Micro Center’s Community Page: https://micro.center/2vr

Installing MaaS

MaaS can be installed via apt or snap.I had some issues with the apt version so I used snap for this install.

snap install

Be sure snap is installed

1
+
sudo apt install snapd
+
1
+
sudo snap install --channel=3.2 maas
+

apt install

1
+2
+3
+
sudo apt-add-repository ppa:maas/3.2
+sudo apt update
+sudo apt install maas
+

Installing a Test Database

(skip this step if you already have postgres in your environment)

This should be used if you want to use MaaS test database

1
+
sudo snap install maas-test-db
+

testing the database

1
+
sudo maas-test-db.psql
+

then list databases you should see maasdb there

1
+
postgres=# \l
+

Initializing MaaS

If you are using the test database above, initialize MaaS

1
+2
+
sudo maas init region+rack --database-uri maas-test-db:///
+
+

If you already have postgres in your environment you can initialize MaaS using your existing postgres service.Be sure to create the database, user, and assign that user permissions before running the init command.

1
+
sudo maas init region+rack --database-uri "postgres://username:password@192.168.0.100/maas" # replace username /password / ip /db name
+

if you don’t wand to store your secrets in your terminal’s history, consider using ENV variables:

1
+
sudo maas init region+rack --database-uri "postgres://$MAAS_DBUSER:$MAAS_DBPASS@$HOSTNAME/$MAAS_DBNAME"
+

Create admin account

1
+
sudo maas createadmin
+

Here you can choose to import your LaunchPad or GitHub public key using gh:githubusername

Checking MaaS

1
+
sudo maas status
+

The output should like something similar to this:

1
+2
+3
+4
+5
+6
+7
+8
+9
+
bind9                            RUNNING   pid 1014, uptime 2 days, 10:52:40
+dhcpd                            STOPPED   Not started
+dhcpd6                           STOPPED   Not started
+http                             RUNNING   pid 1477, uptime 2 days, 10:52:23
+ntp                              RUNNING   pid 1143, uptime 2 days, 10:52:37
+proxy                            RUNNING   pid 1454, uptime 2 days, 10:52:25
+rackd                            RUNNING   pid 1017, uptime 2 days, 10:52:40
+regiond                          RUNNING   pid 1018, uptime 2 days, 10:52:40
+syslog                           RUNNING   pid 1144, uptime 2 days, 10:52:37
+

If you ever need to reinitialize MaaS

1
+
sudo maas init region
+

Configuring Packer Images

Install Packer

Get key ring

1
+
wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
+

Add keyring

1
+
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release --codename --short) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
+

add Hashicorp Repo

1
+
sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main" 
+

Install Packer

1
+2
+
sudo apt update
+sudo apt install packer
+

Update and install dependencies needed to build images

1
+2
+
sudo apt update
+sudo apt install qemu-utils qemu-system ovmf cloud-image-utils make curtain git
+

Building a custom image from canonical/packer-maas

Clone the canonical/packer-maas repo

1
+2
+
git clone https://github.com/canonical/packer-maas.git
+
+
1
+2
+3
+4
+
cd packer-maas
+cd ubuntu
+sudo packer init ubuntu-cloudimg.pkr.hcl
+sudo make custom-cloudimg.tar.gz
+

check and change permissions of archive (change root to your username)

1
+2
+
ls -l
+sudo chown root:root ./custom-cloudimg.tar.gz
+

Uploading Packer image to MaaS

echo your MaaS api key to your home directory

1
+
sudo maas apikey --username=massadmin > ~/api-key-file
+

You can check with with

1
+
cat ~/api-key-file
+

Authenticate to MaaS with your api key

1
+
maas login massadmin http://localhost:5240/MAAS/api/2.0/ $(head -1  ~/api-key-file)
+

Upload the custom image we made to MaaS

1
+
maas massadmin boot-resources create name='custom/cloudimg-tgz' title='Ubuntu Custom TGZ' architecture='amd64/generic' filetype='tgz' content@=custom-cloudimg.tar.gz
+

Chapters

00:00 - What is MaaS (Metal as a Service) from Canonical?

02:00 - Micro Center / $25 Off CPUs! (Sponsor)

03:00 - Installing MaaS

06:56 - Initial MaaS Configuration

09:41 - Importing your SSH Key

10:23 - Networking Configuration & Discovery

14:05 - PXE & Network Boot with DHCP

15:33 - Commissioning a Machine (Initial Discovery)

18:45 - Power Types & Wake on LAN (WOL)

20:50 - Commissioning a Machine Part 2 (For real this time)

24:00 - Deploying Ubuntu

26:15 - SSH in to machine

26:54 - Creating Custom Images with Hashicorp Packer

33:40 - Uploading a Custom Image to MaaS

38:05 - What do I think of MaaS from Canonical?

39:57 - Stream Highlight - “100 + 50 subs dropped 🫳🎤”

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/migrate-database-docker-kubernetes/index.html b/posts/migrate-database-docker-kubernetes/index.html new file mode 100644 index 0000000000..998da968dc --- /dev/null +++ b/posts/migrate-database-docker-kubernetes/index.html @@ -0,0 +1,31 @@ + Migrate Your Databases to Kubernetes and Docker | Techno Tim
Post

Migrate Your Databases to Kubernetes and Docker

Have you been putting off migrating your database to Docker and Kubernetes like I have? Well wait no longer.It’s simple using this step-by-step tutorial.Today, we’ll move a database that’s on a virtual machine to a container that’s running in kubernetes.Oh yeah, this will also work if it’s a bare metal server too, duh.🙂

📺 Watch Video

mysql_backup.sh

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+
#! /bin/bash
+
+BACKUP_DIR="/home"
+MYSQL_USER="root"
+MYSQL=/usr/bin/mysql
+MYSQL_PASSWORD="your my sql password"
+MYSQLDUMP=/usr/bin/mysqldump
+MYSQL_HOST="mysql"
+MYSQL_PORT="3306"
+
+databases=`$MYSQL --user=$MYSQL_USER --host $MYSQL_HOST --port $MYSQL_PORT -p$MYSQL_PASSWORD -e "SHOW DATABASES;" | grep -Ev "(Database|information_schema|performance_schema)"`
+
+for db in $databases; do
+  $MYSQLDUMP --host $MYSQL_HOST --port $MYSQL_PORT --force --opt --user=$MYSQL_USER -p$MYSQL_PASSWORD --databases $db | gzip > "$BACKUP_DIR/$db.gz"
+done
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/mini-rack-homelab-stack/index.html b/posts/mini-rack-homelab-stack/index.html new file mode 100644 index 0000000000..a71cd7f0f2 --- /dev/null +++ b/posts/mini-rack-homelab-stack/index.html @@ -0,0 +1 @@ + Mini Rack, HomeLab Stack | Techno Tim
Post

Mini Rack, HomeLab Stack

There’s building a MINI SERVER RACK and then there’s beating Raid Owl in the mini server rack build challenge. Let’s see if I can do both.

📺 Watch Video

Disclosures

  • This video no longer has sponsors
  • RackMate T1, Protectli VP1210, (1) Beelink EQ13 (other was purchased), Axe Effect, and PiKVM v4 plus/mini were sent for review.

Info

Check out Raid Owl’s build here: https://www.youtube.com/watch?v=wJUDhQ7s9HM

Hardware

📦 Mini Server Rack Parts List 📦

(Affiliate links may be included in this description. I may receive a small commission at no cost to you.)

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/mobile-homelab/index.html b/posts/mobile-homelab/index.html new file mode 100644 index 0000000000..32c11db604 --- /dev/null +++ b/posts/mobile-homelab/index.html @@ -0,0 +1 @@ + My Mobile HomeLab! (Travel Router with Proxmox, Docker, and OpenWRT) | Techno Tim
Post

My Mobile HomeLab! (Travel Router with Proxmox, Docker, and OpenWRT)

This has been months in the making, my new Mobile HomeLab! It’s a device that I can take with me to provide secure internet access for all of my devices. Not only can it provide secure access, but it can also let me bring apps and services with me when I travel. It’s built on Proxmox, OpenWRT, Pi-hole, and many other services. I’m taking this with me everywhere!

A huge thank you to Protectli for sending this device!

📺 Watch Video

Where to Buy

See the whole kit here! - https://kit.co/TechnoTim/mobile-homelab

(Affiliate links are included in this description. I may receive a small commission at no cost to you.)

My Mobile HomeLab

This is my mobile HomeLab, or is it my mobile home lab, or just mobile lab, or a travel router ++, or ultimate mobile HomeLab, anyway, It’s a computer that I bring with me that serves as a network firewall, an access point, and a platform to run apps, services, and virtual machines. I guess it’s a cross between Wendell’s forbidden router and Network Chuck’s travel router. It’s something that I am going to take with me every time I travel and will provide internet access whether that be from an existing network, or one I connect to over my carrier’s mobile data network.

My Mobile HomeLab A Mobile HomeLab device I can take with me that also provider network access!

This is something that I have wanted to create for quite some time because when traveling I bring with me a few pieces of technology to make my life a little easier and keep my nerd brain fed. Some of these are common like a laptop and a tablet, but others aren’t. You see, when I travel I like to take a router with me to keep all of my devices connected securely, rather than connecting all of my devices to say the Air BnB’s WiFi. Bringing my own router assures me that my laptop, tablet, phone, pi, even security camera are connected to my router and that no other devices can spy on me.

I’ve carried an old Cisco Linksys router with me every time I travel, and it provides a secure private network that only my devices can connect to. I can even take this a step further and use a VPN to connect all of my devices securely to my home network, where I get the same protection as I do when I am physically at home. This little router has worked great for quite some time, but I also started bringing a Raspberry Pi to provide a few more services on my local network. That’s around the time when I started thinking about how to combine all of the functionality into one package. Protectli reached out to me and said they wanted to give one of their devices a test run on my next trip and see if this combination of form factor and hardware would accomplish everything I needed out of my new “mobile homelab, forbidden travel router, plus plus, ultimate mobile homelab - thingie”?

Old Mobile HomeLab What I usually carry with me

The Hardware

This is a Protectli Vault VP2420 which, if you couldn’t tell by the huge heatsink on top, it’s fanless and silent. This model has an intel Celeron J6412, but it’s not like the Celerons of the past, this Celeron has 4 cores and 4 threads and has a base clock speed of 2 GHz and can burst to 2.6 GHz. What makes this CPU great is that it is super low power but yet still has features like AES-NI and VT-x and VT-d which makes it great for a hypervisor like VMWare or Proxmox. It also has QuickSync which can be used for video transcoding too. I opted for 32 GB of DDR-4 RAM , the most you can get on this device.

This model comes with (4) 2.5 Gb ethernet ports for lots of hard wired connectivity options. But even more interesting than the wired options, are the wireless options. You probably noticed all of the antennas sticking out, now one set is pretty obvious and that’s one for WiFi. It’s a Protectli WiFi module that supports 802.11 ac/a/b/g/n and fits into the m.2 slot. The other antennas are actually for a 4g LTE modem that works most carriers. It even has a slot on the outside of the case that you can insert your SIM card into without opening the device up.

As far as storage goes it has an internal 8GB eMMC module that I really won’t be using, and I opted for a 1 TB Samsung SSD. I would like to have another option for another drive, but I figure this was good enough for what I am going to use it for.

As far as IO goes we have an HDMI port, 2 USB 3.0 ports, a Display Port, USB C, and a micro USB port for console access. It’s powered by this little brick and has a barrel plug for power. This is quite a capable machine for something that’s smaller than a tablet. All in all, it’s a solid fanless, quiet, yet power build.

Protectli Vault VP2420 My Protectli Vault VP2420 with 2.5 Gb/s networking

The Build

So now that I have all of this put together (it came assembled) how was I going to build the ultimate mobile HomeLab?

My original thought was to just run pfsense or OPNsense on this machine and use it as a router however, FreeBSD, the operating system that these are built on do not have drivers for this wireless NIC. That shut that down really quick. Then I noticed that Protectli have documentation on their site on how to set up this device with OpenWRT. That’s when I remembered Network Chuck’s video and decided that if he got it working, I could too. Well, not really because he’s like a legit networking person and I am just a hack, but anyway I thought I would give it a shot.

OpenWRT on Proxmox I should have installed OpenWRT on Proxmox to begin with…

So I installed OpenWRT. The process was a little bit complicated but I had some help from Stuart from the Protectli team and they updated their docs with the challenges we worked through. After getting it running, I quickly realized that I should have just used a hypervisor and created it as an OpenWRT virtual machine. This would allow me to make changes and back them up as I go. It would also allow me to install other VMs and containers that I can use while on the go.

Proxmox

So that’s what I did, I installed Proxmox on this machine since it supports virtualization and hardware passthrough. At first, I wanted to create an LXC container for OpenWRT to use less resources, however, it does not support hardware passthrough like virtualization does for network cards so I created a simple virtual machine. I found this great guide on creating an OpenWRT VM on Proxmox!

The steps to create a VM were pretty straight forward and I followed each step on that checklist carefully.

Once I had the virtual machine configured, I then passed through the devices that I need to run a router along with an access point. I passed through a NIC for WAN access, the wireless adapter for the access point, a USB wireless NIC for additional WAN access, and the USB modem for, well, WAN access for LTE. I gave it 2GB of RAM and 2 CPU cores, and the disk of only 512 MB. This is how big the disk image is. Now this might not seem like much but this is much more than I will ever need, considering this router that also runs a version of OpenWRT only uses 32MB of RAM and 8 MB of disk space.

OpenWRT on Proxmox VMs OpenWRT running as a VM on Proxmox

OpenWRT

Once the machine was up and running, I made some changes to the NIC and then went to the OpenWRT admin interface. The interface is pretty basic although it does come with dark mode, so that’s a plus for me. They also support a few different themes however I decided to stick with the default bootstrap dark. I configured a few initial settings like NTP, my router’d name, and then headed over to the software section. Here I can install some additional packages. I installed a few optional packages like nano, zsh, usbutils, and openssh sftp server, and htop for better monitoring. After doing this, it was now time to configure the network.

NIC (LAN)

First I wanted to be sure I could connect to this device via LAN. This was as simple as just configuring the virtual machine to connect to the bridge on Proxmox. This means when I plug in a network adapter to a port dedicated as LAN, I can connect to anything running on the Proxmox bridge. This will be the local area network for all of my devices on this subnet. If you want, you can configure DHCP on this OpenWRT interface but I am going to do that later with Pi-hole or even pfSense later.

NIC (WAN)

The next NIC I wanted to configure was the WAN NIC. This will be the NIC that is passed through to this virtual machine and will give it internet access if you have physical access to the modem or another switch. It’s as simple as assigning this NIC to WAN, and turning on DHCP. Physically plugging an ethernet cable is my preferred method of connecting this router to an upstream network like an Air BnB modem or any other network you don’t trust.

network Diagram LAN After this step, the LAN and WAN should work by physically connecting

Wireless NIC (Access Point)

Now that I have LAN and WAN NICs configured, I can plug in my laptop and connect to this network. This works fine but really we want to broadcast our own wireless SSID so all of our devices can connect to it. This is where we’ll need to configure our Protectli wireless NIC. In order for this NIC to work, we’ll need to install the drivers and a few packages on OpenWRT to enable the wireless access point feature and we can do this within the software section. You’ll need to install a few packages and then overwrite a few files with ones from Protectli. They’ve found that some of the packages that are available on OpenWRT aren’t compatible so they’ve provided these files on their website along with instructions. Once that’s taken care of and we reboot we can now see this wireless section with our wireless NIC! Here we’ll want to configure the wireless network we want to broadcast for our clients to connect to. You’ll need to configure the SSID, security, and wireless mode.

Network Diagram WLAN Now you should have a fully working router with LAN, WAN, and an access point!

Pro tip, I found out that even though this is a dual band NIC, you cannot broadcast on both bands at the same time. So if you aren’t going to use 2.4 GHz you’re fine, you can set it to AC mode or N 5GHz, but if you are using any 2.4GHz devices you’ll need to set the mode to the lowest common denominator of 2.4 GHz. Another thing you can do is configure a second NIC to broadcast on 2.4 GHz, but we’ll talk about it a little bit later.

Once you apply this, you should be able to see your new SSID and connect to OpenWRT! And if you have the WAN port connected to an upstream network, you should be able to use this as your router! But the fun doesn’t stop, there, not even close.

USB Wireless NIC (Client / WAN / other)

At this point you should be able to connect to your router and use the internet from the WAN port, but what if you don’t have access to the WAN port? This is where a second wireless network device comes into play. Let me be clear, this was the most complicated part of this whole project. OpenWRT supports very few USB wireless adapters. I tested 8 USB wireless network adapters before I finally found one that worked with OpenWRT. I tested name brands, no name brands, USB 2, USB 3, ones with odd antennas, and ones without external antennas at all. It turns out that most wireless USB adapters use a Realtek chipset and this does not play well with OpenWRT. It was hard to find one without a Realtek chip, but it turns out this tiny little no-name one works great and that’s because it’s based on a Ralink chipset, one that’s very hard to find.

WLAN USB I tested 8 wireless USB NICs before finally finding one that works with OpenWRT

So you’ll need to install a few more packages for driver support. I chose to install mt7601u-firmware` for this wireless USB NIC. After that you should see another NIC in the wireless section. This time we’re going to configure it as a client that connects to an existing wireless network, that way you don’t have to physically connect to the WAN port, we’ll connect over wireless. We can do this by scanning and connecting to an existing wireless network, and after that you’ll then have a completely functional router that can connect a wireless network and share it with all of your clients!

I should mention that even though this works fine, this USB NIC only supports 2.4GHz / Wireless N. This is generally fast enough for the internet connection but just know that you are going to be limited by the speed of this NIC, which is around 150 Mb/s at most. Personally I would only use this option if you can’t physically connect your WAN port to your upstream router. As you can see, when I am connected to the WAN via this USB NIC, I can be a lot slower than when it is connected via ethernet cable.

Network Diagram WLAN USB Now you should be able to connect your router to an upstream WiFi connection using this NIC!

If you can physically connect to the WAN via ethernet, what I would do is disable this NIC or configure it to broadcast the same private network on 2.4Ghz this way you can set your primary NIC to use A/C/N 5 GHz. I had to do this to connect my Wyze cam since it only supports 2.4 GHz. Yes I take a Wyze cam with me when I travel so that I can keep an eye on the place when I leave and also keep an eye on my pups, Nano and Buddy,

Security Camera I bring a Wyze cam with me to keep an eye on the place!

Now that I have this all working, I can now fire up my router and connect any of my devices to it and use my own secure wireless network. (Use my phone and connect )

After running a speed test you can see I am getting anywhere from 180/200 Mbps which is pretty decent considering I have 500 up/down here at home. I’m sure I could squeeze out some more performance if I tweak some settings but this is great considering everything is running on stock settings.

LTE Modem

So, not that I have OpenWRT working with an upstream router, what happens if I don’t have an upstream router at all? This is where the LTE modem that I mentioned earlier comes into play. This is great for times when you don’t have an internet provider where you are staying or if you decide to go and live the #vanlife.

LTE Modem A tiny LTE modem inside!

Installing the software on OpenWRt was pretty straightforward, again you install a few packages (kmod-usb-net-rndi, wwan, comgt-ncm) and then reboot. But before I rebooted I inserted this cheap testing SIM into my device. After rebooting, you’ll then go to network interfaces and add the new interface which should be USB0. You’ll want to set this as WAN as the firewall zone and then save and apply. You can then access the modem’s web GUI on a private IP address of 172.16.0 from a device connected to the LAN port. You should then see your device connected to your cellular provider and !viola! this connection can be shared with anyone connected to this device! Oh yeah, I did update the firmware too because I love updating firmware 🤷

LTE Modem Diagram If you use an LTE modem, you can now connect all if your devices to LTE data from your carrier!

Pi-hole

Now that I had OpenWRT working as an access point, a firewall, and a router that can connect to an upstream router via ethernet, wireless, or LTE, it was now time to focus on the “homelab” part of this device. Since I installed Proxmox on the host, I can now install anthony I want on this machine. The first thing I decided to install was a Pi-hole to keep every connected device safe and free of ads and tracking.

Like all installations on Proxmox you have options of how you want to install things. I typically choose VMs but I wanted to keep this lean and mean, so I went with an LXC container. LXC containers are easy to manage and use less resources than a full VM. So I created an LXC container and set a hostname and password and uploaded my public ssh key. I chose the ubuntu template, then gave it 8 GB of disk space, 2 CPU cores, and 2 GB of RAM. For networking I connected it to the existing bridge, which is my LAN and gave it a static IP address.

Once the LXC container was created, I updated it and installed Pi-hole. After installing I updated all of my ad lists. I also added about 5 millions sites to my block list that you can see here.

Pi-hole Added Pi-hole to block all those ads and tracking on the go!

I did end up enabling DHCP on Pi-hole just to see what it was all about. I usually let my router do this but for this travel router I wanted to have more control over blocking. I ended up disabling DHCP on OpenWRT and enabling it on Pi-hole.

Portainer

Awesome, so now I have Pi-hole with network wide ad blocking running, so what’s next? Well, I know I want to have docker as a platform for running applications on this mobile HomeLab device and portainer is the best way to manage them. I chose to create another LXC container based on Ubuntu and gave it a 60 GB hard drive, 4 CPU cores, and 16 GB of ram. I spun up the container and let it grab an IP, and then I reserved that IP inside of Pi-hole. Once the container was up and running, I updated Ubuntu and installed Portainer. Once Portainer was running I then installed a Watchtower to keep all of my containers up to date. I typically use GitOps to handle this in my home production cluster, but I don’t want to worry about updating containers while traveling. Installing Watchtower was easy, just copy and paste the docker compose and I was good to go.

Portainer Installed Portainer to manage all of my Docker containers

Apps

So now that I have Portainer installed, we can install any container we like to and take it with us. For instance, we could install the super popular Plex or Jellyfin and take our media library with us. This would allow any connected device to stream movies from this device down to theirs, without an internet connection The nice thing about this Intel CPU is that it has QuickSync so you can hardware transcode videos if you need to, making sure that streaming is smooth on any resolution. I bet you’re wondering about disk space? Well, if you really wanted to take more than 1 TB of media with you, you could simply connect and attach a USB hard drive with your media to this machine and mount the drive to your Plex or Jellyfin machine.

Plex Doing some local Plex transcoding while on the go!

Also, it does stop there, we can now install any docker container or LXC container we like, or even a full blown Virtual Machine since we’re running Proxmox! If we really wanted to, we could now install pfsense or OPNSense as a virtual machine and use that as our router and disable all the routing features on OpenWRT, and only use that as an access point. Once you have pFSense or OPNSense running, you can then create a VPN connection back home to get the same protection you have at home. The possibilities are really endless. Want to install other containers, like LANcache, Netcloud, or even a local Minecraft server, no problem.

VPN Diagram You can even go as far as creating a VPN tunnel back home!

And that’s the nice thing about a general purpose machine like this, you have unlimited possibilities. And using the Intel Celeron platform you get powerful hardware, at a fraction of the power consumption so you get the best of both worlds. A WiFi router and access point that connects all of your devices, internet or not, and lots of services that you can use while you are on the go. I’ll be using this device full time when I travel so I will be sure to report back any modifications I make to this new “mobile homelab, forbidden travel router, plus plus, ultimate mobile homelab - thingie”

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/multi-arch-k3s-rpi/index.html b/posts/multi-arch-k3s-rpi/index.html new file mode 100644 index 0000000000..8e9d0cdb1d --- /dev/null +++ b/posts/multi-arch-k3s-rpi/index.html @@ -0,0 +1,39 @@ + Multi-CPU Architecture Kubernetes Cluster with a Raspberry Pi | Techno Tim
Post

Multi-CPU Architecture Kubernetes Cluster with a Raspberry Pi

Building a Multi-architecture CPU Kubernetes cluster is easier than you think with k3s.In this video we’ll build a Raspberry Pi 4 with an ARM CPU and add it to our existing x86 x64 amd64 CPU Kubernetes cluster.Our foundation will be Ubuntu for ARM, then we’ll add k3s, and then join it to our cluster.We’ll also discuss how this works with Docker images built for specific CPU types.We’ll also talk about some build configurations and requirements for your Pi.

Happy Pi Day!

📺 Watch Video

1
+
k3s --version
+

get k3s token from a server

1
+
sudo cat /var/lib/rancher/k3s/server/node-token
+

set k3s version (the value you got from k3s --version)

1
+
 export INSTALL_K3S_VERSION=v1.20.5+k3s1
+

install k3s as an agent using your token from above

1
+
curl -sfL https://get.k3s.io | K3S_URL=https://example.local.com:6443 K3S_TOKEN=hksadhahdklahkadjhasjdhasdhasjk::server:asljkdklasjdaskdljaskjdlasj sh -
+

check all k3s nodes from your workstation

1
+
kubectl get nodes
+

get all pods running on a specific node (elio)

1
+
kubectl get pods --all-namespaces -o wide --field-selector spec.nodeName=elio
+

set a label on a node (elio)

1
+
kubectl label nodes elio cputype=arm
+

describe a node (elio)

1
+
kubectl describe node elio
+

Example pod spec

nginx-pod.yml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+
apiVersion: v1
+kind: Pod
+metadata:
+  name: nginx
+spec:
+  containers:
+  - name: nginx
+    image: nginx
+    imagePullPolicy: IfNotPresent
+  nodeSelector:
+    cputype: arm64
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/my-homelab-regrets/index.html b/posts/my-homelab-regrets/index.html new file mode 100644 index 0000000000..17aa4932fe --- /dev/null +++ b/posts/my-homelab-regrets/index.html @@ -0,0 +1 @@ + My HomeLab Regrets... | Techno Tim
Post

My HomeLab Regrets...

If I could start my HomeLab all over, what would I choose? Would I choose the same servers, rack, networking, gateway, switch, firewall, my pc conversion, and even my disk shelf NAS? Did I make a good choice or a bad one? Join me as we give each piece of my HomeLab a Keep or Upgrade rating.

📺 Watch Video

A HUGE thanks to Micro Center for sponsoring this video!

New Customer Exclusive, Receive a FREE 256GB SSD in Store: https://micro.center/cff7ca

Check Out Micro Center’s PC Builder: https://micro.center/81b822

Visit the Micro Center Community: https://micro.center/b33782

Find all of my server gear here! https://kit.co/TechnoTim/techno-tim-homelab-and-server-room-upgrade-2021

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/netbootxyz-tutorial/index.html b/posts/netbootxyz-tutorial/index.html new file mode 100644 index 0000000000..39afdf4895 --- /dev/null +++ b/posts/netbootxyz-tutorial/index.html @@ -0,0 +1,235 @@ + Meet netboot xyz - Network Boot Any Operating System | Techno Tim
Post

Meet netboot xyz - Network Boot Any Operating System

Imagine all of your favorite operating systems in one place, available anywhere on your network, and you’ll never need to use your flash drive again. That’s the promise of netboot.xyz, a network boot service that lets you install or boot to any operating system simply by booting to the network.

📺 Watch Video

Disclosures:

  • Nothing in this video was sponsored

Don’t forget to ⭐ netboot.xyz on GitHub!

Requirements

  • docker (and compose)
  • docker machine has a static IP
  • dhcp server & access to settings (or install your own)

Docker Setup

See this post on how to install docker and docker compose

Install

create folders netboot_xyz, netboot_xyz/assets, netboot_xyz/config

1
+2
+3
+4
+
mkdir netboot_xyz
+cd netboot_xyz
+mkdir assets
+mkdir config
+

Copy yaml to server or portainer, etc

Container Images

linuxserver.io container image

Parameter Docs

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+
---
+version: "2.1"
+services:
+  netbootxyz:
+    image: lscr.io/linuxserver/netbootxyz:latest
+    container_name: netbootxyz
+    environment:
+      - PUID=1000 #current user
+      - PGID=1000 #current group
+      - TZ=Etc/UTC
+      # - MENU_VERSION=1.9.9 #optional, sets menus version, unset uses latest
+      - PORT_RANGE=30000:30010 #optional
+      - SUBFOLDER=/ #optional
+    volumes:
+      - ./config:/config
+      - ./assets:/assets #optional
+    ports:
+      - 3000:3000
+      - 69:69/udp
+      - 8080:80 #optional
+    restart: unless-stopped
+

Official container image

Parameter Docs

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+
---
+version: "2.1"
+services:
+  netbootxyz:
+    image: ghcr.io/netbootxyz/netbootxyz
+    container_name: netbootxyz
+    environment:
+      # - MENU_VERSION=2.0.47 # optional, sets menus version, unset uses latest
+    volumes:
+      - ./config:/config # optional
+      - ./assets:/assets # optional
+    ports:
+      - 3000:3000
+      - 69:69/udp
+      - 8080:80 #optional
+    restart: unless-stopped
+

Running

bring up stack

1
+
docker compose up -d
+

check to be sure it’s running

1
+2
+3
+
➜  netboot_xyz docker ps
+CONTAINER ID   IMAGE                                   COMMAND         CREATED          STATUS                  PORTS                                                                                                                 NAMES
+83e6c5192156   lscr.io/linuxserver/netbootxyz:latest   "/init"         14 seconds ago   Up 12 seconds           0.0.0.0:69->69/udp, :::69->69/udp, 0.0.0.0:3000->3000/tcp, :::3000->3000/tcp, 0.0.0.0:8080->80/tcp, :::8080->80/tcp   netbootxyz
+

should see something like:

Check the logs

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+
➜  netboot_xyz docker logs netbootxyz
+[migrations] started
+[migrations] no migrations found
+───────────────────────────────────────
+
+      ██╗     ███████╗██╗ ██████╗
+      ██║     ██╔════╝██║██╔═══██╗
+      ██║     ███████╗██║██║   ██║
+      ██║     ╚════██║██║██║   ██║
+      ███████╗███████║██║╚██████╔╝
+      ╚══════╝╚══════╝╚═╝ ╚═════╝
+
+   Brought to you by linuxserver.io
+───────────────────────────────────────
+
+To support the app dev(s) visit:
+netboot.xyz: https://opencollective.com/netbootxyz/donate
+
+To support LSIO projects visit:
+https://www.linuxserver.io/donate/
+
+───────────────────────────────────────
+GID/UID
+───────────────────────────────────────
+
+User UID:    1000
+User GID:    1000
+───────────────────────────────────────
+
+[netbootxyz-init] Downloading Netboot.xyz at 2.0.73
+[custom-init] No custom files found, skipping...
+crontab: can't open 'abc': No such file or directory
+listening on *:3000
+[ls.io-init] done.
+4Lg88gNm_wqDORftAAAB connected time=1699460581160
+
+

Configuring

You can now browse to the container’s homepage

http://192.168.10:3000/

You should see a list of pxe boot menu items and the option to cache the pre boot environment locally

Local Mirror

If you want to serve the files from a local mirror, you can edit the boot.cfg file from the boot menus

change:

set live_endpoint https://github.com/netbootxyz

to:

set live_endpoint http://192.168.10.125:8080

Keep in mind that you will not be able to boot from any environments you haven’t downloaded.

DHCP Configuration

Since I cannot cover configuring every DHCP service out there, I will cover the basics. Fortunately linuxserver.io has many routers covered as well as the official netboot.xyz docs.

UniFi UDM Pro / SE

Settings > Network > Choose Network > DHCP Service Management > Show Options

Here you’ll want to check “Network Boot” and fill in the server IP and the file name

For me, it’s:

Server IP: 192.168.10.125 Filename: netboot.xyz.kpxe (this is the default BIOS option)

Save.

Preferably we would like to offer a PXE boot per architecture, and UDM supports it however not in the UI. Follow these instructions to do it via CLI

If you’re up to it, here’s my config:

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+
#
+# Generated automatically by 
+#
+
+# Configuration of PXE boot for '
+
+
+# The boot filename, Server name, Server Ip Address
+dhcp-boot=netboot.xyz.kpxe,netboot.xyz,192.168.10.125
+
+# inspect the vendor class string and match the text to set the tag
+dhcp-vendorclass=BIOS,PXEClient:Arch:00000
+dhcp-vendorclass=UEFI32,PXEClient:Arch:00006
+dhcp-vendorclass=UEFI,PXEClient:Arch:00007
+dhcp-vendorclass=UEFI64,PXEClient:Arch:00009
+
+# Set the boot file name based on the matching tag from the vendor class (above)
+dhcp-boot=net:UEFI32,netboot.xyz.efi,netboot.xyz,192.168.10.125
+dhcp-boot=net:BIOS,netboot.xyz.kpxe,netboot.xyz,192.168.10.125
+dhcp-boot=net:UEFI64,netboot.xyz.efi,netboot.xyz,192.168.10.125
+dhcp-boot=net:UEFI,netboot.xyz.efi,netboot.xyz,192.168.10.125
+

Verify

1
+
cat /run/dnsmasq.conf.d/PXE.conf
+

Copy file to /run/dnsmasq.conf.d/PXE.conf on UDM

run

1
+
kill `cat /run/dnsmasq.pid`
+

You’ll have to do this on each reboot

If you don’t want to do this, you’ll have to change the image file each time.

Booting to network

To boot to the network you’ll need a BIOS and NIC that supports it

  • enable in BIOS
    • enable EFI PXE Boot
    • enable Legacy (BIOS) PXE Boot
  • Figure out boot override or network boot key
  • Power on and boot to network (BIOS of EFI)

See the boot menu, choose OS and go!

Word of caution, there might be some that do not work. This is a moving target. e.g. Ubuntu 23.10 isn’t working for me now, but could soon. Other OS are fine. You may need to try different NICs if you are using virtualization

What about Windows?

Requirements

  • Windows 10/11 machine
  • Windows ISO
  • Windows ADK for Windows 10/11
  • Windows PE add-on for the Windows ADK

Windows 11 ADK downloads here

Install Windows ADK for Windows 10/11.

Install Windows PE add-on for the Windows ADK.

Run Deployment and Imaging Tools Environment as administrator from the start menu.

Navigate to folder

1
+
cd "..\Windows Preinstallation Environment\amd64"
+

Mount the Windows PE boot image.

1
+2
+
md C:\WinPE_amd64\mount
+Dism /Mount-Image /ImageFile:"en-us\winpe.wim" /index:1 /MountDir:"C:\WinPE_amd64\mount"
+

Copy files

1
+2
+
Xcopy "C:\WinPE_amd64\mount\Windows\Boot\EFI\bootmgr.efi" "Media\bootmgr.efi" /Y
+Xcopy "C:\WinPE_amd64\mount\Windows\Boot\EFI\bootmgfw.efi" "Media\EFI\Boot\bootx64.efi" /Y
+

Unmount the WinPE image, committing changes.

1
+
Dism /Unmount-Image /MountDir:"C:\WinPE_amd64\mount" /commit
+

Delete the temp folder that was created earlier (so we don’t get an error when copying)

1
+
rmdir /s C:\WinPE_amd64
+

Create working files

1
+
copype amd64 C:\WinPE_amd64
+

Create a bootable WinPE ISO

1
+
MakeWinPEMedia /ISO C:\WinPE_amd64 C:\WinPE_amd64\WinPE_amd64.iso
+

Then copy the contents of WinPE_amd64.iso to netboot.xyz container’s /assets/WinPE/x64/ folder (need to create folders first)

Then you’ll want to create an SMB share named Windows in your environment. You can create or download a Windows ISO by visiting Microsoft’s site

Once you have created your Windows ISO, you can then extract the files to the root of the Windows share you just created above.

Now we need to configure netboot.xyz

In netboot.xyz UI, update boot.cfg to set win_base_url http://192.168.10.125:8080/WinPE and save.

Now you can PXE boot to the network (be sure you are using the EFI boot image and your device supports UEFI) and then choose Windows from the netboot.xyz menu.

This should boot to a DOS prompt in the Windows Pre-boot Environment

Type

1
+
wpeinit
+

then type

1
+
net use F: \\<server-ip-address>\<share-name> /user:<server-ip-address>\<username-if-needed> <password-if-needed>
+

If you want it to prompt for a username and password, remove the user argument

1
+
net use F: \\<server-ip-address>\<share-name>
+

This will map the F: drive to your Windows share that the Windows ISO extracted

then type

1
+
F:\setup.exe
+

Then hit enter and Windows installer should launch!

I’d love to also automate the mounting of the share however I haven’t found a clean way to do it yet. If you know, let me know in the comments below and I can add it!

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/new-ups-rack/index.html b/posts/new-ups-rack/index.html new file mode 100644 index 0000000000..8f22a0de2c --- /dev/null +++ b/posts/new-ups-rack/index.html @@ -0,0 +1 @@ + I'll never run out of power! - Eaton and Tripp Lite UPS | Techno Tim
Post

I'll never run out of power! - Eaton and Tripp Lite UPS

Today I look at 2 (or 3 depending on how you count them) UPS systems from Tripp Lite and Eaton.These UPS devices couldn’t be any different but they are awesome nonetheless.Each has it’s own unique capabilities and features.Which on will you choose when looking for your next UPS? Join me as we walk through and review these type UPS systems and rack them in my new rack!

📺 Watch Video

Huge THANK YOU to Eaton / Tripp Lite for sending these UPS systems.If you’re looking for a new UPS for home or work, you should totally check them out!

Tripp Lite

https://tripplite.eaton.com

Eaton

https://www.eaton.com/us/en-us/products/backup-power-ups-surge-it-power-distribution/backup-power-ups.html

Check out a variety of UPS Systems

Tripp Lite

Eaton

NUT Server Install script

Be sure to check out (and star) David’s repo with an automated NUT server install!

https://github.com/dzomaya/NUTandRpi

Chapters

00:00 - What should I protect with my UPS?

02:16 - Tripp Lite SmartPro UPS Review and Specs

03:24 - Tripp Lite 36v Battery Pack Review and Specs

04:29 - Tripp Lite SmartPro UPS Configuration

05:23 - Eaton 5P 1550 UPS Review and Specs

07:43 - Eaton 5P 1550 UPS Configuration

08:47 - Rack mounting the UPSes

10:53 - My Thoughts and Monitoring and Alerting Solutions

13:01 - Stream Highlight - “Testing in Production”

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/nextcloud-setup/index.html b/posts/nextcloud-setup/index.html new file mode 100644 index 0000000000..1a91f48b6a --- /dev/null +++ b/posts/nextcloud-setup/index.html @@ -0,0 +1 @@ + I think I found a Dropbox replacement with Nextcloud... | Techno Tim
Post

I think I found a Dropbox replacement with Nextcloud...

Are you thinking about ditching Google apps or looking for a Dropbox replacement? Are you ready to self host your own productivity platform? Well, Nextcloud may be for you! In today’s tutorial we’ll walk though setting up Nextcloud with Docker and Kubernetes.We’ll also walk through some of the new features, installing apps from the app store, exposing this Nextcloud publicly, as well as setting up 2FA (2 factor authentication) with TOTP clients like Google Authenticator and Authy.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/no-more-microsd/index.html b/posts/no-more-microsd/index.html new file mode 100644 index 0000000000..9c83b395d0 --- /dev/null +++ b/posts/no-more-microsd/index.html @@ -0,0 +1 @@ + Replacing the microSD with something MUCH FASTER! | Techno Tim
Post

Replacing the microSD with something MUCH FASTER!

Today I got rid of the slow and pesky microSD card in my Pi and replaced it with something MUCH faster in my Pi LED Panel. Don’t know what my Pi LED Panel is? Check it out! This is my first video on the new channel @TechnoTimTinkers 🎉

📺 Watch Video

Disclosures:

  • nothing in this video was sponsored

Parts

Things mentioned in the video (some are affiliate links) :

(Affiliate links may be included in this description. I may receive a small commission at no cost to you.)

Notes

This project was built using rpi-rgb-led-matrix

After getting the new power supply I noticed a few odd things

  • When powered via hat only with the new 5v/10a AC to DC power supply, the USB drive wasn’t recognized
  • When powering via USB-C 5v/5a the LED panel was too dim to display some colors so it looked distorted

I read the Pi hat documentation over and over, and no where did it mention that anything else was needed other than a large power supply. I thought for sure it was now a hardware issue and was in over my head. I dropped a message in a Discord that both Jeff Geerling and I are in and he mentioned checking out this post

In that post it suggests to add max_usb_current=1 to your config.txt.

I tested it and sure enough the Pi can now power the LED panel, the Pi, and the USB drive all from a single power supply connected to the hat. 🎉

Thanks Jeff!

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/nut-server-script/index.html b/posts/nut-server-script/index.html new file mode 100644 index 0000000000..bf5b096c4b --- /dev/null +++ b/posts/nut-server-script/index.html @@ -0,0 +1,9 @@ + Automated NUT Server Install | Techno Tim
Post

Automated NUT Server Install

Here’s a quick way to automate your battery backups and UPSes with and open source service called NUT server and a raspberry Pi.

📺 Watch Video

NUT Server Install script

Be sure to check out (and star) the repo with an automated NUT server install!

https://github.com/dzomaya/NUTandRpi

Instructions

Be sure you have a raspberry pi or any machine running Debian / Ubuntu Linux.Then plug in your UPS via USB and then SSH into your Pi.

Then download th script.

1
+
wget https://raw.githubusercontent.com/dzomaya/NUTandRpi/main/scripts/nutinstall.sh
+

Make the script executable.

1
+
sudo chmod +x nutinstall.sh
+

Run the script.

1
+
sudo ./nutinstall.sh
+

Answer a few questions.

Be sure to keep your SNMP community string safe and treat this like a password.

You can now access NUT in a browser by going to:

http://yourRasberryPiIPaddress/cgi-bin/nut/upsstats.cgi

You can also query your device using SNMP

1
+
snmpwalk -v2c -c yourSNMPv2cCommunity yourRasberryPiIPaddress .1.3.6.1.4.1.8072.1.3.2.4.1.2
+

Advanced

To see advanced configuration and configuring NUT Server and NUT client, see my Network UPS Tools (NUT) Ultimate Guide.

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/obs-best-settings/index.html b/posts/obs-best-settings/index.html new file mode 100644 index 0000000000..4f27a3af9b --- /dev/null +++ b/posts/obs-best-settings/index.html @@ -0,0 +1 @@ + BEST OBS Streaming Settings 2021! 🔴 (Quality, Frame Rate, Bit Rate, Audio, 1080p 60/FPS & MORE!) | Techno Tim
Post

BEST OBS Streaming Settings 2021! 🔴 (Quality, Frame Rate, Bit Rate, Audio, 1080p 60/FPS & MORE!)

Do you want the best settings for OBS in 2020? This is the ultimate OBS settings guide with the BEST OBS settings for streaming Fortnite, Just Chatting APEX Legends, PUBG, or really ANY game.This video includes the best settings for quality, frame rate, bit rate, and audio for streaming at 60 frames per second (FPS) at 1080p (max settings for streamers).This guide works with OBS Studio, Streamlabs OBS (SLOBS), and OBS.LIVE (from StreamElements).I also include various Windows settings and tweaks to give you the best performance while streaming.I even cover the new NVENC settings (NVIDIA NVENC H.264 (new) ) for NVidia graphics cards with Turing Architecture. This is a great guide for anyone who wants to tweak their existing settings or have just installed it for the first time with the default settings.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/office-upgrade/index.html b/posts/office-upgrade/index.html new file mode 100644 index 0000000000..7b6eec8931 --- /dev/null +++ b/posts/office-upgrade/index.html @@ -0,0 +1 @@ + Convert ANY Desk to a STANDING Desk: Home Office Upgrade | Techno Tim
Post

Convert ANY Desk to a STANDING Desk: Home Office Upgrade

I decided to tear apart our office and convert my old Ikea hack table tops into a standing desk.Oh, and I also clamped on 3 - 27” 1440p gaming monitors while I was at it 😉

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/open-source-linktree-alt/index.html b/posts/open-source-linktree-alt/index.html new file mode 100644 index 0000000000..bbf3981310 --- /dev/null +++ b/posts/open-source-linktree-alt/index.html @@ -0,0 +1,155 @@ + Self-Hosted, DIY, Open Source Alternative to Linktree | Techno Tim
Post

Self-Hosted, DIY, Open Source Alternative to Linktree

Meet LittleLink & LittleLink-Server - a DIY, self hosted, and open source alternative to the popular service Linktree.This web site inside of a container allows you to create and host your own web site with all of your social information and links, giving your followers multiple ways to connect with you! In this video we talk about what LittleLink-Server is, what it does, and how to create your own site using this Docker container with only a few environment variables, no knowledge of web development required.Be sure to check the documentation for details!

📺 Watch Video

Docker Setup

See this post on how to install docker and docker-compose

Running the container

1
+2
+3
+
mkdir littlelink-server
+cd littlelink-server
+touch docker-compose.yml
+

If you’re using Docker compose (see the GitHub repo for the latest file)

docker-compose.yml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+
---
+version: '3'
+services:
+  little-link:
+    image: ghcr.io/techno-tim/littlelink-server:latest
+    container_name: littlelink-server
+    environment:
+      - META_TITLE=Techno Tim
+      - META_DESCRIPTION=Techno Tim Link page
+      - META_AUTHOR=Techno Tim
+      - THEME=Dark
+      - FAVICON_URL=https://pbs.twimg.com/profile_images/1286144221217316864/qIAsKOpB_200x200.jpg
+      - AVATAR_URL=https://pbs.twimg.com/profile_images/1286144221217316864/qIAsKOpB_200x200.jpg
+      - AVATAR_2X_URL=https://pbs.twimg.com/profile_images/1286144221217316864/qIAsKOpB_400x400.jpg
+      - AVATAR_ALT=Techno Tim Profile Pic
+      - NAME=TechnoTim
+      - BIO=Hey! Just a place where you can connect with me!
+      - GITHUB=https://l.technotim.live/github
+      - TWITTER=https://l.technotim.live/twitter
+      - INSTAGRAM=https://l.technotim.live/instagram
+      - YOUTUBE=https://l.technotim.live/subscribe
+      - TWITCH=https://l.technotim.live/twitch/
+      - DISCORD=https://l.technotim.live/discord
+      - TIKTOK=https://l.technotim.live/tiktok
+      - KIT=https://l.technotim.live/gear
+      # - FACEBOOK=https://facebook.com
+      # - FACEBOOK_MESSENGER=https://facebook.com
+      # - LINKED_IN=https://linkedin.com
+      # - PRODUCT_HUNT=https://www.producthunt.com/
+      # - SNAPCHAT=https://www.snapchat.com/
+      # - SPOTIFY=https://www.spotify.com/
+      # - REDDIT=https://www.reddit.com/
+      # - MEDIUM=https://medium.com
+      # - PINTEREST=https://www.pinterest.com/
+      # - EMAIL=you@example.com
+      # - EMAIL_ALT=you@example.com
+      # - SOUND_CLOUD=https://souncloud.com
+      # - FIGMA=https://figma.com
+      # - TELEGRAM=https://telegram.org/
+      # - TUMBLR=https://www.tumblr.com/
+      # - STEAM=https://steamcommunity.com/
+      # - VIMEO=https://vimeo.com/
+      # - WORDPRESS=https://wordpress.com/
+      # - GOODREADS=https://www.goodreads.com/
+      # - SKOOB=https://www.skoob.com.br/
+      - FOOTER=Thanks for stopping by!
+    ports:
+      - 8080:3000
+    restart: unless-stopped
+    security_opt:
+      - no-new-privileges:true
+

If you’re running docker only

Docker command

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+
docker run -d \
+  --name=littlelink-server \
+  -p 8080:3000 \
+  -e META_TITLE='Techno Tim' \
+  -e META_DESCRIPTION='Techno Tim Link page' \
+  -e META_AUTHOR='Techno Tim' \
+  -e THEME='Dark' \
+  -e FAVICON_URL='https://pbs.twimg.com/profile_images/1286144221217316864/qIAsKOpB_200x200.jpg' \
+  -e AVATAR_URL='https://pbs.twimg.com/profile_images/1286144221217316864/qIAsKOpB_200x200.jpg' \
+  -e AVATAR_2X_URL='https://pbs.twimg.com/profile_images/1286144221217316864/qIAsKOpB_400x400.jpg' \
+  -e AVATAR_ALT='Techno Tim Profile Pic' \
+  -e NAME='TechnoTim' \
+  -e BIO='Hey! Just a place where you can connect with me!' \
+  -e GITHUB='https://l.technotim.live/github' \
+  -e TWITTER='https://l.technotim.live/twitter' \
+  -e INSTAGRAM='https://l.technotim.live/instagram' \
+  -e YOUTUBE='https://l.technotim.live/subscribe' \
+  -e TWITCH='https://l.technotim.live/twitch' \
+  -e DISCORD='https://l.technotim.live/discord' \
+  -e TIKTOK='https://l.technotim.live/tiktok' \
+  -e KIT='https://l.technotim.live/gear' \
+  --restart unless-stopped \
+  ghcr.io/techno-tim/littlelink-server:latest
+

If you’re using Rancher, Portainer, Open Media Vault, Unraid, or anything else with a GUI, just copy and paste the environment variables above into the form on the web page.

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/ota-tv-with-plex/index.html b/posts/ota-tv-with-plex/index.html new file mode 100644 index 0000000000..526df6b423 --- /dev/null +++ b/posts/ota-tv-with-plex/index.html @@ -0,0 +1 @@ + Turn Plex into a Powerful DVR | Techno Tim
Post

Turn Plex into a Powerful DVR

Cut the cord and get free over the air TV with Plex! Today we’ll dive deep into selecting a TV tuner, an antenna, dialing in your TV signal, and configuring Plex to help you get the most out of Live TV and DVR!

A huge THANK YOU to Plex for sponsoring this video during Plex Pro Week!

Get started with Plex today! https://www.plex.tv/

📺 Watch Video

Turn Plex into a Powerful DVR

There’s this great free resource out there that many people aren’t taking advantage of. It’s something that most homes can access absolutely free and that’s over the air TV. Now I know what you’re thinking, what year is this?? I know, it sounds odd talking about over the air TV in this day and age but I found a way to modernize it and make it more accessible with a little bit of hardware and a little bit of software from Plex.

I have been using Plex for almost 10 years and one of the features that isn’t talked about that much and is one of my favorites is Live TV & DVR. I’m not talking about the free TV channels that Plex offers, although I will be talking about that a little bit later, I am talking about over the air channels like ABC, NBC, PBS, and many others to watch Sports, Local News, and more. And with ATSC 3.0 or NextGen TV rolling out in some areas, you can be sure that you’re getting the clearest broadcast possible with up to 4k resolution and uncompressed when over the air vs. 1080p and compressed from most providers. You’ll need a few simple things that I will cover in this video so you can start watching and recording Live TV today. So, full disclosure Plex is the sponsor of the original video and I want to thank them for asking me to share my deep dive on Live TV & DVR with Plex.

Plex as DVR Plex can be a powerful DVR to record or watch your favorite TV shows

Plex TV & DVR

With a TV Tuner, an antenna, and a Plex Pass you can turn your media server into a powerful DVR to record your favorite shows or watch them live, even on the go. You can record any show in your area, whether that be sports, local news, or your favorite TV series and watch it from any device. Plex has apps for mobile devices, SmartTVs, gaming consoles, Apple TV, on the web and more. It’s hard to find a device that doesn’t have Plex.

Watching Live TV is as simple as launching the app and picking a channel. This will stream the channel from your Plex Media Server to your device. After the Live TV stream starts, you can pause or even rewind Live TV. But if you start watching something that’s currently being recorded, you have the option to watch from the beginning or watch live. If you choose to watch from the start you can skip through commercials and get caught up to the live broadcast. This is a little life hack I use to watch something that’s live without the commercials. For something you’ve already recorded, there’s also this awesome feature that will allow you to skip commercials or remove them altogether. This is a great time saver and we’ll get this set up today too a little bit later.

One of the best parts of Plex Live TV is you get the best EPG out there. EPG stands for electronic programming guide and it lists all shows for all channels along with some additional data like episode information and more. It’s how I know that Jeopardy! is on NBC at 4:30 local time, or that the episode of Nature is a rerun. It’s also what helps populate their powerful search in the Live TV section. I can’t stress enough how important it is to have a solid EPG when using a DVR, without accurate data you could schedule the wrong show to record or miss your show altogether. The EPG is even interactive on some clients, giving you a picture-in-picture guide while you browse the guide looking for the next thing to watch. And if you only watch a handful of local channels you can add channels to your favorites so you can quickly access them. Plex Live TV lets you prioritize your recordings so that I don’t get in trouble recording a rerun of Nature instead of the latest episode of The Bachelor. We’ll talk more about the EPG, recording priority, how not to miss your favorite shows when scheduling recordings a little bit later.

Plex EPG Plex’s EPG is the best Electronic Programming Guide out there!

Setting Up Live TV & DVR

So, what do we need in order to have our very own DVR? I know all of this sounds complicated but it’s much easier than you think. You’ll need a couple of things, all of which I use in my own home and have been recording TV for years, so you can be sure that this setup will also work for you.

TV Tuners

First, you’re going to need a Plex server and a Plex pass. Next you’ll need a TV Tuner and an antenna. I’ve used a lot of TV Tuners in the past but the best tuner by far is one from SiliconDust, it’s the HDHomeRun Flex 4k. This nice little device sits on your network and converts a TV signal into a video stream so that your Plex Media Server can consume it and even change the channels when requested. This one in particular has 4 tuners inside that allows you to watch or record up to 4 channels at once. This one also supports the new ATSC 3.0 NextGen TV that we talked about earlier - so it’s future proof!

HD Homerun TV Tuner Silicon Dust’s HDHomerun TV Tuner will get you up and running in no time!

Antennas

Another important thing you’ll want to have is an antenna that connects to our tuner. Antennas come in all shapes and sizes and depending on where you live, you might be able to get by with a small indoor antenna. If you’re in the US, there’s a great site to help you determine your distance from TV towers which might help you choose the right antenna. You can visit the site, enter your location, and see how far away you are from TV towers, their location, and get an estimate of the signal strength to your location. Based on this legend you can make a better decision about the antenna you choose.

Selecting an antenna Selecting an antenna is key to getting the right reception!

Here are my recommendation for choosing an antenna:

  • If you’re close to the TV towers and want something low profile, or you live in an apartment or condo and can’t put an antenna outside, go with a flat antenna which is thin, low profile, and can be placed in a window or on the wall. This flat antenna from Channel Master (affiliate link) should work great if most TV towers are in the green or yellow. It’s slim, low profile, and can be attached to a window or wall.
  • If you’re further away from the TV tower or you just want the best reception, I recommend picking up something like this Antennas Direct antenna (affiliate link) that can be used indoors or outdoors. It’s not the best looking antenna but it has a great range and will work better than the flat antenna if you can hide it or aren’t concerned about aesthetics.
  • Either way, you’ll want to mount it somewhere in your home, the higher the better, outdoors or an attic will work best.
  • I got lucky when I moved into my house because the previous owner installed a massive long range antenna in the attic and ran a coax cable to the basement. Having one in the attic above the trees and other houses is one of the best places for an antenna.

Hooking Up Your Antenna & Tuner

Once you have your antenna and tuner, go ahead and connect your tuner to the network and connect your antenna to the coaxial terminal and then finally, connect the power to the tuner. A word of caution, you might be tempted to buy an amplifier but I would recommend against it until you truly know that you have a weak signal, you run the risk of introducing noise and interference. We’ll see this later on and from there you can determine if you need a signal amplifier (affiliate link) or not.

Once your tuner is on the network, visit tuner’s web page by typing in the IP address in a browser. Here you will see the landing page for your device. If you see a message to update your firmware I would update it before continuing, it will only take a minute, plus, who doesn’t love updating firmware 😀

Once it’s updated you can see the tuner status and more information about your tuner. Next we want to see which channels our tuner can detect. We can do this by going into the channel lineup and clicking “Detect Channels”.

This will scan for all of the channels you can pick up using your antenna. Now your mileage may vary depending on your area and how close you are to the TV towers, but it’s a good idea to compare the results to what you expect. If you aren’t seeing the channels you expect, you might need to adjust your antenna or think about getting a signal amplifier, however I’ll show you how to check the signal strength in a little bit.

One thing you might have noticed is that little plug that I have connected to my HDHomeRun. This is a signal filter (affiliate link) that will filter out LTE and 5G signals from the line. I’ve noticed that as more cell phone towers go up, the more they can interfere with my antenna, so I popped this little filter on to filter out those frequencies. If you’re wondering what interference looks like, it’s that weird pixelated blocking that you see sometimes when watching TV. This isn’t going to magically make channels appear out of nowhere or boost the signal, it’s just there to take away the noise created by cell phone towers.

Once we’ve got our tuner all set up, make note of the IP address because we’ll need this for configuring Plex.

LTE Filter You might need to pick up an LTE filter to filter out 5G noise!

Setting up Plex for Live TV

Now that we have our TV Tuner and antenna set up, we can now configure this in Plex! You’ll need to sign in to your Plex Media Server and then go to settings. In the Manage section you should see Live TV & DVR. Here you’ll want to configure a new tuner. When you try to add a new tuner, it will try to search for your tuner and in most cases it will find your device. If it doesn’t you can manually add your device by typing in the IP address of our tuner. Once it’s added you’ll need to set a few settings for Plex. You should choose an antenna, your home country, and your Postal Code. The postal code is needed to download the EPG. Once you’ve set this, you will then see a list of all the channels we found earlier. You can scan again or even remove channels however I wouldn’t remove channels here, I would just create favorites later. If you’re happy with the list, click continue. Plex will start to download the latest guide and after a few minutes we should see all of the TV shows that are available!

Recording Live TV

The channel guide can be found in the Live TV section. Here we can see a list of all of the shows we can watch or record. This will look different on different clients but the experience is mostly the same. The live TV feature is pretty self explanatory, we can scroll through channels and when we see something we want to watch, we just click on it. This will start a live stream. You can even pause or rewind a Live TV show, pretty cool.

So you can see that I have a pretty good signal and quality but what do you do if you don’t have the greatest picture quality? Well, earlier I mentioned that we could check our signal strength for a broadcast to determine if we need to adjust our antenna or think about a signal booster. This might work differently depending on your tuner, but if you’re using a SiliconDust tuner like the one I am using, the easiest way I have found to do this is to start a live show and then go to your tuner’s homepage while the show is playing. Once here go into Tuner Status and choose the tuner that’s being used, which you can see in the Summary. Click on the tuner that is in use and here you can see the status. The most important stat here is Signal Quality. The higher the better. If you notice that this is noticeably low and your TV stream isn’t the greatest you can try adding a signal booster or a line filter to try and clean it up. I will have links to this and all of the other hardware we talked about today in the video description. So, back to recording from the channel guide… After selecting a show, if you want to record a show all you have to do is click the record button. From here you can choose whether you want to record new airings only, new and repeat, and which library you want to save it to. I have multiple libraries, TV Shows and Recorded TV. That’s because I wanted to separate the two but that’s totally up to you. It’s as simple as creating a new library and setting the type to TV Shows. You will then see this option when scheduling recordings.

Plex EPG DVR Scheduling to shows to record couldn’t be easier with their great EPG!

You also have some additional settings in “Show Advanced” but we won’t change them here, we’ll apply these to all recorded TV a little bit later. After clicking record we can now see that we have a record icon on the show, letting us know that it’s currently being recorded. You also have lots of quick actions when hovering or clicking on shows where you can schedule recordings or even cancel recordings, it’s pretty handy.

One thing you might have noticed is the categories across the top. Most of these are self-explanatory, however there’s one named Plex Channels that is different from the rest of the TV channels. These are FAST channels or Free Ad-Supported Streaming Television. It’s streaming TV that can be watched at any time. They aren’t channels that you can find over the air from your local TV stations, but channels that stream content 24/7, like for instance if you wanted to binge watch Top Gear or the Price is Right classics, there’s a channel for that. But, back to recorded TV.

Watching Recorded TV

Once a show has recorded it will be in your Library you set for recorded TV, the default is TV Shows. Once here you’ll see a similar experience that we see for Movies, you’ll have a “Recommended” section, a “Library” section, and a “Category” section, and view controls for your media. Clicking on your show will bring you to that show and from there you can see all of the recorded seasons for that show and if you want to get to your show you click into the season to get to your episodes. Once you are on your episode you can see more details about it like the date it aired, how long the recording is, the rating, and even details about this episode. You can also switch the track to another language and choose your subtitles if the broadcast supports it. After clicking play the video will start and you can watch it as you normally would!

Plex watch recorded TV Watching recorded TV is just like watching other media, complete with all of the artwork and metadata you’re use to seeing with other content!

AutoSkip Intro, Commercials, Credits

One of the best features that comes with Live TV & DVR is Intro Skip and Commercial Skip. If enabled Plex can detect intros, commercials, and even credits to help you watch more TV without interruptions. When playing a show where an intro is detected, you will see a skip intro button in the bottom right corner that you can click on and it will skip right to the show. This also works for commercials too! When a commercial break starts you will see a button to skip Ads which will skip right to where the show picks back up! Now it’s not perfect but I’d say it’s pretty close for the shows that I watch. It’s not enabled by default so let’s enable it!

We can do this in our library settings which you can find in the Manage section. If we edit our Recorded TV library and go to “Advanced“ we should see a few settings in here that help us skip unwanted content. Be sure that “Enable Intro detection” and “Enable Credits detection” is turned on and then for the “Ads detection” setting you’ll want to choose “For recorded items” . This enables ad detection for new recordings. If you’ve already recorded TV with Plex or from another TV you can turn on “For all items” to force a scan of all items in this folder.

Great, once that’s turned on it should now add these markers so we can skip unwanted content. This detection does take a few minutes and only starts after a show is done recording. Also, you won’t see new recordings in your Library until it is done doing the detection. Now we can skip all of that unwanted content and watch TV like a pro. Like this show right here, if we start playing you can see it detects the intro that we can skip through if we like, and then once we get to a commercial break it will prompt us to skip it we like, and if it detects credits it will do the same.

Plex intro and commercial skip Skipping commercials, intros, and credits makes watching OTA a breeze. No more wasting time!

DVR Settings

Now there are some additional settings you can choose for skipping commercials like removing them altogether. This is in the DVR settings where we can set our default settings for new recordings. In the “Detect Commercials” setting you can choose from “Disabled”, “Detect”, “Mark for Skip”, or “Delete”. “I would recommend setting this to “Detect and Mark for skip” rather than setting it to “Detect and Delete” because deleting is a destructive action and while Plex commercial skip is really good at detecting commercials, it’s a lot safer to just add markers than accidentally delete part of your show. As for the rest of the settings in here, I have only adjusted a few. I set the resolution to Prefer HD. I don’t replace lower resolution items, I do allow partial airings, and I don’t adjust the minutes before and after a recording. Shows are pretty good at starting and ending on time, but if you find that you want to record a minute or two before and after, adjust the setting here. Live broadcasts that go over the scheduled time like sports might be a good good reason to add some padding at the end of the recording so you don’t miss overtime! Also I enable a refresh of the guide data during the maintenance window and for me that’s 2am.

Adjusting Recording Priority

So now that we have scheduled some recordings, how do we make sure that my reruns of Nature and NOVA don’t get scheduled instead of my wife’s show The Bachelor? (You’ll only make that mistake once). We can do this easily by adjusting our recording priority. If we go back into the Live TV area and choose the DVR Schedule we can see everything that’s scheduled to record and on the far right we can see our Recording Priority. This is where we can drag and drop to reorder our shows with the highest priority being at the top. This helps when there are scheduling conflicts due to the tuners being in use when recording or watching live TV. I have 4 tuners so I rarely have a conflict but if I did this is how it will choose to prioritize one recording over the other. Let’s say for instance I wanted to get in trouble again and prioritize Nature over The Bachelor, Survivor, and even Big Brother, I would just drag Nature all above all of those shows like. This would ensure that if there was ever a conflict or not enough free tuners, Nature would record instead of all of these shows. OK, let’s move this back before I get in trouble again.

Plex recording priority Be sure to adjust your recording priority so that you can be sure your tops shows record over others if you run out of tuners!

Channel Favorites

Now that we have everything set, there’s also this small feature to make your life a little easier when channel surfing and that’s Favorites. As you can see from my list of local channels, I have a lot of channels that I almost never watch but at the same time I don’t want to remove them from my channel lined up. This is where favorites come in. I like to add all of my favorite channels to my favorites list so that I can easily browse them when I am looking for something to watch. You can even add some of the Plex FAST channels to your favorites too! I really like the BBC Earth channel, PBS Nature, and the Modern Marvels channel and I have added those to my favorites too. They have over 600 to choose from, so there’s no shortage of content there. Now, if I switch and go to my favorites, I can see a quick list of my favorite channels without skipping around through all of the channels I rarely watch.

Mobile

Now just because I did all of this from a browser doesn’t mean you have to do it here too. Plex’s mobile app works great for watching live TV, previously recorded TV, and even scheduling recordings. There have been many times where my wife and I are out and about and hear about a new show that’s airing soon and it’s now second nature to immediately schedule it to record. I just open up the app, go to Live TV, Search for the show, and schedule the recording. It’s super simple and convenient to do.

Plex mobile app The mobile app is not only great for watching shows, but also scheduling a recording while you are on the go!

Conclusion

So that’s everything you need to get started today to record live TV like a pro. I’ve been using this setup with Plex for years and it’s everything I could want in a DVR system, from high quality over the air uncompressed video and audio, to an accurate EPG, to how easy it is to schedule recordings anywhere on any device, to commercial skipping and so much more. I want to thank Plex again for sponsoring this video and thank you for watching. Well, I learned a ton about live TV, antennas, network tuners, and Plex, and I hope you learned something too. And remember if you found anything in this post helpful, don’t forget to share!

Join the conversation

Where to Buy

📦 Products in this video

TV Tuner that supports 4K and up to 4 streams!

https://amzn.to/3r1v3SL

Flat Indoor Antenna

https://amzn.to/3Z5AQmR

Indoor Outdoor Antenna with 60+ mile range!

https://amzn.to/3sHLST3

Adjustable Gain TV Antenna Preamplifier with LTE Filter

https://amzn.to/3LgwB26

LTE / 5G Filter

https://amzn.to/3Pax72J

Antenna Splitter with Power Passthrough

https://amzn.to/3sLTZy4

Solid Copper Coax Cable (NOT copper clad)

https://amzn.to/3r3fhqk

LTE / 5G Filter Alternative

https://amzn.to/3PtSV9V

See the whole kit!

https://kit.co/TechnoTim/build-you-own-dvr

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/pi-hole-blocklists/index.html b/posts/pi-hole-blocklists/index.html new file mode 100644 index 0000000000..c3bc128d27 --- /dev/null +++ b/posts/pi-hole-blocklists/index.html @@ -0,0 +1 @@ + Is adding 3 MILLION domains to your Pi-Hole Block List a good thing? | Techno Tim
Post

Is adding 3 MILLION domains to your Pi-Hole Block List a good thing?

In some of my previous Pi-Hole videos many of you spotted my blocklist with over a millions sites added and you wondered how you can do the same.Well, today I show you how to block more ads, block more tracking, block more malware, and block more telemetry with these community lists.Bonus (and spoiler alert) I show you how to add 3.5 million!

Thanks to Firebog for the great lists firebog.net

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/pi-hole-dns/index.html b/posts/pi-hole-dns/index.html new file mode 100644 index 0000000000..8c2fbefe9d --- /dev/null +++ b/posts/pi-hole-dns/index.html @@ -0,0 +1,5 @@ + Using Pi-Hole for Local DNS - Fast, Simple, and Easy Guide | Techno Tim
Post

Using Pi-Hole for Local DNS - Fast, Simple, and Easy Guide

Pi-Hole is a wonderful ad blocking DNS sever for your network, but did you know you can also use it for a Local DNS server? In this fast, simple, and easy guide we’ll walk through how to create DNS Entries (A Records) for the clients on your network and also set up Aliases (pointers to A Records) so that you can start using DNS at home instead of relying on IP addresses.

📺 Watch Video

commands

1
+2
+
nslookup juno.home.lan # lookup by host name
+host 192.168.0.100 # reverse lookup
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/pihole-containerized/index.html b/posts/pihole-containerized/index.html new file mode 100644 index 0000000000..394cdd3ae0 --- /dev/null +++ b/posts/pihole-containerized/index.html @@ -0,0 +1,17 @@ + PiHole on Docker and Kubernetes (I almost gave up) | Techno Tim
Post

PiHole on Docker and Kubernetes (I almost gave up)

We know you’ve heard of Pihole and we know you are probably aware of how to install it but… have you tried running it on Docker and Kubernetes using Rancher? Have you configured it for pfSense? Don’t worry, I figured out all the hard stuff for you.So let’s consolidate some hardware and services.

📺 Watch Video

Ubuntu Fix

1
+
sudo apt-get update
+
1
+
sudo apt-get install resolvconf
+
1
+
sudo nano /etc/resolvconf/resolv.conf.d/head
+

enabled & start service

1
+
sudo systemctl enable resolvconf.service
+
1
+
sudo systemctl start resolvconf.service
+

add your upstream DNS (I use Quad9)

1
+
nameserver 9.9.9.9
+

update resolv.conf after adding nameserver

1
+
sudo resolvconf -u
+

Set pi-hole password

1
+
sudo pihole -a -p
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/pikvm-at-scale/index.html b/posts/pikvm-at-scale/index.html new file mode 100644 index 0000000000..d19f02a97b --- /dev/null +++ b/posts/pikvm-at-scale/index.html @@ -0,0 +1,275 @@ + Using the Raspberry Pi PiKVM with Multiple Machines | Techno Tim
Post

Using the Raspberry Pi PiKVM with Multiple Machines

If you’re looking to configure the TESmart switch with PiKVM, I finally figured it out and you can read all about it here.

What is the PiKVM?

If you don’t know what a KVM switch is, it’s a device that allows you to connect multiple computers to one device which allows you to control them with a single keyboard, monitor, and mouse.They’re relatively cheap unless you’re looking for an IP based one that will let you connect over the network.IP KVMs are really expensive, that is until the PiKVM came along. The PiKVM is a Raspberry Pi-based KVM switch, which allows you to remotely control a computer using a keyboard, a web browser, and mouse from anywhere in the world.It runs a web server that lets you connect to any computer connected to it and remote control it as if you’re sitting right in front of it, without plugins or installing any agents on the device. It’s much more capable than remote controlling it using a remote desktop client, it can even let you remote control a machine before it boots to let you change things in the bios, or even reformat and reinstall your operating system remotely.

This is all great except for one small thing, unlike a traditional KVM that lets you control multiple devices, the PiKVM is really meant for remote controlling just one device.The PiKVM is built with just one HDMI input and one keyboard mouse input while traditional KVMs have multiple inputs for multiple clients.So how can we scale the PiKVM to connect it to more devices so that we aren’t stuck moving it from machine to machine each time we need to remote control one of our other devices?

📺 Watch Video

PiKVM v3 Hello screen The little LCD is both cute and functional

You can build a PiKVM yourself by purchasing the PiKVM v3 HAT which is a great choice if you already have a raspberry pi4 and are willing to build it yourself.Or if you have a Pi Zero you can even build it using some inexpensive parts and without soldering.But chances are you have neither since raspberry pis are impossible to find and buying a pre-assembled kit is the only option.It was for me and that’s what I ended up doing.I purchased the PiKVM v3 pre-assembled which comes with a Raspberry Pi 4 2GB model, 32GB micro SD card, power supply, an HDMI cable, a USB C to USB A cable, and a nice case.The steel case is solid and feels sturdy and industrial.The PiKVM has lots of connections, connections for power, USB devices, mouse and keyboard emulation, RJ45 to serial connection, HDMI, and even an RJ45 connector for ATX power which lets me hook this up to a motherboard to power it on and off remotely.The other cool thing you get with the pre-assembled kit is the little LCD screen that shows system information and a cute cat when it boots. It comes pre-flashed with PiKVM installed and ready to go.

Oh, it runs arch BTW.

Arch Linux Meme I had to let you know

A HUGE THANKS to Micro Center for sponsoring today’s content.

New Customer Exclusive – Free 256GB SSD: https://micro.center/18l

Shop AMD Ryzen 5 3600 & Gigabyte B450M Combo Deal: https://micro.center/69d

Check out Micro Center’s Custom PC Builder: https://micro.center/d35

Submit your build to Micro Center’s Build Showcase: https://micro.center/dsw

PiKVM at Scale

But before we connect everything, remember when I said I wanted to connect it to more than one device? Well, I wanted to connect it to 8x times that, yes 8 devices.I found this HDMI KVM switcher with a USB hub that I thought would be perfect for it. This TESmart allows you to connect up to 8 devices with video and USB and has a built-in USB hub.It also has an RJ45 port that allows me to change the input over IP and that’s it. It’s not an IP KVM otherwise I would need the PiKVM, but being able to switch the input over IP is all I needed to automate it with the PiKVM.I thought this device was perfect for remote controlling some of my servers considering it is rack mountable.However there was just one catch that would almost ruin this entire project that I didn’t know about yet.

The Problems Ahead

I tested PiKVM on my workbench with this old intel NUC and it worked fine.I was able to remote control it and even power it on and off using Wake on LAN.I chalked it up as a success and started moving everything into my server rack.It might not seem like it, but mounting this HDMI KVM Switch took quite some time.I had to run HDMI cables and USB B cables to and from all of my devices that I wanted to remote control.I started running the wires and wiring up 4 devices, just to be sure it worked with my existing machines before wiring up all 8.But, I bet you’re asking why I just don’t use IPMI that I have on my servers? Well, this isn’t to control my servers, it’s to control my rack mounted PC conversion along my new Intel NUC cluster.None of these machines have IPMI so that’s why I needed an IP KVM solution like the PiKVM.

I decided to put my PiKVM on this little shelf for now but I’ll probably find somewhere a little more permanent to place it. Once I had everything hooked up, that’s when the troubles began.I could remote into some of the NUCs running Linux and the PC conversion, but not the ones running Windows.I thought for sure that it was something with my connection so I checked all of the connections over and over again.It was right around that time that the creator of PiKVM Max Devaev reach out to me asking me how I was liking the PiKVM and to let him know if I ran into any troubles because he was interested in advanced use cases for the PiKVM.I’m not sure why he thought I was going to be using this in an advanced way…. But he was right…

TESmart switch with PiKVM This was my first attempt with a TESmart Switch

I worked with Max for a few days on and off over discord.He sent snippets of code for me to run and even gave me lots of EDIDs to try. EDIDs (Extended Display Identification Data) are a signature or metadata that tell a device how to work with the monitor.Sometimes we could get the Linux machines running on the TESmart switch working, but not the Windows machines. And other times we could get the Windows machines working but not the Linux machines.We ended up discovering that the TESmart HDMI switch would “poison” the PiKVM and send the TESmart EDID rather than the one from the PiKVM.

TESmart EDID:

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+
Section "Monitor"
+        Identifier "ITE-FHD"
+        ModelName "ITE-FHD"
+        VendorName "ITE"
+        # Monitor Manufactured week 12 of 2010
+        # EDID version 1.3
+        # Digital Display
+        DisplaySize 620 340
+        Gamma 2.20
+        Option "DPMS" "false"
+        Horizsync 13-46
+        VertRefresh 23-61
+        # Maximum pixel clock is 170MHz
+

PiKVM EDID

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+
Section "Monitor"
+        Identifier "PiKVM"
+        ModelName "PiKVM"
+        VendorName "LNX"
+        # Monitor Manufactured week 28 of 2011
+        # EDID version 1.3
+        # Digital Display
+        # Display Physical Size not given. Normal for projectors.
+        Gamma 2.20
+        Option "DPMS" "false"
+        Horizsync 15-46
+        VertRefresh 59-61
+        # Maximum pixel clock is 150MHz
+        #Not giving standard mode: 256x160, 60Hz
+

At this point, I had to cut my losses and go with a smaller, non rack mountable, but more compatible EZCOO KVM Switch and, I have to say, it’s fantastic.

A New HDMI Switch Enters the Chat

This is the EZCoo HDMI KVM switch. It’s a 4 port HDMI KVM Switch that allows 4 HDMI ports to be switched to a single display. This single display will be the PiKVM.It also has a built- in USB 3 hub which is awesome for plugging in USB devices that will connect to the machine when you switch the input.It has 4 HDMI inputs and 1 USB 3 input that you’ll connect to each machine and has one HDMI out and one USB for keyboard and one for mouse.We won’t be using these specific USB ports because we’ll be using mouse & keyboard emulation in one plugged into a generic USB port.

The real magic of this device is that it has a micro USB management port on the side that the PiKVM can use to control and toggle the inputs automatically, giving us a way to switch between all of our connected devices without having to manually press the input button.As nice as this device is, I really wish they made an 8 port rack mountable one because I want to control more than 4 devices without swapping them out or daisy chaining them, Which is why I wanted the TESmart switch in the first place.

Oh, speaking of the TESmart, after working with Max for a while on this device he mentioned that this might work with the new v4 version of the PiKVM which just recently launched on Kickstarter.He said he was going to send one of their prototypes to test so, fingers crossed it works.I will be sure to create a v4 video once it’s released and hopefully it supports the TESmart switch.

EZCOO switch with PiKVM This EZCOO is small, compact, and 100% compatible

Putting it all together

Now that I had everything working the way it should it was time to connect to each device through the web portal.Once connected, I can toggle between each of my devices here, from my first Intel NUC running Ubuntu, to my Second Intel NUC running Windows 10, to my third Intel NUC running Windows 11, to my PC conversion running Ubuntu server.And you can see that it’s pretty snappy. The latency is really low and I can even run HD videos no problem at all.If I do run into any latency issues or I am on a slow connection I can change the protocol and even the bitrate to something more fitting.

But running HD videos probably isn’t the reason you want a KVM, it’s more likely that you want to have access to the machine while it boots, and here’s where it gets really awesome. The PiKVM is open and it’s totally hackable and there are some great plugins and drivers that allow you to customize the UI with those plugins. For instance I can shutdown this machine and then wake it up using a Wake on LAN packet to power it back on.Side note, I learned a ton about making Wake on LAN work for Windows and Linux and I will be updating my blogs with complete walk-throughs of how to enable it, but anyway If that wasn’t cool enough I can then get into the BIOS of this machine to make any changes that I want.I can change the boot order, change boot devices, overclock the machine and do anything that I couldn’t normally do without being right in front of the machine.I can even upload ISOs to the PiKVM and then attach them to the device virtually and boot from it to install any operating system! This lets me rebuild any of these machines no matter where I am all from a web browser.

Want to install Linux on a machine that’s powered off, no problem.Just attach the virtual drive to the machine, send a wake on lan packet to wake it up, then boot from the virtual drive and install! You could also attach the ATX power control to the header of the motherboard if you like and power it on that way, but I have network access to all of my machines so I will use wake on lan.Plus, it’s super awesome to be able to wake devices up over the network. And here’s where it gets really awesome, remember how I said that my KVM also has a USB Hub? Well, I’ve attached a 64GB USB drive to it with Ventoy installed that has every ISO I could ever need.As I switch inputs between machines it attaches the USB drive with Ventoy to each machine allowing me to install any operating system I want.

EZCOO switch with PiKVM and everything connected You can make this even more powerful by adding a USB drive and Ventoy

Because the PiKVM is hackable, I’ve customized the GPIO menu to let me switch between devices, wake them up, wake them up on different NICs, and restart the kvmd service or the PiKVM itself. (See my config below) I should say that I didn’t really “hack” it, this isn’t a “techno tim” hack - there’s an overrides file that lets you customize most of the PiKVM so I didn’t go totally off the rails.It even has a web ui to give you terminal access to your PiKVM in case you aren’t able to use SSH, which is super handy if you’re mobile. But this little device has so many features already and the fact that the software is open source and continues to be updated makes this solution such a great investment for me.

PiKVM remote control menu You can customize the menu however you like (my config below), here I added WoL for each network card and even a way to restart the PiKVM from the menu

Is it worth it?

So I bet you’re wondering if it’s worth it? I am going to break this down into 2 parts.Is it worth it to buy pre assembled? And is it worth it for remote control with a PiKVM. Well for me it is for a few reasons.First of all I can’t find a raspberry pi to assemble this myself, and if you consider it comes with a case, a fan, a 32GB micro sd, additional cables, and even a little LCD screen 100% ready to go for an additional 90 bucks? I would say it is.Now on to the tougher question, is it worth it to have a PiKVM at all? I would say yes for me, but for you it depends.The way I looked at it was that I was going to scale it to 8, which would divide the cost of a PiKVM and switch across 8 machines making it around 70 dollars per machine if you include all of the cables.

PiKVM $259 + TESmart $299 / 8 = $70 per machine

I’d say that it’s worth it for me to have remote access to that many machines for the life of each machine.But, I did have to downgrade to a smaller switch that only gives me access to 4 machines which is roughly 95 dollars per machine.

PiKVM $259 + EZCOO $120 / 4 = $95 per machine

That’s a little bit higher, however it’s a much better value than remote controlling just one machine with the PiKVM, which would be the cost of the PiKVM.

PiKVM $259 / 1 = $259 per machine

Hardware

Here are the items that I used during this project.

PiKVM - https://pikvm.org

EZCOO - HDMI KVM Switch - https://amzn.to/3IyiIv1

HDMI Cables - https://amzn.to/3SgJ34g

USB B Cables - https://amzn.to/3Eel0wU

USB C Cables - https://amzn.to/3k8vQhb

USB Flash Drive - https://amzn.to/3XI50u6

TESmart Switch (not full compatible) - https://amzn.to/3YV0Gsi

(Affiliate links may be included in this description. I may receive a small commission at no cost to you.)

PiKVM Config

Here is my PiKVM config that I use.You will need to edit /etc/kvmd/override.yaml on your device and then restart the kvm service.

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+54
+55
+56
+57
+58
+59
+60
+61
+62
+63
+64
+65
+66
+67
+68
+69
+70
+71
+72
+73
+74
+75
+76
+77
+78
+79
+80
+81
+82
+83
+84
+85
+86
+87
+88
+89
+90
+91
+92
+93
+94
+95
+96
+97
+98
+99
+100
+101
+102
+103
+104
+105
+106
+107
+108
+109
+110
+
kvmd:
+    gpio:
+        drivers:
+            ez:
+                type: ezcoo
+                protocol: 2
+                device: /dev/ttyUSB0
+            wol_server0:
+                type: wol
+                mac: 1c:69:7a:ad:11:85
+            wol_server1:
+                type: wol
+                mac: 88:ae:dd:05:cf:09
+            wol_server2:
+                type: wol
+                mac: 88:ae:dd:05:c6:3b
+            wol_server3:
+                type: wol
+                mac: a0:36:9f:4f:c4:b4
+            wol_server3a:
+                type: wol
+                mac: d8:50:e6:52:8e:c2
+            reboot:
+                type: cmd
+                cmd: [/usr/bin/sudo, reboot]
+            restart_service:
+                type: cmd
+                cmd: [/usr/bin/sudo, systemctl, restart, kvmd]
+        scheme:
+            ch0_led:
+                driver: ez
+                pin: 0
+                mode: input
+            ch1_led:
+                driver: ez
+                pin: 1
+                mode: input
+            ch2_led:
+                driver: ez
+                pin: 2
+                mode: input
+            ch3_led:
+                driver: ez
+                pin: 3
+                mode: input
+            pikvm_led:
+                pin: 0
+                mode: input
+            ch0_button:
+                driver: ez
+                pin: 0
+                mode: output
+                switch: false
+            ch1_button:
+                driver: ez
+                pin: 1
+                mode: output
+                switch: false
+            ch2_button:
+                driver: ez
+                pin: 2
+                mode: output
+                switch: false
+            ch3_button:
+                driver: ez
+                pin: 3
+                mode: output
+                switch: false
+            wol_server0:
+                driver: wol_server0
+                pin: 0
+                mode: output
+                switch: false
+            wol_server1:
+                driver: wol_server1
+                pin: 0
+                mode: output
+                switch: false
+            wol_server2:
+                driver: wol_server2
+                pin: 0
+                mode: output
+                switch: false
+            wol_server3:
+                driver: wol_server3
+                pin: 0
+                mode: output
+                switch: false
+            wol_server3a:
+                driver: wol_server3a
+                pin: 0
+                mode: output
+                switch: false
+            reboot_button:
+                driver: reboot
+                pin: 0
+                mode: output
+                switch: false
+            restart_service_button:
+                driver: restart_service
+                pin: 0
+                mode: output
+                switch: false
+        view:
+            table:
+                - ["#NUC1", ch0_led, ch0_button, "wol_server0 | WoL"]
+                - ["#NUC2", ch1_led, ch1_button, "wol_server1 | WoL"]
+                - ["#NUC3", ch2_led, ch2_button, "wol_server2 | WoL"]
+                - ["#PC", ch3_led, ch3_button, "wol_server3 | WoL-10g", "wol_server3a | WoL-1g"]
+                - ["#PiKVM", "pikvm_led|green", "restart_service_button|confirm|Service", "reboot_button|confirm|Reboot"]
+

Wake on LAN

If you’re having issues with Wake on LAN, see The Ultimate Guide to Wake on LAN for Windows, MacOS, and Linux

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/pikvm-tesmart/index.html b/posts/pikvm-tesmart/index.html new file mode 100644 index 0000000000..a35c50255a --- /dev/null +++ b/posts/pikvm-tesmart/index.html @@ -0,0 +1,303 @@ + PiKVM with TESmart KVM Fixed! | Techno Tim
Post

PiKVM with TESmart KVM Fixed!

After many hours and testing, swapping, resetting, and EDID training, all of my PiKVM and TESmart issues were solved with with a simple, cheap dongle. If you aren’t aware of the struggles I faced when using the PiKVM with a TESmart switch, all of it is detailed in a previous post where I ended up settling on another switch altogether. That’s all changed now with a simple EDID emulator passthrough adapter (affiliate link). However, for the uninformed, I’ll summarize the symptoms I experienced with the PiKVM and TESmart KVM and how I was able to fix these issues.

My Experience

When I originally set up my PiKVM (v3 at the time) I wanted to remote control more than one machine. I have a server rack and I rationalized that 8 would be a good number of machines to remote control and ultimately justify the cost of the hardware (cost spread over 8 machines). I also wanted something to rackmount since, after all, I have a server rack. That’s when I found the TESmart 8X1 HDMI KVM Switch 8 (affiliate link).

It met all of my requirements:

  • 8 ports
  • Rackmountable
  • Compatible with PiKVM (or so I thought)

This device was listed as compatible with PiKVM so I thought it was a safe bet.

I have (3) Intel NUC 11th Gen device I planned on connecting to this switch along with an old PC that has a ASUS Z87-PRO motherboard. I figured since they were all Intel based GPUs it was a safe bet. Boy was I wrong…

Shortly after configuring the PiKVM with the TESmart KVM and my devices it was clear that something was definitely wrong.

PiKVM Issues with TESmart As you can see, 1 out of 3 devices work. All 3 are the same model. Usually none of them work even after properly training them.

Some of the symptoms were:

  • Black screen without any video
  • When switching machines, you see video but quickly goes to black
  • When switching to some devices, you see a green screen
  • While getting a green screen, the CPU spikes on the PiKVM to where you have to reboot

Things I tried

I knew this was not good, however I figured it was something that could be fixed in software, after all the PiKVM is open source and running Linux. I did the obvious first, which was training the PiKVM and the TESmart switch according to TESmart’s YouTube video (which is excellent by the way). This kind of helped and by kind of I mean that 1 device would sometimes work but then after adding additional devices it would start experiencing the same symptoms as above. So I thought I could fix it in software…

I tried updating the device, testing different EDIDs,and even working with the creator of the PiKVM, Max Devaev, to see if we could tweak any settings to make it work with the TESmart KVM. After capturing logs and EDIDs, Max determined that the EDID was getting “poisoned” with some other EDID when switching. So we decided that it was a hardware issue. I ended up purchasing an EZCOO switch (affiliate link) which ended up working perfectly, albeit not rackmountable.

I reached out to TESmart around the same time to see if maybe it was something they had experience in the past, or something that might be addressed in a firmware update. They were great to work with (huge shout out to Ray from TESmart!) and walked me though some additional troubleshooting steps. Each step still yielded the same results. When we exhausted everything we could try, they sent a replacement to see if that might resolve the issue, but sadly it did not.

PiKVM v4 and More

All of this troubleshooting was done on the PiKVM v3, which I had purchased pretty late in its lifecycle, and v4 was right around the corner. Max from PiKVM said that he felt the issue could be resolved in their v4 model and mentioned he would send one when it launched. I was hopeful that this work. A few months later, the PiKVM v4 Plus arrived on my doorstep.

PiKVM v4 PiKVM v4 Plus & PiKVM v4 Mini

After receiving the PiKVM v4 and hooking it up to the TESmart switch I found that I had the same issue as before. This told me it was most likely something with the TESmart switch. I reached out to them again after discovering that I had the 4k 30 fps model and hoped that the 4k 60 fps model would make a difference, after all there were some people who said theirs worked just fine and internet rumors that the 60 fps model worked better.

I talked to TESmart again and they shipped a replacement, this time the 4k 60 fps model. I quickly hooked it up and once again experienced all of the same symptoms. I was really puzzled as to why this was happening to me when it works fine with other switches and others claimed to use this switch fine.

Community to the Rescue!

After testing all of this, I was convinced that I would never be able to use my rackmount KVM. I have to admit that I wasn’t that upset that it didn’t work, I was more upset that I didn’t know when to quit. I was frustrated that I sunk over 80 hours of my time trying to fix this when in fact there was no fix. Sometimes you gotta just let go…

That’s when I got lucky and someone posted a comment on my previous post with something new to try. The comment from juristoeckli that mentioned something about an “EDID Emulator”. I had never heard of these before nor was I sure that this was the issue. Then NateDiTo also left a comment about how they had used these EDID emulators (affiliate link) and they worked for them. Finally, I wasn’t alone! Someone else who was experiencing the same thing or at least knew my struggle!

That’s when I decided to give it a shot. I told myself “If these don’t work, I am giving up!” and I meant it this time (maybe… 😂).

EDID Emulator This little device will override your EDID possibly making it compatible with the device it’s connecting to.

How I fixed it

I purchased a cheaper version of the EDID emulator (affiliate link) hoping they would work. Also, serendipitously, Ray from TESmart had mentioned an EDID emulator in an email that same night. He mentioned this as a last resort, however in my mind this was my last resort. After the devices arrived, I quickly inserted the emulators into the TESmart and connected my machines to them.

EDID Emulator with TESmart I plugged them directly into the TESmart switch and all devices started working immediately!

I retrained the devices per the video, and sure enough after powering the first one one it worked! I could see my machine in the PiKVM without issues! I quickly tempered my expectations because I have been here before. One device would sometimes work fine, but never more than one. Sure enough after training the next 2 devices it worked fine. I could now control all 3 devices from the PiKVM with the TESmart KVM switch. I tested by rebooting the devices and even the PiKVM and everything still works! They now work as reliably as they did with the EZCOO switch.

So why does this work?

When I think about the solution, it’s challenging to know how and why this is working. As I understand it, EDID emulators are meant to override a device’s EDID, basically telling the connected device which capabilities it supports. You would think that my devices were sending the proper EDID to the TESmart switch, however as I experienced with 4 devices (2 unique), this was not the case.

Some people have mentioned that this happens more often when running Linux, and I even experienced that myself too. When one of my Intel NUCs was running Windows it seemed to work fine but when running Proxmox (Debian Linux) it seemed to experience these issues. This could be a Windows vs. Linux issue, or it could be chalked up to my other experience where 1 device would work fine but none of the others. I’ve tested quite a bit over the span of a year and it’s challenging to know for sure. Oddly enough, this doesn’t happen to everyone who uses TESmart switches. I do think it’s a combination of TESmart + Device + OS/driver that triggers the problem, because again, it works with my with EZCOO switch. I also have a hunch that these emulators might be instructing the device’s GPU to stay powered on even when a device isn’t plugged into it (just like HDMI dummy plugs), however I don’t know if that’s true. If you know, let me know in the comments below!

I am considering this “fixed” now even though technically this is a “workaround.” A huge thanks to Max from PiKVM, Ray from TESmart (and the TESmart team), and juristoeckli and NateDiTo in the comments because without all of you I would have given up. Each new idea or additional troubleshooting step motivated me to keep going. I can finally use this switch and recommend it to those who want something rackmountable (with workarounds).

Config

Here is the configuration I use:

/etc/kvmd/override.yaml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+54
+55
+56
+57
+58
+59
+60
+61
+62
+63
+64
+65
+66
+67
+68
+69
+70
+71
+72
+73
+74
+75
+76
+77
+78
+79
+80
+81
+82
+83
+84
+85
+86
+87
+88
+89
+90
+91
+92
+93
+94
+95
+96
+97
+98
+99
+100
+101
+102
+103
+104
+105
+106
+107
+108
+109
+110
+111
+112
+113
+114
+115
+116
+117
+118
+119
+120
+121
+122
+123
+124
+125
+126
+127
+128
+129
+130
+131
+132
+133
+134
+135
+136
+137
+138
+139
+140
+141
+142
+143
+144
+145
+146
+147
+148
+149
+
# /etc/kvmd/override.yaml.bak.tesmart
+####################################################################
+#                                                                  #
+# Override Pi-KVM system settings. This file uses the YAML syntax. #
+#                                                                  #
+#    https://github.com/pikvm/pikvm/blob/master/pages/config.md    #
+#                                                                  #
+# All overridden parameters will be applied AFTER other configs    #
+# and "!include" directives and BEFORE validation.                 #
+# Not: Sections should be combined under shared keys.              #
+#                                                                  #
+####################################################################
+
+kvmd:
+  gpio:
+    drivers:
+      tes:
+        type: tesmart
+        host: 192.168.20.63
+        port: 5000
+      wol_server0:
+        type: wol
+        mac: 1c:69:7a:ad:11:85
+      wol_server1:
+        type: wol
+        mac: 88:ae:dd:05:cf:09
+      wol_server2:
+        type: wol
+        mac: 88:ae:dd:05:c6:3b
+      wol_server3:
+        type: wol
+        mac: 3c:ec:ef:0e:d3:a4
+      wol_server3a:
+        type: wol
+        mac: 3c:ec:ef:0e:d3:a5
+      wol_server4:
+        type: wol
+        mac: 3c:ec:ef:90:c8:0c
+      wol_server4a:
+        type: wol
+        mac: 3c:ec:ef:90:c8:0d
+      reboot:
+        type: cmd
+        cmd: [/usr/bin/sudo, reboot]
+      restart_service:
+        type: cmd
+        cmd: [/usr/bin/sudo, systemctl, restart, kvmd]
+    scheme:
+      ch0_led:
+        driver: tes
+        pin: 0
+        mode: input
+      ch1_led:
+        driver: tes
+        pin: 1
+        mode: input
+      ch2_led:
+        driver: tes
+        pin: 2
+        mode: input
+      ch3_led:
+        driver: tes
+        pin: 3
+        mode: input
+      ch4_led:
+        driver: tes
+        pin: 4
+        mode: input
+      pikvm_led:
+        pin: 0
+        mode: input
+      ch0_button:
+        driver: tes
+        pin: 0
+        mode: output
+        switch: false
+      ch1_button:
+        driver: tes
+        pin: 1
+        mode: output
+        switch: false
+      ch2_button:
+        driver: tes
+        pin: 2
+        mode: output
+        switch: false
+      ch3_button:
+        driver: tes
+        pin: 3
+        mode: output
+        switch: false
+      ch4_button:
+        driver: tes
+        pin: 4
+        mode: output
+        switch: false
+      wol_server0:
+        driver: wol_server0
+        pin: 0
+        mode: output
+        switch: false
+      wol_server1:
+        driver: wol_server1
+        pin: 0
+        mode: output
+        switch: false
+      wol_server2:
+        driver: wol_server2
+        pin: 0
+        mode: output
+        switch: false
+      wol_server3:
+        driver: wol_server3
+        pin: 0
+        mode: output
+        switch: false
+      wol_server3a:
+        driver: wol_server3a
+        pin: 0
+        mode: output
+        switch: false
+      wol_server4:
+        driver: wol_server4
+        pin: 0
+        mode: output
+        switch: false
+      wol_server4a:
+        driver: wol_server4a
+        pin: 0
+        mode: output
+        switch: false
+      reboot_button:
+        driver: reboot
+        pin: 0
+        mode: output
+        switch: false
+      restart_service_button:
+        driver: restart_service
+        pin: 0
+        mode: output
+        switch: false
+    view:
+      table:
+        - ["#NUC1", ch0_led, ch0_button, "wol_server0 | WoL"]
+        - ["#NUC2", ch1_led, ch1_button, "wol_server1 | WoL"]
+        - ["#NUC3", ch2_led, ch2_button, "wol_server2 | WoL"]
+        - ["#HL15", ch3_led, ch3_button, "wol_server3 | WoL-10g", "wol_server3a | WoL-10g"]
+        - ["#Storinator", ch4_led, ch4_button, "wol_server4 | WoL-10g", "wol_server4a | WoL-10g"]
+        - ["#PiKVM", "pikvm_led|green", "restart_service_button|confirm|Service", "reboot_button|confirm|Reboot"]
+

edit /etc/sudoers.d/99_kvmd

add to the end:

1
+2
+
kvmd ALL=(ALL) NOPASSWD: /usr/bin/reboot
+kvmd ALL=(ALL) NOPASSWD: /usr/bin/systemctl
+

Then reboot or restart services.

Where to Buy

Here are the items that I used during this project.

(Affiliate links may be included. I may receive a small commission at no cost to you.)

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/plex-build-low-power-server/index.html b/posts/plex-build-low-power-server/index.html new file mode 100644 index 0000000000..4a753675d1 --- /dev/null +++ b/posts/plex-build-low-power-server/index.html @@ -0,0 +1 @@ + Building a Low-Power, Fully Loaded Plex Server | Techno Tim
Post

Building a Low-Power, Fully Loaded Plex Server

I built an efficient, good looking, Mini ITX Plex server that doesn’t skimp on the processing power, storage, or features like transcoding all while using only 16 watts of power. Each part is hand-picked and every setting is tweaked with efficiency in mind. Oh, and it would even look nice in your living space too! If you already have a Plex server, you can still follow this guide to be sure you are getting the most efficiency out of your hardware!

A huge THANK YOU to Plex for sponsoring this video during Pro Week! Explore and learn more from Plex Pros here: https://www.plex.tv/pro-week.

📺 Watch Video

Disclosures

  • Plex sponsored this video however all content was written and edited by me personally.

Info

📦 Products in video (affiliate links):

Check out the whole kit here: https://kit.co/TechnoTim/low-power-media-server

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/plex-containerized/index.html b/posts/plex-containerized/index.html new file mode 100644 index 0000000000..e3386368d2 --- /dev/null +++ b/posts/plex-containerized/index.html @@ -0,0 +1,21 @@ + 4 Ways to Install Plex (one is unexpected) | Techno Tim
Post

4 Ways to Install Plex (one is unexpected)

I’m a huge fan of virtualization and containerization (if you couldn’t tell already)! Today, we’ll walk though the various ways to install Plex step-by-step.We also see how easy it is to get Plex running on Docker and Kubernetes using Rancher.

📺 Watch Video

Id for Container

Get Id and Group Id

1
+
id yourusername
+

Should see something like this:

1
+
uid=1001(technotim) gid=1001(technotim) groups=1001(technotim),27(sudo),999(docker)
+

Mount Shares During Boot

Install cifs-utils

1
+
sudo apt-get install cifs-utils
+

Create credentials files for share

1
+
sudo nano /home/technotim/.smbcredentials
+

Set permissions

1
+
chmod 600 ~/.smbcredentials
+
1
+2
+
username=yourUsyourusernameername  
+password=yourPassword
+

Edit /etc/fstab

1
+2
+
//192.168.0.22/plex_media/movies /mnt/movies cifs credentials=/home/technotim/.smbcredentials 0 0
+//192.168.0.22/plex_media/music /mnt/music cifs credentials=/home/technotim/.smbcredentials 0 0
+

Then reboot or

1
+
sudo mount -a
+

to mount

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/poe-adapters/index.html b/posts/poe-adapters/index.html new file mode 100644 index 0000000000..d1286a84b6 --- /dev/null +++ b/posts/poe-adapters/index.html @@ -0,0 +1 @@ + Power Over Ethernet is AWESOME! | Techno Tim
Post

Power Over Ethernet is AWESOME!

I was unsatisfied with the huge wall adapter that many products ship with, so I replaced it! Want to power a mini PC or a smaller device with Power Over Ethernet (POE)? No problem!

📺 Watch Video

How I use it

Power Disclaimer: Be sure to check your device for the appropriate voltage and wattage. As with all power adapters, using something that isn’t intended for your device can break your device, switch, or both!

Power Over Ethernet or POE. It’s awesome!. I have some small low power devices that have barrel plugs and they have these power adapters that take up a lot of space. Also, this ZimaBoard (and even Raspberry Pis) have a power switch to power on and off. To power it on and off I have to unplug it and plug it back in and unplug it and then plug it back in.

I wanted to find a better way to power these devices, and that’s when I stumbled on this little POE adapter. This little adapter plugs into my POE switch and delivers power to the device. So it will pass through the network too. So if I plug it into my switch and plug it into the device, the device will power on. My POE Switch is managed too so I can use its console to power the device on and off.

Now to power the device, I can just unplug the network cable!

POE Adapter! This adapter splits power and ether so you can power your low power devices

4 zones! It also has Gigabit ethernet!

Where to Buy

Products in this video (see power disclaimer above):

See the kit here: https://kit.co/TechnoTim/power-over-ethernet-poe-devices

(Affiliate links are included in this description. I may receive a small commission at no cost to you.)

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/portainer-2/index.html b/posts/portainer-2/index.html new file mode 100644 index 0000000000..c952ee013a --- /dev/null +++ b/posts/portainer-2/index.html @@ -0,0 +1,27 @@ + Portainer 2.0 -- Now with more Kubernetes! | Techno Tim
Post

Portainer 2.0 -- Now with more Kubernetes!

What’s new in Portainer 2.0? Well, a ton.With the release of Portainer 2 you now have the option to install Kubernetes.This makes installing, managing, and deploying Kubenetes really easy.In this step by step tutorial, we’ll start with nothing and end up with a fully working Portainer 2 server running Kubernetes.We’ll set up k3s using k3d, install kubectl, and then spin up Portainer.As an added bonus, we’ll also run a Minecraft server in Kubernetes as a proof of work.Double bonus, we’ll cover how to pronounce kubectl…

📺 Watch Video

Let’s get started

Here are the commands used in the video.Be sure to use them appropriately.

Install ubuntu

https://ubuntu.com/

Install Docker

To install docker, see this post

Install kubectl

https://kubernetes.io/docs/tasks/tools/install-kubectl/

1
+
curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl"
+
1
+
chmod +x ./kubectl
+
1
+
sudo mv ./kubectl /usr/local/bin/kubectl
+
1
+
kubectl version --client
+

Install k3d

https://github.com/rancher/k3d

1
+
curl -s https://raw.githubusercontent.com/rancher/k3d/main/install.sh | bash
+

Install k3s

1
+
k3d cluster create portainer --api-port 6443 --servers 1 --agents 1 -p "30000-32767:30000-32767@server:0"
+
1
+
k3d cluster create portainer --api-port 6443 --servers 1 --agents 1 -p "30000-32767:30000-32767@server:0"
+

Install Portainer

https://github.com/portainer/k8s

1
+2
+
kubectl create namespace portainer
+kubectl apply -n portainer -f https://raw.githubusercontent.com/portainer/k8s/master/deploy/manifests/portainer/portainer.yaml
+
1
+2
+3
+4
+
The Portainer UI is hosted on port `30777`
+
+
+      Example: `http://192.168.0.1:30777`
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/portainer-update/index.html b/posts/portainer-update/index.html new file mode 100644 index 0000000000..7cb3979fbe --- /dev/null +++ b/posts/portainer-update/index.html @@ -0,0 +1 @@ + How to Update Portainer Fast, Simple, and Easy Guide | Techno Tim
Post

How to Update Portainer Fast, Simple, and Easy Guide

Updating Portainer is easy, if you know how.In this quick no fluff video, I will show you how to update any version of Portainer.This guide can be used for installing it too.Portainer is a container management system for Docker, Kubernetes, Swarm, and Azure ACI. Portainer is free and open source.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/private-practical-local-ai/index.html b/posts/private-practical-local-ai/index.html new file mode 100644 index 0000000000..54b7cf40c0 --- /dev/null +++ b/posts/private-practical-local-ai/index.html @@ -0,0 +1 @@ + Self-Hosted AI That's Actually Useful | Techno Tim
Post

Self-Hosted AI That's Actually Useful

I built a private, local, and self-hosted AI stack to help me out with daily tasks.

📺 Watch Video

Disclosures

Info

If you’re looking for the tutorial to run this yourself, you can out the video here How to Self-Host Your Own Private AI Stack

Full tutorial coming soon on my other channel! TechnoTimTinkers

Hardware

Software

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/proxmox-7/index.html b/posts/proxmox-7/index.html new file mode 100644 index 0000000000..779352d4ef --- /dev/null +++ b/posts/proxmox-7/index.html @@ -0,0 +1,73 @@ + Before you upgrade to Proxmox 7, please consider this... | Techno Tim
Post

Before you upgrade to Proxmox 7, please consider this...

As you may know, proxmox is my current choice for a hypervisor. Proxmox 7 is here and comes with a host of new features! In this video we’re cover all of the new features in Proxmox 7 as well as how to upgrade your Proxmox server safely. We’ll also cover all of the “scary” prompts you get while upgrading as well as some of the ways to make sure your upgrade is successful. So, if you’re thinking about upgrading your HomeLab to Proxmox 7, be sure to check this video out first.

If you’re looking to upgrade to Proxmox 8, see this post

📺 Watch Video

Commands

Check your upgrade status

1
+
pve6to7 --full
+

First, make sure we have the latest packages

1
+2
+
apt update
+apt dist-upgrade
+

Update all Debian repositories to Bullseye

1
+
sed -i 's/buster\/updates/bullseye-security/g;s/buster/bullseye/g' /etc/apt/sources.list
+

We’ll also need to make sure we comment out any Proxmox ve 6.0 repositories.

1
+2
+
nano /etc/apt/sources.list
+nano /etc/apt/sources.list.d/pve-enterprise.list
+

Add Proxmox VE & package Repo

1
+
echo "deb https://enterprise.proxmox.com/debian/pve bullseye pve-enterprise" > /etc/apt/sources.list.d/pve-enterprise.list
+

If you’re using the non-subscription repository (like me) also run

1
+
sed -i -e 's/buster/bullseye/g' /etc/apt/sources.list.d/pve-install-repo.list 
+

If you’re running Ceph, you’ll need to run

1
+
echo "deb http://download.proxmox.com/debian/ceph-octopus bullseye main" > /etc/apt/sources.list.d/ceph.list
+

Do the upgrade

1
+2
+
apt update
+apt dist-upgrade
+

network changes

If you’re running LACP / LAGG I found that you need to make some additional changes to your network config.See the comments in the config

/etc/network/interfaces

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+
auto lo
+iface lo inet loopback
+
+#auto eno1 <---  I had to comment this out
+iface eno1 inet manual
+
+#auto eno2 <---  I had to comment this out
+iface eno2 inet manual
+
+auto bond0
+iface bond0 inet manual
+        bond-slaves eno1 eno2
+        bond-miimon 100
+        bond-mode 802.3ad
+        bond-xmit-hash-policy layer2+3
+
+auto vmbr0
+iface vmbr0 inet static
+        address 192.168.0.11/24
+        gateway 192.168.0.1
+        bridge-ports bond0
+        bridge-stp off
+        bridge-fd 0
+        bridge-vlan-aware yes
+        bridge-vids 2-4094
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/proxmox-alerts/index.html b/posts/proxmox-alerts/index.html new file mode 100644 index 0000000000..2ac9dc708b --- /dev/null +++ b/posts/proxmox-alerts/index.html @@ -0,0 +1,57 @@ + Set up alerts in Proxmox before it's too late! | Techno Tim
Post

Set up alerts in Proxmox before it's too late!

Setting up alerts in Proxmox is important and critical to making sure you are notified if something goes wrong with your servers.It’s so easy, I should have done this years ago! In this tutorial, we’ll set up email notifications using SMTP with Gmail or G Suite that send email alerts when there are disk errors, ZSF Issues, or when backup jobs run.We’ll then test the alerts to make sure they are working by yoinking a drive from my ZFS pool (and hopefully it doesn’t fail).

📺 Watch Video

Huge THANK YOU to Micro Center for Sponsoring Today’s video!

New Customer Exclusive – Free 256GB SDD: https://micro.center/24c

Check out Micro Center’s PC Builder: https://micro.center/1wk

Submit your build to Micro Center’s Build Showcase: https://micro.center/tvv

Shop Micro Center’s Top Deals: https://micro.center/jb4

Configuring Alerts

install dependencies

1
+2
+
apt update
+apt install -y libsasl2-modules mailutils
+

Configure app passwords on your Google account

https://myaccount.google.com/apppasswords

Configure postfix

1
+
echo "smtp.gmail.com your-email@gmail.com:YourAppPassword" > /etc/postfix/sasl_passwd
+

update permissions

1
+
chmod 600 /etc/postfix/sasl_passwd
+

hash the file

1
+
postmap hash:/etc/postfix/sasl_passwd
+

check to to be sure the db file was created

1
+
cat /etc/postfix/sasl_passwd.db
+

edit postfix config

1
+
nano /etc/postfix/main.cf
+
1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+
# google mail configuration
+
+relayhost = smtp.gmail.com:587
+smtp_use_tls = yes
+smtp_sasl_auth_enable = yes
+smtp_sasl_security_options =
+smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
+smtp_tls_CAfile = /etc/ssl/certs/Entrust_Root_Certification_Authority.pem
+smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache
+smtp_tls_session_cache_timeout = 3600s
+

reload postfix

1
+
postfix reload
+

send a test email

1
+
echo "This is a test message sent from postfix on my Proxmox Server" | mail -s "Test Email from Proxmox" your-email@gmail.com
+

fix from name in email

install dependency

1
+2
+
apt update
+apt install postfix-pcre
+

edit config

1
+
nano /etc/postfix/smtp_header_checks
+

add the following text

1
+
/^From:.*/ REPLACE From: pve1-alert <pve1-alert@something.com>
+

hash the file

1
+
postmap hash:/etc/postfix/smtp_header_checks
+

check the contents of the file

1
+
cat /etc/postfix/smtp_header_checks.db
+

add the module to our postfix config

1
+
nano /etc/postfix/main.cf
+

add to the end of the file

1
+
smtp_header_checks = pcre:/etc/postfix/smtp_header_checks
+

reload postfix service

1
+
postfix reload
+

Chapters

00:00 - Why you should set up alerts in Proxmox

01:42 - Micro Center / Free SSD (Sponsor)

02:56 - Where can I find the documentation

03:07 - Installing and configuring dependencies

03:54 - Google Email address configuration

08:43 - Configuring postfix and customizing the email alert

11:47 - Changing the mail sender name with pcre

14:20 - Configure where email alerts are sent

15:01 - Backup Alerts

17:33 - SMART alerts

18:53 - ZFS Alerts

19:52 - Testing in Production

24:03 - How Proxmox alerts could be better

25:30 - Stream Highlight - “Just some flashing lights & music”

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/proxmox-backup-server/index.html b/posts/proxmox-backup-server/index.html new file mode 100644 index 0000000000..8f71df14e0 --- /dev/null +++ b/posts/proxmox-backup-server/index.html @@ -0,0 +1 @@ + You should be using Proxmox Backup Server | Techno Tim
Post

You should be using Proxmox Backup Server

After years of ignoring it, I finally switched back to Proxmox Backup Server and reclaimed 6TB of disk space. Totally worth it.

📺 Watch Video

Info

The disk, network, and computational savings are incredible with Proxmox Backup Server and you should be using it if you are running Proxmox VE. I used NFS for years and only now do I realize how inefficient that is. This is why I started using Proxmox Backup Server once again.

Helpful links:

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/proxmox-helper-scripts/index.html b/posts/proxmox-helper-scripts/index.html new file mode 100644 index 0000000000..31963841be --- /dev/null +++ b/posts/proxmox-helper-scripts/index.html @@ -0,0 +1,3 @@ + Proxmox Automation with Proxmox Helper Scripts! | Techno Tim
Post

Proxmox Automation with Proxmox Helper Scripts!

Proxmox helper scripts is a collection of scripts to help you easily make changes to your Proxmox VE server along with installing many LXC Containers. This makes installing, configuring, and maintaining your Proxmox server in your HomeLab along with many applications as simple as running a script.

📺 Watch Video

Check out Proxmox VE Helper Scripts on Github: https://github.com/tteck/Proxmox

Disclosures

  • Nothing in this video was sponsored

Notes

Note: Be sure to always inspect any script before executing it, whether local or from the internet!

You can find the website here: https://helper-scripts.com/scripts

If you want to execute scripts from a commit SHA (somewhat immutable), you can execute the script like so (commit SHA of the date this video was released):

You can now use this hash to execute this script. This will ensure that you can run this repeatable (and not always latest)

1
+
bash -c "$(wget -qLO - https://raw.githubusercontent.com/tteck/Proxmox/e842d2ec3d8f358eed443be2ecbecb2f3b4137d0/install/homeassistant-core-install.sh)"
+

You can reuse this commit SHA for all other scripts (just replace the path)

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/proxmox-nested-virtualization/index.html b/posts/proxmox-nested-virtualization/index.html new file mode 100644 index 0000000000..cb033b7bb6 --- /dev/null +++ b/posts/proxmox-nested-virtualization/index.html @@ -0,0 +1,15 @@ + Enable Nested Virtualization In Proxmox | Techno Tim
Post

Enable Nested Virtualization In Proxmox

What Is Nested Virtualization?

Nested Virtualization is a feature that allows you to run a virtual machine within a virtual machine while still using hardware acceleration from the host machine.Put simply, it allows you to run a vm inside of a vm.

Enabling Nested Virtualization In Proxmox

Everything we do will be done on the host system running Proxmox.Once enabled, the guest can take advantage of it.

First we need to check to see if nested virtualization is enabled in Proxmox.

If you’re running an Intel CPU run this command:

1
+
cat /sys/module/kvm_intel/parameters/nested
+

If you’re running an AMD CPU run this command:

1
+
cat /sys/module/kvm_amd/parameters/nested
+

You should see an output of Y or N.If N this means that nested virtualization is not enabled, so let’s enabled it!

On the Proxmox host, run the following command as root:

If you’re running an Intel CPU run this command:

1
+
echo "options kvm-intel nested=Y" > /etc/modprobe.d/kvm-intel.conf
+

If you’re running an AMD CPU run this command:

1
+
echo "options kvm-amd nested=1" > /etc/modprobe.d/kvm-amd.conf 
+

Next reboot the system

1
+
reboot
+

Then check to see if nexted virtualization is enabled on the Proxmox host:

If you’re running an Intel CPU run this command:

1
+
cat /sys/module/kvm_intel/parameters/nested
+

If you’re running an AMD CPU run this command:

1
+
cat /sys/module/kvm_amd/parameters/nested
+

You should see Y this time.This means that you can now using virtualization inside of a VM, just be sure to set your VM’s processor accordingly! (use HOST for CPU type)

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/proxmox-pfsense/index.html b/posts/proxmox-pfsense/index.html new file mode 100644 index 0000000000..143af59646 --- /dev/null +++ b/posts/proxmox-pfsense/index.html @@ -0,0 +1 @@ + How to Virtualize Your Home Router / Firewall Using pfSense | Techno Tim
Post

How to Virtualize Your Home Router / Firewall Using pfSense

It’s time to say goodbye to your home router and start virtualizing it using Proxmox and pfSense.

pfSense Community Edition Download: https://www.pfsense.org/download/ Get started with Proxmox today: https://www.youtube.com/watch?v=hdoBQNI_Ab8

📺 Watch Video

Enable PCI Passthrough

https://pve.proxmox.com/wiki/PCI(e)_Passthrough

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/proxmox-setup/index.html b/posts/proxmox-setup/index.html new file mode 100644 index 0000000000..6ac5635950 --- /dev/null +++ b/posts/proxmox-setup/index.html @@ -0,0 +1 @@ + Proxmox VE Install and Setup Tutorial | Techno Tim
Post

Proxmox VE Install and Setup Tutorial

Do you need to virtualize something at home? Thinking of building your own Homelab? (The answer is YES).Join me as we install and configure Proxmox VE step-by-step.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/proxmox-ubuntu-server/index.html b/posts/proxmox-ubuntu-server/index.html new file mode 100644 index 0000000000..f1d740c289 --- /dev/null +++ b/posts/proxmox-ubuntu-server/index.html @@ -0,0 +1 @@ + Virtualize Ubuntu Server with Proxmox VE | Techno Tim
Post

Virtualize Ubuntu Server with Proxmox VE

Do you need to virtualize Ubuntu Server with Proxmox? Join me as we install and configure Ubuntu Server LTS on Proxmox VE step-by-step using the best performance options.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/proxmox-update/index.html b/posts/proxmox-update/index.html new file mode 100644 index 0000000000..d6dd409da7 --- /dev/null +++ b/posts/proxmox-update/index.html @@ -0,0 +1,23 @@ + How to Update Proxmox VE (No subscription required) | Techno Tim
Post

How to Update Proxmox VE (No subscription required)

Have you been thinking about updating your Proxmox VE server? Well, what are you waiting for? Upgrade your Proxmox server in your home lab in just a few minutes with this step-by-step tutorial!

📺 Watch Video

See all the hardware I recommend at https://l.technotim.live/gear

Edit /etc/apt/sources.list

1
+2
+3
+4
+5
+6
+7
+8
+9
+
deb http://ftp.us.debian.org/debian buster main contrib
+
+deb http://ftp.us.debian.org/debian buster-updates main contrib
+
+# security updates
+deb http://security.debian.org buster/updates main contrib
+
+# not for production use
+deb http://download.proxmox.com/debian buster pve-no-subscription
+

Run

1
+
apt-get update
+
1
+
apt dist-upgrade
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/proxmox-windows/index.html b/posts/proxmox-windows/index.html new file mode 100644 index 0000000000..74fc7db316 --- /dev/null +++ b/posts/proxmox-windows/index.html @@ -0,0 +1 @@ + Virtualize Windows 10 with Proxmox VE | Techno Tim
Post

Virtualize Windows 10 with Proxmox VE

Do you need to virtualize Windows 10 with Proxmox? Join me as we install and configure Windows 10 on Proxmox VE step-by-step using the best performance options.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/pterodactyl-game-server/index.html b/posts/pterodactyl-game-server/index.html new file mode 100644 index 0000000000..bf19428b39 --- /dev/null +++ b/posts/pterodactyl-game-server/index.html @@ -0,0 +1,313 @@ + I Built the PERFECT Game Server with Pterodactyl and Docker | Techno Tim
Post

I Built the PERFECT Game Server with Pterodactyl and Docker

Pterodactyl is a free an open source dedicated game server.It comes with both a panel to configure and deploy your game servers as well as game server nodes to run your games.It runs games in Docker containers to keep them isolated and making them easier than ever to deploy.We’re going to also use Docker to create our Pterodactyl server and the Wings agent making this truly Docker to the core.

https://pterodactyl.io

Be sure to ⭐ the Pterodactyl GitHub repo and the Eggs repo (additional games)

📺 Watch Video

Install Docker

To install docker, see this post

Reverse Proxy

Both your Pterodactyl Panel server as well as your Pterodactyl Wing server will need to be configured in your reverse proxy, each with their own public URL. If you need help configuring your reverse proxy, see my guide on how to do that.

Need games 🎮?

Check out game deals on Humble Games (affiliate link)

Game Panel

1
+2
+3
+4
+5
+
mkdir pterodactyl
+cd pterodactyl
+mkdir panel
+cd panel
+nano docker-compose.yml
+

docker-compose.yml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+54
+55
+56
+57
+58
+59
+60
+61
+62
+63
+64
+65
+66
+67
+68
+69
+70
+71
+72
+73
+74
+75
+76
+77
+78
+79
+80
+
version: '3.8'
+x-common:
+  database:
+    &db-environment
+    # Do not remove the "&db-password" from the end of the line below, it is important
+    # for Panel functionality.
+    MYSQL_PASSWORD: &db-password "CHANGE_ME"
+    MYSQL_ROOT_PASSWORD: "CHANGE_ME_TOO"
+  panel:
+    &panel-environment
+    # This URL should be the URL that your reverse proxy routes to the panel server
+    APP_URL: "https://pterodactyl.example.com"
+    # A list of valid timezones can be found here: http://php.net/manual/en/timezones.php
+    APP_TIMEZONE: "UTC"
+    APP_SERVICE_AUTHOR: "noreply@example.com"
+    TRUSTED_PROXIES: "*" # Set this to your proxy IP
+    # Uncomment the line below and set to a non-empty value if you want to use Let's Encrypt
+    # to generate an SSL certificate for the Panel.
+    # LE_EMAIL: ""
+  mail:
+    &mail-environment
+    MAIL_FROM: "noreply@example.com"
+    MAIL_DRIVER: "smtp"
+    MAIL_HOST: "mail"
+    MAIL_PORT: "1025"
+    MAIL_USERNAME: ""
+    MAIL_PASSWORD: ""
+    MAIL_ENCRYPTION: "true"
+
+#
+# ------------------------------------------------------------------------------------------
+# DANGER ZONE BELOW
+#
+# The remainder of this file likely does not need to be changed. Please only make modifications
+# below if you understand what you are doing.
+#
+services:
+  database:
+    image: mariadb:10.5
+    restart: always
+    command: --default-authentication-plugin=mysql_native_password
+    volumes:
+      - "/srv/pterodactyl/database:/var/lib/mysql"
+    environment:
+      <<: *db-environment
+      MYSQL_DATABASE: "panel"
+      MYSQL_USER: "pterodactyl"
+  cache:
+    image: redis:alpine
+    restart: always
+  panel:
+    image: ghcr.io/pterodactyl/panel:latest
+    restart: always
+    ports:
+      - "80:80"
+      - "443:443"
+    links:
+      - database
+      - cache
+    volumes:
+      - "/srv/pterodactyl/var/:/app/var/"
+      - "/srv/pterodactyl/nginx/:/etc/nginx/http.d/"
+      - "/srv/pterodactyl/certs/:/etc/letsencrypt/"
+      - "/srv/pterodactyl/logs/:/app/storage/logs"
+    environment:
+      <<: [*panel-environment, *mail-environment]
+      DB_PASSWORD: *db-password
+      APP_ENV: "production"
+      APP_ENVIRONMENT_ONLY: "false"
+      CACHE_DRIVER: "redis"
+      SESSION_DRIVER: "redis"
+      QUEUE_DRIVER: "redis"
+      REDIS_HOST: "cache"
+      DB_HOST: "database"
+      DB_PORT: "3306"
+networks:
+  default:
+    ipam:
+      config:
+        - subnet: 172.20.0.0/16
+

Start the stack

1
+
docker-compose up -d
+

Create a User

1
+
docker-compose run --rm panel php artisan p:user:make
+

Wings

1
+2
+3
+4
+5
+
mkdir pterodactyl
+cd pterodactyl
+mkdir wings
+cd wings
+nano docker-compose.yml
+

docker-compose.yml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+
version: '3.8'
+
+services:
+  wings:
+    image: ghcr.io/pterodactyl/wings:v1.6.1
+    restart: always
+    networks:
+      - wings0
+    ports:
+      - "8080:8080"
+      - "2022:2022"
+      - "443:443"
+    tty: true
+    environment:
+      TZ: "UTC"
+      WINGS_UID: 988
+      WINGS_GID: 988
+      WINGS_USERNAME: pterodactyl
+    volumes:
+      - "/var/run/docker.sock:/var/run/docker.sock"
+      - "/var/lib/docker/containers/:/var/lib/docker/containers/"
+      - "/etc/pterodactyl/:/etc/pterodactyl/"
+      - "/var/lib/pterodactyl/:/var/lib/pterodactyl/"
+      - "/var/log/pterodactyl/:/var/log/pterodactyl/"
+      - "/tmp/pterodactyl/:/tmp/pterodactyl/"
+      - "/etc/ssl/certs:/etc/ssl/certs:ro"
+      # you may need /srv/daemon-data if you are upgrading from an old daemon
+      #- "/srv/daemon-data/:/srv/daemon-data/"
+      # Required for ssl if you use let's encrypt. uncomment to use.
+      #- "/etc/letsencrypt/:/etc/letsencrypt/"
+networks:
+  wings0:
+    name: wings0
+    driver: bridge
+    ipam:
+      config:
+        - subnet: "172.21.0.0/16"
+    driver_opts:
+      com.docker.network.bridge.name: wings0
+

Start the stack

1
+
docker-compose up -d
+
1
+
sudo nano /etc/pterodactyl/config.yml
+

Paste the contents from the config your panel generated for your node into this file Note: The FQDN field when configuring the node in the panel should be the URL that your reverse proxy routes to your wing server. Also ensure you entered 443 for the Daemon Port field.

config.yml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+
debug: false
+uuid: 716deb8f-7047-42ad-9323-4a25ae49118b
+token_id: 7PoSfql3hdKjbMKn
+token: apEo1esCKe5sEWkpfnRB5xakj3mc0aM6jglacgBcsIsgglBtOm0oV1W3efTbwarN
+api:
+  host: 0.0.0.0
+  port: 443
+  ssl:
+    enabled: false
+    cert: /etc/letsencrypt/live/node-01.example.com/fullchain.pem
+    key: /etc/letsencrypt/live/node-01.example.com/privkey.pem
+  upload_limit: 100
+system:
+  data: /var/lib/pterodactyl/volumes
+  sftp:
+    bind_port: 2022
+allowed_mounts: []
+remote: 'https://pterodactyl.example.com'
+

Restart the stack

1
+
docker-compose up -d --force-recreate
+

Troubleshooting

Missing Metrics

If you aren’t seeing your stats in the console

1
+
sudo nano /etc/default/grub
+

add additional parameters to GRUB_CMDLINE_LINUX_DEFAULT

1
+
GRUB_CMDLINE_LINUX_DEFAULT="swapaccount=1 systemd.unified_cgroup_hierarchy=1"
+
1
+2
+
sudo update-grub
+sudo reboot
+

Kubernetes

If you are looking to install the Pterodactyl Panel on kubernetes, see the manifests here.

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/rancher-2-upgrade-backup-restore/index.html b/posts/rancher-2-upgrade-backup-restore/index.html new file mode 100644 index 0000000000..766c04311d --- /dev/null +++ b/posts/rancher-2-upgrade-backup-restore/index.html @@ -0,0 +1,97 @@ + How to Upgrade, Backup, and Restore Rancher 2 | Techno Tim
Post

How to Upgrade, Backup, and Restore Rancher 2

It use to be hard to back up Rancher, but with Rancher 2 it’s super simple.Upgrading, backing up, and restoring your Rancher server should be part of your regular routine.Join me in this tutorial as we walk through backing up, upgrading, and restoring a single node Rancher Docker install in just a couple of minutes.Trust me, you’ll feel better after you do.

📺 Watch Video

Upgrade & Backup Outline

  • Create a copy of the data from your Rancher server container
  • Create a backup tarball
  • Pull the new Docker image
  • Start the new Rancher server container
  • Verify the Upgrade
  • Clean up your old Rancher server container

See all containers

1
+
docker ps
+

See all containers including stopped ones

1
+
docker ps -a
+

Stop the container

1
+
docker stop <RANCHER_CONTAINER_NAME>
+

Create a data container

1
+
docker create --volumes-from <RANCHER_CONTAINER_NAME> --name rancher-data-<DATE> rancher/rancher:<RANCHER_CONTAINER_TAG>
+

Create a backup tarball

1
+2
+
docker run  --volumes-from rancher-data-<DATE> -v $PWD:/backup:z busybox tar pzcvf /backup/rancher-data-backup-<RANCHER_VERSION>-<DATE>.tar.gz /var/lib/rancher
+
+

Run ls and you should see your tarball

1
+
rancher-data-backup-v2.4.3-2020-06-21.tar.gz
+

Pull a new docker image

1
+
docker pull rancher/rancher:<RANCHER_VERSION_TAG>
+

Start your new rancher server container.

Use the command you used to create your initial container, it looks something like this.

1
+
docker run -d --restart=unless-stopped -p 9090:80 -p 9091:443 --privileged -v /opt/rancher:/var/lib/rancher --name=rancher_docker_server rancher/rancher:<RANCHER_VERSION>
+

Check to see if it’s running

1
+
docker ps
+

Restoring Rancher from Backup

Use the command you used to create your initial container, it looks something like this.

1
+
docker run -d --restart=unless-stopped -p 9090:80 -p 9091:443 --privileged -v /opt/rancher:/var/lib/rancher --name=rancher_docker_server rancher/rancher:<RANCHER_VERSION>
+

Stop the container

1
+
docker stop <RANCHER_CONTAINER_NAME>
+

Delete state data and replace from backup

1
+2
+3
+
docker run  --volumes-from <RANCHER_CONTAINER_NAME> -v $PWD:/backup \
+busybox sh -c "rm /var/lib/rancher/* -rf  && \
+tar pzxvf /backup/rancher-data-backup-<RANCHER_VERSION>-<DATE>.tar.gz"
+

Start the container

1
+
docker start <RANCHER_CONTAINER_NAME>
+

Unofficial Way

Backup

1
+
cd /opt
+
1
+
docker stop rancher_docker_server
+

if this fails it means you named your container something else, find it by running docker ps

1
+
sudo tar czpf rancher-data-backup-VERSION-DATE-unofficial.tar.gz rancher
+
1
+
sudo mv rancher-data-backup-VERSION-DATE-unofficial.tar.gz ~/
+
1
+
 docker start rancher_docker_server
+

Restore

1
+
cd /opt
+
1
+
docker stop rancher_docker_server
+

if this fails it means you named your container something else, find it by running docker ps

1
+
sudo tar xzpf rancher-data-backup-VERSION-DATE-unofficial.tar.gz 
+
1
+
 docker start rancher_docker_server
+

Backup script

Your rancher server must be named similar to rancher_docker_server_v2.4.5 otherwise you’ll need to modify this. This will not work with latest tag, so be sure to pin your version.

It will need to be run with sudo or scheduled in sudo crontab -e

rancher_backup.sh

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+
# go to rancher dir
+cd /opt
+
+# get current rancher tag
+RANCHER_TAG=$(docker ps | grep rancher/rancher | grep -Eio 'rancher/rancher:.{0,6}' | sed 's/rancher\/rancher://g')
+
+# date format
+TODAY=`date -I`
+
+# stop docker container
+docker stop rancher_docker_server_$RANCHER_TAG
+
+# create tar
+tar czpf rancher-data-backup-$RANCHER_TAG-$TODAY-unofficial.tar.gz rancher
+
+# move tar
+mv rancher-data-backup-$RANCHER_TAG-$TODAY-unofficial.tar.gz /home/USERNAME/backups/rancher_backups/
+
+# start server
+docker start rancher_docker_server_$RANCHER_TAG
+
+

upgrading to a new version

1
+2
+
NEW_VERSION_TAG=v2.4.8
+docker run -d --restart=unless-stopped -p 9090:80 -p 9091:443 --privileged -v /opt/rancher:/var/lib/rancher --name=rancher_docker_server_$NEW_VERSION_TAG rancher/rancher:$NEW_VERSION_TAG
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/rancher-ha-install/index.html b/posts/rancher-ha-install/index.html new file mode 100644 index 0000000000..b2d952534b --- /dev/null +++ b/posts/rancher-ha-install/index.html @@ -0,0 +1,47 @@ + High Availability Rancher on Kubernetes | Techno Tim
Post

High Availability Rancher on Kubernetes

Are you running Kubernetes in your homelab or in the enterprise? Do you want an easy way to manage and create Kubernetes clusters? Join me as we walk through installing Rancher on an existing high availability k3s cluster in this step-by-step tutorial.

We install Rancher, configure a load balancer, install and configure helm, install cert-manager, configure Rancher, walk through the GUI, scale up our cluster, and set up a health check and liveness check! Join me, it’s easy in this straightforward guide.

📺 Watch Video

install

Note: It’s advised you consult the Rancher Support Matrix to get the recommended version for all Rancher dependencies.

https://rancher.com/docs/rancher/v2.x/en/installation/install-rancher-on-k8s/#1-install-the-required-cli-tools

kubectl

install helm

1
+
curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash
+

add helm repo, stable

1
+
helm repo add rancher-stable https://releases.rancher.com/server-charts/stable
+

create rancher namespace

1
+
kubectl create namespace cattle-system
+

ssl configuration

user rancher generated (default)

install cert-manager

1
+
kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.7.1/cert-manager.crds.yaml
+

create name-space for cert-manager

1
+
kubectl create namespace cert-manager
+

Add the Jetstack Helm repository

1
+
 helm repo add jetstack https://charts.jetstack.io
+

update helm repo

1
+
helm repo update
+

install cert-manager helm chart

*Note: If you receive an “Error: Kubernetes cluster unreachable” message when installing cert-manager, try copying

the contents of “/etc/rancher/k3s/k3s.yaml” to “~/.kube/config” to resolve the issue.*

1
+2
+3
+4
+
helm install \
+  cert-manager jetstack/cert-manager \
+  --namespace cert-manager \
+  --version v1.7.1
+

check rollout of cert-manager

1
+
kubectl get pods --namespace cert-manager
+

Be sure each pod is fully running before proceeding

Install Rancher with Helm

Note: If you have “.local” for your private TLD then Rancher will NOT finish the setup within the webUI

1
+2
+3
+
helm install rancher rancher-stable/rancher \
+  --namespace cattle-system \
+  --set hostname=rancher.example.com
+

check rollout

1
+
kubectl -n cattle-system rollout status deploy/rancher
+

you should see

1
+2
+3
+4
+
Waiting for deployment "rancher" rollout to finish: 0 of 3 updated replicas are available...
+Waiting for deployment "rancher" rollout to finish: 1 of 3 updated replicas are available...
+Waiting for deployment "rancher" rollout to finish: 2 of 3 updated replicas are available...
+deployment "rancher" successfully rolled out
+

check status

1
+
kubectl -n cattle-system rollout status deploy/rancher
+

you should see

deployment "rancher" successfully rolled out
+

load balancer

If you are using k3s you can use the traefik ingress controller that ships with k3s

run

1
+
kubectl get svc --all-namespaces -o wide
+

look for

kube-system     traefik                LoadBalancer   10.43.202.72   192.168.100.10   80:32003/TCP,443:32532/TCP   5d23h   app=traefik,release=traefik
+

then create a DNS entry for rancher.example.com 192.168.100.10

This can be a host entry on your machine, or a DNS entry in your local DNS system (router, pi hole, etc…)

otherwise you can use nginx

nginx lb

https://rancher.com/docs/rancher/v2.x/en/installation/resources/k8s-tutorials/infrastructure-tutorials/nginx/

other considerations

Separating Rancher Cluster from your User Cluster

https://rancher.com/docs/rancher/v2.x/en/overview/architecture-recommendations/#separation-of-rancher-and-user-clusters

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/rancher-monitoring/index.html b/posts/rancher-monitoring/index.html new file mode 100644 index 0000000000..31732869f9 --- /dev/null +++ b/posts/rancher-monitoring/index.html @@ -0,0 +1 @@ + Monitoring Your Kubernetes Cluster with Grafana, Prometheus, and Alertmanager | Techno Tim
Post

Monitoring Your Kubernetes Cluster with Grafana, Prometheus, and Alertmanager

Today in this step by step guide, we’ll set up Grafana, Prometheus, and Alertmanager to monitor your Kubernetes cluster.This can be set up really quickly using helm or the Rancher UI.We’ll install and configure, set up some dashboards, and even set up some alerts using Slack.All this and more in this simple to follow, easy tutorial.Setting up Grafana and Prometheus has never been so easy.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/rancher-new-ui/index.html b/posts/rancher-new-ui/index.html new file mode 100644 index 0000000000..413e529d9c --- /dev/null +++ b/posts/rancher-new-ui/index.html @@ -0,0 +1 @@ + Everything you need to know about the NEW Rancher UI | Techno Tim
Post

Everything you need to know about the NEW Rancher UI

Today we’re going to talk about the new Cluster Explorer in Rancher.The Cluster Explorer is the new fancy user interface that will replace the old Cluster Manager.The new UI contains lots of new areas to explore, from new dashboards to new workload and deployment views, to service discovery, to storage to RBAC, and more.If you’ve been hesitant to use the new UI, no need to worry, we all have.But hopefully after this you’ll switch over like I have done too!

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/rancher-vs-portainer/index.html b/posts/rancher-vs-portainer/index.html new file mode 100644 index 0000000000..c0cc2b06b9 --- /dev/null +++ b/posts/rancher-vs-portainer/index.html @@ -0,0 +1 @@ + Rancher vs. Portainer - Which one should I choose? | Techno Tim
Post

Rancher vs. Portainer - Which one should I choose?

Rancher vs. Portainer, which one is better” Which one should I choose? Can Portainer manager Kubernetes? Can Rancher manage Kubernetes? We answer all these questions and more in this quick, no fluff video. Side note, this is one of the most asked questions in my live streams.

Please share this with anyone who asks what a Home Lab is.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/renovate-bot-kubernetes/index.html b/posts/renovate-bot-kubernetes/index.html new file mode 100644 index 0000000000..8ec469281d --- /dev/null +++ b/posts/renovate-bot-kubernetes/index.html @@ -0,0 +1,195 @@ + Meet Renovate - Your Update Automation Bot for Kubernetes and More! | Techno Tim
Post

Meet Renovate - Your Update Automation Bot for Kubernetes and More!

Keeping track of container image updates is hard. I started using Renovate Bot to to track these for me and I now get pull requests from a bot for my Docker and Kubernetes container images. It’s a game changer.

A HUGE thanks to Datree for sponsoring this video!

Secure Your Kubernetes, Prevent Misconfigurations

https://www.datree.io

📺 Watch Video

Why use Renovate?

How much time do you spend looking for updated container images for services you have running in your Kubernetes cluster? 5 minutes, 5 hours? Never? I used to spend hours a week checking for new container images, reading up on the changes, and not really knowing if it was going to break my cluster or not. It was super tedious doing this to the point where I almost stopped doing it. That’s when I discovered Renovate Bot. Renovate is a dependency update automation tool that scans your software, discovers dependencies, and checks to see if an update exists, and if there is one, it will automatically help you out by submitting a pull request on your code base. It works out of the box and supports a wide variety of languages and technologies, it’s highly configurable putting you in control of what gets updated and when, and it’s pretty smart too and can automatically detect dependencies and suggest ideas for improvement.

Here’s the cool thing about it too, not only can it scan for all sorts of dependencies, it also gives you your choice of how you want to run it. Want to run it locally as a node module or from a CLI? Or in a Docker container? Or ever self host it in your Kubernetes cluster? No problem! Want to scan dependencies in GitHub, GitLab, AWS CodeCommit or other Git providers? No problem at all. One of the great things about Renovate is that because it’s open source, it puts you in control of how you want to run it, where you want to run it, and when you want to run it. So today we’ll be setting up Renovate bot to give us a helping hand with our Kubernetes resources. We’ll create a GitHub repo to house our Kubernetes deployments, add the Renovate bot to our repo, and then let it help us out by opening pull requests when it sees updates to any of the container images we’re using. Yeah… I feel like I just hired a devops engineer for free.

Renovate works with many different source control providers like GitHub, GitLab, CodeCommit, and many others. You also have your choice of how you want to manage Renovate, meaning you can self-host it with Docker or Kubernetes, or run it as a GitHub app for free that’s hosted by Renovate’s parent company Mend.

Create GitHub Repo

We’re going to go with GitHub and the GitHub app because it’s super simple to set up. First we need to create a github repo, this is as simple as going to GitHub and well, creating a new repo. After naming your repo you’ll want to choose whether to make this public or private. The choice is up to you and Renovate will work either way.

Note: if you want to see the repo I created in this post and video, you can check it out here technotim-k8s-renovate

GitHub Repo! Create a repo in GitHub

After creating the repo you’ll want to clone it to your machine. Now, I know that it’s empty, but we’ll be adding some things here shortly. After cloning it, I am going to open it up with a VSCode but any editor will do.

Now that our repo is cloned, we’re going to add some Kubernetes resources so that Renovate can start analyzing our resources for updates. We’re going to create a simple nginx deployment and service.

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+
---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx
+spec:
+  selector:
+    matchLabels:
+      app: nginx
+  replicas: 3
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      containers:
+        - name: nginx
+          image: nginx:1.24-alpine
+          ports:
+            - containerPort: 80
+
1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+
---
+apiVersion: v1
+kind: Service
+metadata:
+  name: nginx
+spec:
+  selector:
+    app: nginx
+  ports:
+    - port: 80
+      targetPort: 80
+  type: LoadBalancer
+

For this deployment we’re going to use an older nginx container image tag because we want to see the Renovate bot actually work, so we’ll go out to Docker Hub and choose an older tag. We’ll then put that image tag in our deployment. Now that we have this manifest, let’s commit this code and push it up.

Add Renovate Bot

Now that we have a simple Kubernetes deployment committed to our repo, we should add the Renovate bot to start analyzing our code. We can do this by going out to GitHub, finding the Renovate app, and installing it in our repo. You need to authorize this app for your repo or org. Once you authorize this app and choose which repos it has access to you are all set!

If you ever decide to change your mind and remove this app for your repo, you can go to the repo settings and remove this app at any time.

Once the Renovate bot is authorized and installed, it won’t actually do anything until you merge a Pull Request that will be opened by the bot on your repo! This pull request is a special “onboarding” pull request that will show you what the bot has detected along with adding a default config for the bot. Renovate won’t take any further actions until you accept and merge this pull request. Once you have reviewed this PR, you can merge it in and it will activate the bot on your repo.

Renovate in GitHub Marketplace! Add the Renovate app to your repo

Our First (Real) Pull Request

After merging the onboarding PR, we can go and take a look at the logs for the bot on Mend’s bot page. Here we can see that it is trying to auto detect all of the various dependencies that the bot supports. It’s checking for ansible, docker-compose, flux, gradle, helm, and many other dependencies. But it doesn’t know how to handle Kubernetes files out of the box because Kubernetes files don’t really have a naming convention because there really isn’t one. So we’ll need to tell Renovate how to check for Kubernetes files in our config.

Renovate logs! Here you can see Renovate trying to scan our repo and automatically detect dependencies

So we’ll need to git pull to get latest and we should see our Renovate config file. We’ll need to add the file match for Kubernetes files. You’ll want to be sure that you use the right extension here, whether that be yml or yaml, both are acceptable but I typically use yml so that’s what I am going to use here.

1
+2
+3
+4
+5
+6
+7
+8
+9
+
{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "config:base"
+  ],
+  "kubernetes": {
+    "fileMatch": ["\\.yml$"]
+  }
+}
+

If you’re using FluxCD (as shown here) you also want add the flux extension and filematch. This will allow Renovate to scan your FluxCD manifests as well as creating Pull Requests for your Helm chart versions.

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+
{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "config:base"
+  ],
+  "flux": {
+    "fileMatch": ["\\.yml$"]
+  },
+  "kubernetes": {
+    "fileMatch": ["\\.yml$"]
+  }
+}
+

Once we’ve made that change to our config locally, we’ll then commit that change and push it up.

Once we push this change up and it scans our repo, we can see a new issue that was created! This is a special type of issue that Renovate creates for us and it is kind of like a dashboard for all of our dependencies.

If we look at this issue, it’s telling us that it detected a new dependency that’s related to Kubernetes and that it detected not only our nginx tag but also our Kubernetes API version for the deployment. Super awesome. If you like you can choose to disable this dashboard issue in your config, but I would recommend keeping it.

If we look at the logs again from Renovate, we can also see that it detected our nginx deployment and that it created a PR for us to review. Now for the actual PR. We should see a new PR that was opened from the Renovate bot!

If we look at this PR we can see the proposed changes, it’s suggesting that we change our nginx container image from 1.24 to 1.25 which is the current latest tag. If we’re happy with the change we can merge it into our code with just a click.

How to Handle “latest” tag

Now our code base is up to date with the latest container image. What happens if a container you are using only has one tag, say like the “latest” tag? Well, let’s find out.

Let’s say for instance we’re running Wordpress in our cluster, and we create a deployment.yml and in our deployment.yml we specify the “latest” tag vs. a versioned tag.

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+
---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: wordpress
+spec:
+  selector:
+    matchLabels:
+      app: wordpress
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: wordpress
+    spec:
+      containers:
+        - name: wordpress
+          image: wordpress:latest
+          ports:
+            - containerPort: 80
+
1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+
---
+apiVersion: v1
+kind: Service
+metadata:
+  name: wordpress
+spec:
+  selector:
+    app: wordpress
+  ports:
+    - port: 80
+      targetPort: 80
+  type: LoadBalancer
+

After we commit and push this up, we can wait for Renovate to check our repository again for new dependencies, or we can manually trigger one by going back to the dependency dashboard issue and check this box to trigger it to run again.

Now, if we look at the logs again we should see that it detected Wordpress, however it is unversioned. The latest tag is nondeterministic, meaning that it is not deterministic, or simply put, it can mean more than one thing. Renovate can’t use this because it can’t determine what the current version is and what the next possible version is. So, instead of pinning this version to “latest”, we can actually pin it to a digest.

So if we look at the current latest tag in Docker Hub and inspect the digest, we can see it here.

It’s this long string of characters:

DIGEST:sha256:75ba772cce073ec2aa6cec95c5ca229dfde9029c49874350a971499d567adae7

The digest is an immutable identifier for a container image and it is deterministic, meaning it can’t be changed and it only references one image. We can use that for Renovate. Once we have that, we can then pin our Wordpress container to this digest by using the like this, it’s:

container image @ sha256 : digest

Now if we make this change, commit this and push it up, we are now pinned to the digest which is also the same as “latest”. Again, if we want to force a scan instead of waiting, we can go back to this Dashboard issue, check the check box and then go look at the logs. We can now see that it detected our Wordpress container image along with the digest and it can now compare this to the current digest and open a PR if it needs to. If we take a look at the issue Dependency dashboard, we can now see that it detected Wordpress pinned to the digest. We won’t see a PR now because this digest is the latest digest, however if Wordpress releases a new container image with a new digest we will get a pull request to replace the digest. Awesome, so that solves the “latest” problem.

Working with Helm Charts

So that’s awesome, we have ways to work with Kubernetes manifests whether they are pinned to a versioned tag or an unversioned tag, but what about helm charts? Well, helm charts are just as easy. Let’s say we wanted to source control our mysql helm deployment, all we have to do is create a our helm values file and include the version as well as the repository.

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+
---
+image:
+  repository: bitnamicharts/mysql
+  version: 9.9.0
+persistence:
+  enabled: true
+  size: 10Gi
+architecture: replication
+auth:
+  existingSecret: mysql-secret
+primary:
+  replicaCount: 1
+

If you don’t specify the repository it will default to Docker hub, but as you can see here I am getting this chart from Bitnami. After we commit and push this up, we should now see a new dependency type of helm and since it detected an update we should also see a pull request to update this file!

Renovate helm charts! updating helm charts with Renovate are just as easy!

Wrapping Up

So now with Renovate bot we can keep track and upgrade our Kubernetes deployment and even helm charts but I bet you are wondering how you can deploy them? There are quite a few ways to deploy these resources using GitOps tools like Flux and ArgoCD, or even just a simple CI task that runs kubectl and or helm. I have a few videos on this topic. What about Docker deployments? Well if you’re interested in how to automate deployments with Docker and Renovate let me know in the comments below.

Well, I learned a ton about Renovate Bot, how to add it to your Git Repository and how to automate Pull Requests when there are updates available, and I hope you learned something too! And remember if you found anything in this post helpful, don’t forget to share. Thanks for Reading!

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/reverse-proxy-kubernetes/index.html b/posts/reverse-proxy-kubernetes/index.html new file mode 100644 index 0000000000..ab16664e1a --- /dev/null +++ b/posts/reverse-proxy-kubernetes/index.html @@ -0,0 +1,83 @@ + Self-Hosting Your Homelab Services with SSL -- Let's Encrypt, MetalLB, Traefik, Rancher, Kubernetes | Techno Tim
Post

Self-Hosting Your Homelab Services with SSL -- Let's Encrypt, MetalLB, Traefik, Rancher, Kubernetes

Are you self-hosting lots of services at home in your homelab? Have you been port forwarding or using VPN to access your self-hosted services wishing you had certificates so that you can access them securely over SSL? Well after this video, you can! In this step by step tutorial we’ll walk through setting up Rancher and Kubernetes with a reverse proxy, Kubernetes Ingress, MetalLB, Traefik, Let’s Encrypt, and DNS giving you free certificates.

📺 Watch Video

Install WSL on Windows 10

https://www.youtube.com/watch?v=kL8iGErULiw

Install kubectl

https://kubernetes.io/docs/tasks/tools/install-kubectl/

Install MetalLB

https://metallb.universe.tf/installation/

kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.9.5/manifests/namespace.yaml

kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.9.5/manifests/metallb.yaml

You should only ever run this step once.

kubectl create secret generic -n metallb-system memberlist --from-literal=secretkey="$(openssl rand -base64 128)"

sample config.yaml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+
apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: metallb-system
+  name: config
+data:
+  config: |
+    address-pools:
+    - name: default
+      protocol: layer2
+      addresses:
+      - 192.168.1.240-192.168.1.250
+

kubectl apply -f config.yaml

Traefik

traefik sample answers yaml

change “staging: true” to “staging: false” once you confirm its all working to get the live certs

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+
---
+  defaultImage: true
+  imageTag: "1.7.14"
+  serviceType: "LoadBalancer"
+  debug: 
+    enabled: false
+  rbac: 
+    enabled: true
+  ssl: 
+    enabled: true
+    enforced: true
+    permanentRedirect: false
+  acme: 
+    enabled: true
+    email: "you@example.com"
+    onHostRule: true
+    staging: true
+    logging: true
+    challengeType: "dns-01"
+    dnsProvider:
+      name: "cloudflare"
+      existingSecretName: "cloudflare-dns"
+  persistence: 
+    enabled: true
+  dashboard: 
+    enabled: true
+    domain: "traefik.example.com"
+    auth: 
+      basic: ""
+

Traefik Helm

https://hub.helm.sh/charts/stable/traefik

Traefik DNS Providers

https://docs.traefik.io/https/acme/#providers

Troubleshooting

Be sure that your Traefik yaml matches the code above exactly, including whitespace.Yaml is whitespace sensitive.

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/rgb-storinator/index.html b/posts/rgb-storinator/index.html new file mode 100644 index 0000000000..6549f8671e --- /dev/null +++ b/posts/rgb-storinator/index.html @@ -0,0 +1 @@ + I Put RGB Fans in My Server and I am NOT Apologizing | Techno Tim
Post

I Put RGB Fans in My Server and I am NOT Apologizing

My Storinator server from 45Drives is great, except for 1 thing.It’s a little loud for my home.It would be fine if it were in a data center or a real network closet, however this is in my basement.I decided to swap out all the fans to make it quieter, and install RGB fans along with a ZigBee controller so I can control them with Home Automation!

📺 Watch Video

HUGE THANK YOU to Micro Center for Sponsoring this Video!

New Customers Exclusive – Get $25 off your purchase of any AMD and Intel Processor (limit one per customer): https://micro.center/1z7

Check out Micro Center’s PC Builder: https://micro.center/mrp

Submit your build to Micro Center’s Build Showcase: https://micro.center/ow4

Thanks again to 45drives for the Storinator! https://45drives.com

📦See all the parts in this kit here! 📦 https://kit.co/TechnoTim/smart-rgb-fan-conversation

Time Codes

00:00 - Making My Server Quiet

02:13 - Micro Center (Sponsor)

03:18 - Taking the Server Apart

04:17 - Changing the CPU Cooler

05:02 - How to Add Smart RGB to a Server

06:07 - Wiring Up the ZigBee Controller and Fans

07:20 - Testing and Pairing the ZigBee Controller

08:08 - Why Put RGB Fans in a Server?

08:42 - How Much Quieter Is It?

09:13 - What’s Next for the Server?

09:33 - Stream Highlight - I will buy an LTT Screwdriver

Join the conversation

Hacking my RGB fans to work with Zigbee!

I made my servers quiet!

Which color do you like best?

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/rotate-sops-encryption-keys/index.html b/posts/rotate-sops-encryption-keys/index.html new file mode 100644 index 0000000000..559be980da --- /dev/null +++ b/posts/rotate-sops-encryption-keys/index.html @@ -0,0 +1,45 @@ + Rotating your Encryption Keys and Updating your Secrets with SOPS | Techno Tim
Post

Rotating your Encryption Keys and Updating your Secrets with SOPS

If you’ve been encrypting your secrets with SOPS and Age you know how useful it is to keep your secrets safe from prying eyes. If you’re not familiar with encrypting your secrets with SOPS and Age, I highly recommend checking out a post I did a while back that shows you how easy it is to encrypt your secrets and even hide them in plain sight in a Git repo.I am happy (and relieved) that I started doing this for all of my secrets.

This works great, until you need to rotate your encryption key that’s used to encrypt your secrets. I use FLUX for GitOps which helps me deliver changes to my Kubernetes cluster via code and since I can commit my infrastructure, I can also commit my secrets as code too (SOPS, or Secrets Operations).This means that all of my secret files (typically secret.sops.yaml) are all encrypted using my key.But what happens when I need to change the key, either for good security hygiene or because it was compromised? The short answer is, there’s no easy way other than writing a little bit of code.

Scripting it with Bash

First you’ll need to generate a new age file with

1
+
age-keygen -o age.agekey
+

This will output a age.agekey file.Take note of this location.

Then you’ll want to execute this script in the folder where you have secrets that need to be updated.

This script isn’t anything ground breaking but hopefully it will help you update all of your secrets without having to go and manually change them yourself.

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+
#!/bin/bash
+
+# Define the paths to the old/current and new age key files
+SOPS_AGE_KEY_FILE=~/.config/sops/age/keys.txt
+SOPS_AGE_KEY_FILE_NEW=~/.config/sops/age/age.agekey
+
+# Define the commands to decrypt and encrypt the file
+DECRYPT_COMMAND="sops --decrypt --age \$(cat $SOPS_AGE_KEY_FILE |grep -oP \"public key: \K(.*)\") --encrypted-regex '^(data|stringData)$' --in-place"
+ENCRYPT_COMMAND="sops --encrypt --age \$(cat $SOPS_AGE_KEY_FILE_NEW |grep -oP \"public key: \K(.*)\") --encrypted-regex '^(data|stringData)$' --in-place"
+
+# Find all the *.sops.yaml files recursively in the current directory and apply the decrypt and encrypt commands to them
+find . -name "*.sops.yaml" -type f -print0 | while IFS= read -r -d '' file; do
+  eval "$DECRYPT_COMMAND $file"
+  eval "$ENCRYPT_COMMAND $file"
+done
+

It works like this:

  • SOPS_AGE_KEY_FILE is the path to your existing keys.txt or age.agekey file
  • SOPS_AGE_KEY_FILE_NEW is the path to your new age.agekey file.
  • It will look for files matching *.sops.yaml recursively and then decrypt the file using the old key, and encrypt it using the new key.

After running this script you should see all of your secrets now encrypted with the new key! You can now replace your old key file with your new one so that SOPS_AGE_KEY_FILE is referencing. You should test decrypting your secrets before saving them.

1
+
sops --decrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP "public key: \K(.*)") --encrypted-regex '^(data|stringData)$' secret.sops.yaml
+

Updating your FLUX Secret in Kubernetes

If you are able to see the decrypted secret, you are all set as far as the ket goes.Another thing you’ll need to do is delete your old secret in Kubernetes and replace it with this new one so that your secrets can be decrypted in your cluster!

1
+
kubectl delete -n flux-system secrets sops-age
+

Then create new secret from the new file

1
+2
+3
+4
+
cat age.agekey |
+kubectl create secret generic sops-age \
+--namespace=flux-system \
+--from-file=age.agekey=/dev/stdin
+

Now you should be all set! Be sure to keep your new age.agekey somewhere safe.

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/scrypted-home-hub/index.html b/posts/scrypted-home-hub/index.html new file mode 100644 index 0000000000..ad3e5e6337 --- /dev/null +++ b/posts/scrypted-home-hub/index.html @@ -0,0 +1,187 @@ + Meet Scrypted - Stream ANY Camera to ANY Home Hub | Techno Tim
Post

Meet Scrypted - Stream ANY Camera to ANY Home Hub

Meet Scrypted an Open Source app that will let you connect almost any camera to any home hub, certified or not! You can connect popular devices from UniFi, Amcrest, Hikvision, Nest & Google, Tuya, Reolink, and many others to your home hub of choice, whether that be Apple’s HomeKit, Google Home, Alexa, or even Home Assistant.This lets you choose and reuse your own devices and take advantage of the automation and integration you get with your Smart Home Hub.

📺 Watch Video

Where to Buy

See the whole kit here! - https://kit.co/TechnoTim/smart-home-hubs-devices

(Affiliate links are included in this description. I may receive a small commission at no cost to you.)

Smart Home Camera Fragmentation

I have cameras in and around my house.I have cameras on the front door, cameras inside my house, cameras that point outside of my house, cameras in my garage, cameras in my server room, and even cameras in my server rack….

Camera in my server rack Don’t ask…

All of these cameras work great and I keep all of the recorded footage in my home but what’s not great is that I am not able to tap into popular Home Hubs like HomeKit, Alexa, Google Home, or even Home Assistant.That’s because many of these platforms require some very specific requirements for adding cameras to your home hub.That means they might have to be certified, have to be compatible, and both manufacturers have to get along… and we know how that story goes.

Getting ecosystems to play nice together Getting ecosystems to play nice together

So this left me with using one app to check my video, while leaving a whole host of features that my home hub provides on the table.Things like notifications within my ecosystem, the ability to trigger automation based on my eco system, cool features like picture in a picture on other devices, and all the things that make home hubs, well, hubs.And while I do like my home security choice, I don’t like that it doesn’t integrate with my home hub of choice.It’s not my fault these two companies don’t get along and I am not going to buy all new cameras just to be compatible with my home hub. That’s where Scrypted comes in.

What is Scrypted

Scrypted is open source software that you host on your own machine that allows you to connect almost any camera to any hub, that’s right, certified or not.

You can connect popular devices from UniFi, Amcrest, Hikvision, Nest & Google, Tuya, Reolink, and many others to your home hub of choice, whether that be Apple’s HomeKit, Google Home, Alexa, or even Home Assistant.This lets you choose and reuse your own devices and take advantage of the automation and integration you get with your home hub.That’s right, something the big players aren’t offering you, and that’s choice.This means that you don’t have to pay for that subscription if you want video outside of your home, you can use scrypted to connect to one of the major hubs or even an open source one like Home Assistant.

Scrypted integrations Scrypted supports many different camera integrations and many Home Hubs!

Here’s where it gets really cool…

Scrypted is pluggable, so it allows developers to create and update plugins within Scrypted, giving them and you lots of flexibility.Want to connect a Google Nest Camera to Alexa? Sure! Want to connect a Reolink camera to Google Home, absolutely! Want to connect your UniFi Cameras to HomeKit? No problem! What about connecting some named or no name camera that only supports RTSP or ONVIF? Scrypted has you covered!

Scrypted Requirements

You’re probably wondering, what does all of this cost? Well, if you already have the hardware it costs nothing but a little bit of your time.

The next thing you’re probably asking what hardware you need to get started, or maybe you’re not even asking that, but I will tell you that you will need some hardware to get started 😀

The requirements are actually pretty low and you can run it on the latest raspberry pi, or Windows, Mac, or Linux, and even Docker, either standalone or on many NAS devices like Unraid or Synology.It’s easy to set up and after you’ve connected your cameras to your home hub, you’ll be able to take advantage of all of the integrations your camera offers as well as automation your hub offers.

So that’s what I am going after today, setting up Scrypted to connect my UniFi cameras to my HomeKit hub, which is one of my Apple TVs so I can use all of my cameras as if they are HomeKit Certified. Now wait, even if you don’t want or have this combination of devices and hubs, you can still follow along to set this up with any camera or any hub.

Installing Scrypted with Docker

So I first created a Linux machine and then installed Docker, which I highly recommend using, but if you don’t feel comfortable you can install it any other way you like.If you are using Docker, I recommend doing this on Ubuntu, but Windows Mac, or any other version of Linux will work just fine.If you’re using a Linux machine I recommend using Docker and Portainer.Portainer is a great container management system for Docker that has a great UI.The install is fast and painless and makes managing Docker really easy.

Once you’re in portainer, all you need to do is connect to your Docker instance, add a container, and then set a few properties like the name of the container, the image name and tag, and then you’ll need to map your data volume from the container to the local machine.This should be somewhere your Portainer machine can read and write to, for me it’s just a simple path to a folder on the machine.The last thing they recommend is setting the network to host mode which means it will use the networking on the host instead of Docker networking.Once all that’s set, just deploy the container and you’re good to go.

Scrypted integrations Installing Scrypted with Portainer is simple!

Oh, and if you want to use Docker compose, you can use this to get started quickly! Note, this will also include watchtower to updated your stack automatically.If you don’t want to use watchtower just comment out that section.

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+54
+55
+56
+57
+58
+59
+60
+61
+62
+63
+64
+65
+66
+67
+68
+69
+70
+71
+72
+73
+74
+75
+76
+77
+78
+79
+80
+81
+82
+83
+84
+85
+86
+87
+88
+89
+90
+91
+92
+93
+
version: "3.5"
+
+# The Scrypted docker-compose.yml file typically resides at:
+# ~/.scrypted/docker-compose.yml
+
+# Example volumes SMB (CIFS) and NFS.
+# Uncomment only one.
+
+# volumes:
+#     nvr:
+#         driver_opts:
+#             type: cifs
+#             o: username=[username],password=[password],vers=3.0,file_mode=0777,dir_mode=0777 
+#             device: //[ip-address]/[path-to-directory]
+#     nvr:
+#         driver_opts:
+#             type: "nfs"
+#             o: "addr=[ip-address],nolock,soft,rw"
+#             device: ":[path-to-directory]"
+
+services:
+    scrypted:
+        image: koush/scrypted
+        environment:
+            - SCRYPTED_WEBHOOK_UPDATE_AUTHORIZATION=Bearer SET_THIS_TO_SOME_RANDOM_TEXT
+            - SCRYPTED_WEBHOOK_UPDATE=http://localhost:10444/v1/update
+            # nvidia support
+            # - NVIDIA_VISIBLE_DEVICES=all
+            # - NVIDIA_DRIVER_CAPABILITIES=all
+        # runtime: nvidia
+        container_name: scrypted
+        restart: unless-stopped
+        network_mode: host
+
+        devices:
+            # hardware accelerated video decoding, opencl, etc.
+            - /dev/dri:/dev/dri
+            # uncomment below as necessary.
+            # zwave usb serial device
+            #   - /dev/ttyACM0:/dev/ttyACM0
+            # all usb devices, such as coral tpu
+            #   - /dev/bus/usb:/dev/bus/usb
+
+        volumes:
+            - ~/.scrypted/volume:/server/volume
+            # modify and add the additional volume for Scrypted NVR
+            # the following example would mount the /mnt/sda/video path on the host
+            # to the /nvr path inside the docker container.
+            # - /mnt/sda/video:/nvr
+
+            # or use a network mount from one of the examples above
+            # - type: volume
+            #   source: nvr
+            #   target: /nvr
+            #   volume:
+            #     nocopy: true
+
+            # uncomment the following lines to expose Avahi, an mDNS advertiser.
+            # make sure Avahi is running on the host machine, otherwise this will not work.
+            # - /var/run/dbus:/var/run/dbus
+            # - /var/run/avahi-daemon/socket:/var/run/avahi-daemon/socket
+        # logging is noisy and will unnecessarily wear on flash storage.
+        # scrypted has per device in memory logging that is preferred.
+        logging:
+            driver: "json-file"
+            options:
+                max-size: "10m"
+                max-file: "10"
+        labels:
+            - "com.centurylinklabs.watchtower.scope=scrypted"
+
+    # watchtower manages updates for Scrypted.
+    watchtower:
+        environment:
+            - WATCHTOWER_HTTP_API_TOKEN=SET_THIS_TO_SOME_RANDOM_TEXT
+            - WATCHTOWER_HTTP_API_UPDATE=true
+            - WATCHTOWER_SCOPE=scrypted
+            # remove the following line to never allow docker to auto update.
+            # this is not recommended.
+            - WATCHTOWER_HTTP_API_PERIODIC_POLLS=true
+        image: containrrr/watchtower
+        container_name: scrypted-watchtower
+        restart: unless-stopped
+        volumes:
+            - /var/run/docker.sock:/var/run/docker.sock
+        labels:
+            - "com.centurylinklabs.watchtower.scope=scrypted"
+        ports:
+            # The auto update port 10444 can be configured
+            # Must match the port in the auto update url above.
+            - 10444:8080
+        # check for updates once an hour (interval is in seconds)
+        command: --interval 3600 --cleanup --scope scrypted
+

Configuring Scrypted

Once the container is running, you’ll want to go to the machines IP address on port 10443

Once you get there you will be greeted with a sign in page where you will create an account and password.Once signing in you will see the scripted homepage!

The first thing I did was turn on dark mode, of course, and then went into the plugins page and clicked install plugins.

Here you’ll want to install the plugin for the platform you want to support.Scripted supports many different cameras and many different hub platforms, for instance you can search for Alex and see the plugins for Amazon Alexa or Google home and see the integrations for Google home, or even Amcrest if you want to find the amcrest camera plugin! There are lots of supported cameras but for me this is going to be unifi so I searched for unifi and installed it.Once it’s installed it will ask for a username and password for your unifi device.We need to create one in UniFi protect, but you’ll want to create a new local account and not provide yours!

Scrypted plugins Installing the uniFi Protect Plugin for Scrypted

Create UniFi Protect User

So we need to go into UniFi and create a new user.We’ll have to do this in the UniFi console and what I did was create a new Role first that has Full Management access to Protect.The documentation says that you might be able to drop this down later to a Read Only user, which I may do, but I will create the user and give it admin access to Protect only.Again, be sure to create a local account and set the permissions appropriately.

Once that user was created I then added the user and the password as well as the IP address of my UDM SE.

Once I saved my credentials I could then see all of my cameras and you can view them now, however since I am going to use HomeKit, I need to add that plugin as well.

Scrypted plugins You’ll need to create an account in UniFi Protect for Scrypted to use

Adding Cameras to HomeKit

So I searched for the HomeKit plugin and installed it.We don’t need to change anything in the plugin, I just reloaded the unifi plugin and went back into my cameras.Now you’ll see some additional options, one being HomeKit.You’ll want to be sure that this is enabled.I also made sure that the SnapSho tplugin was enabled too.

Once this was set up, all I had to do now was just add the cameras to HomeKit.

I did this by navigating to each individual camera in Scrypted and then clicked on HomeKit and then Clicked on pairing.It will then show you a QR code which you can scan and it will add it to your home in HomeKitI did this for all of my cameras, accepted the message about it not being an officially certified accessory, and then chose the default settings of stream while I am home and while I am away.The reason I didn’t change any of this is because I still still use my UniFi Protect for camera storage, rather than store it on my docker container. And for those counting, I have nine cameras…. Yes, 9 cameras…

Awesome Integration & Automation

Now that we have this set up, what can we do with it?

Well, now in the home app I can see all of my cameras at a glance.I can see the latest snapshot of each camera and drill in further to see a live view.I can pin the camera too so that I can multitask.

Scrypted Apple TV Integration Finally! Notifications on my Apple TV!

I get notifications if someone presses the doorbell and I can talk with them too.Not only do I get notifications on my phone, but I also get them on my macbook, ipad, and even AppleTV - so just in case I am “super busy” watching something that’s “super important” I can decide whether or not to get my lazy butt off the couch.

Here’s the other cool thing: Since I have an Apple TV, I can even say “Hey Siri” show me my cameras and it will show me all of my connected cameras.From there I can browse them, pick one to watch and even listen to, and even pin it to the screen so I can keep an eye on things or if I am expecting a delivery.If they are in the same zone as other devices, I can interact with these devices too, like toggling on and off the lights on my porch.

Scrypted Apple TV Picture in a Picture

Picture in a Picture on my TV!_

More Scrypted Compatibility

One of the things I like most about Scrypted is that I can use almost any camera I want and I can connect it to one of many platforms.Now, I obviously connected UniFi cameras to HomeKit, but you can connect almost any camera to any platform.Want to connect some old PoE cameras to Alex or Google Home Hub, or even Home Assistant? No problem.That’s the beauty of Scrypted, is that it’s pluggable and can connect almost any camera to any Home Hub.Well, I learned a lot about Scrypted, HomeKit, and Unifi Protect and I hope you learned something too.And remember if you found anything in this video helpful, don’t forget to like and subscribe.Thanks for reading and watching!

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/secret-encryption-sops/index.html b/posts/secret-encryption-sops/index.html new file mode 100644 index 0000000000..ef83f44e17 --- /dev/null +++ b/posts/secret-encryption-sops/index.html @@ -0,0 +1,111 @@ + Encrypt Your Sensitive Information Before Storing It - Encrypting with Mozilla SOPS and AGE | Techno Tim
Post

Encrypt Your Sensitive Information Before Storing It - Encrypting with Mozilla SOPS and AGE

Committing secrets to your Git Repo can expose information like passwords, access tokens, and other types of sensitive information.Some might think that committing secrets to a private Git Repo is OK, but I am here to tell you it’s not.If you’re going to commit secrets to a git repo, private or public, you should encrypt them first using Mozilla SOPS (Secret Operations) and AGE.SOPS is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP.Age is a simple, modern, and secure file encryption tool, format, and build using Go.It can encrypt and decrypt your files making then safe enough to commit to your Git repos!

A HUGE thanks to Datree for sponsoring this video!
Combat misconfigurations. Empower engineers. https://www.datree.io

📺 Watch Video

Install SOPS

You can install sops by following this guide.

test with

1
+
sops -v
+

should see

1
+
sops 3.7.3 (latest)
+

Install Age

You can install age by following this guide

test age with

1
+
 age -version
+

should see

1
+
v1.0.0
+

test age-keygen with

1
+
 age-keygen -version
+

should see

1
+
v1.0.0
+

configure keys

Now that we have age installed we need to create a public and private key

1
+
age-keygen -o key.txt
+

should see

1
+2
+
age-keygen: warning: writing secret key to a world-readable file
+Public key: age1epzmwwzw8n09slh0c7z0z52x43nnga7lkksx3qrh07tqz5v7lcys45428t
+

let’s look at the contents

1
+
cat key.txt
+

should see

1
+2
+3
+
# created: 2022-09-26T21:55:47-05:00
+# public key: age1epzmwwzw8n09slh0c7z0z52x43nnga7lkksx3qrh07tqz5v7lcys45428t
+AGE-SECRET-KEY-1HJCRJVK7EE3A5N8CRP8YSDUGZKNW90Y5UR2RGYAS8L279LFP6LCQU5ADNR
+

Remember this is a secret so keep this safe! Do not commit this!

move the file and add to our shell

1
+2
+
mkdir ~/.sops
+mv ./key.txt ~/.sops
+

add it to our shell

1
+2
+
nano ~/.zshrc 
+# or nano ~/.bashrc
+

add to the end of file

1
+
export SOPS_AGE_KEY_FILE=$HOME/.sops/key.txt
+

source our shell

1
+2
+
source ~/.zshrc 
+# or source ~/.bashrc
+

Now! Let’s encrypt

A few ways you can do this.You can encrypt in place or encrypt with an editor but we’re going to do an in place encryption.

YAML

This can be kubernetes secrets, helm values, or just plain old yaml

create a secret with the following contents

secret.yaml

1
+2
+3
+4
+5
+6
+7
+8
+9
+
---
+apiVersion: v1
+kind: Secret
+metadata:
+    name: mysql-secret
+    namespace: default
+stringData:
+    MYSQL_USER: root
+    MYSQL_PASSWORD: super-Secret-Password!!!!
+

to encrypt

1
+
sops --encrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP "public key: \K(.*)") --encrypted-regex '^(data|stringData)$' --in-place ./secret.yaml
+

to decrypt

1
+
sops --decrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP "public key: \K(.*)") --encrypted-regex '^(data|stringData)$' --in-place ./secret.yaml
+

Kubernetes

If you want to decrypt this secret on the fly and apply to kubernetes

encrypt first

1
+
sops --encrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP "public key: \K(.*)") --encrypted-regex '^(data|stringData)$' --in-place ./secret.yaml
+

decrypt and pipe to kubectl

1
+
sops --decrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP "public key: \K(.*)") --encrypted-regex '^(data|stringData)$' ./secret.yaml | kubectl apply -f -
+

check it with

1
+
k describe secrets mysql-secret-test
+

then

1
+
 kubectl get secret mysql-secret-test -o jsonpath='{.data}'
+

then

1
+
kubectl get secret mysql-secret-test -o jsonpath='{.data.MYSQL_PASSWORD}'  | base64 --decode
+

VSCode

install vscode extension

choose the beta for sops because that supports age + sops

don’t forget to add .decrypted~secret.yaml to .gitignore

encrypt .env files

make sure extension is installed

.ENV Files

create

secret.env

MYSQL_USER=superroot
+MYSQL_PASSWORD="super-Secret-Password!!!!############"
+

encrypt

1
+
sops --encrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP "public key: \K(.*)") -i .env
+

decrypt

1
+
sops --decrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP "public key: \K(.*)") -i .env
+

don’t forget to add .decrypted~secret.env to your .gitignore

JSON Files

secret.json

1
+2
+3
+4
+
{
+    "mySqlUser": "superroot",
+    "password": "super-Secret-Password!!!!#######"
+}
+

encrypt

1
+
sops --encrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP "public key: \K(.*)") -i secret.json
+

decrypt

1
+
sops --decrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP "public key: \K(.*)") -i secret.json
+

don’t forget to add .decrypted~secret.json to your .gitignore

INI Files

secret.ini

1
+2
+3
+
[database]
+user     = superroot
+password = super-Secret-Password!!!!1223
+

encrypt

1
+
sops --encrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP "public key: \K(.*)") -i secret.ini
+

decrypt

1
+
sops --decrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP "public key: \K(.*)") -i secret.ini
+

don’t forget to add .decrypted~secret.ini to you .gitignore

Files

secret.sql

1
+2
+3
+
--- https://xkcd.com/327/
+--- DO NOT USE
+INSERT INTO Students VALUES ( 'Robert' );  DROP TABLE STUDENTS; --' )
+

encrypt

1
+
sops --encrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP "public key: \K(.*)") --in-place ./secret.sql
+

decrypt

1
+
sops --decrypt --age $(cat $SOPS_AGE_KEY_FILE |grep -oP "public key: \K(.*)") --in-place ./secret.sql
+

Flux

If you’re thinking of doing GitOps with Flux, you can check out my video on this topic or see my documentation.You can do cluster decryption and fully automate decryption of secrets.

In cluster decryption with Flux

https://fluxcd.io/flux/guides/mozilla-sops/#configure-in-cluster-secrets-decryption

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/self-hosted-devops-stack/index.html b/posts/self-hosted-devops-stack/index.html new file mode 100644 index 0000000000..ac03bcc721 --- /dev/null +++ b/posts/self-hosted-devops-stack/index.html @@ -0,0 +1,87 @@ + Build & Deploy Your Own Code in Your Homelab! | Techno Tim
Post

Build & Deploy Your Own Code in Your Homelab!

So you’re a software engineer or a developer who wants to self-host your own code in your own homelab? Well this is the tutorial for you! In this step-by-step guide we’ll walk through setting up a repo, building and testing our own code (with unit tests) in a self-hosted Gitlab CI runner in our CI pipeline, then we’ll build a Docker image and push it up to a container registry, then we’ll use kubectl in our CD pipeline to deploy our Docker container to our self-hosted kubernetes cluster! This all happens in a couple of minutes and then we’ll truly have continuous integration and continuous delivery in our homelab!

📺 Watch Video

Helpful videos

1 - Set Up Kubernetes with Rancher

2 - Set up a reverse proxy and SSL with Traefik

3 - Expose Rancher and Kubernetes API Securely

GitLab react app

See the app here:

https://github.com/techno-tim/techno-react

Docker file:

https://github.com/techno-tim/techno-react/blob/master/Dockerfile

Kubernetes deployment yaml

https://github.com/techno-tim/techno-react/blob/master/kubernetes/deployment.yaml

nginx config for your react application

https://github.com/techno-tim/techno-react/blob/master/nginx.conf

pbcopy for WSL on Windows

https://www.techtronic.us/pbcopy-pbpaste-for-wsl/ https://www.techtronic.us/pbcopy-pbpaste-for-wsl/

Example config.toml for your GitLab runner.

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+
concurrent = 1
+check_interval = 0
+
+[session_server]
+  session_timeout = 1800
+
+[[runners]]
+  name = "rancher-gitlab-runner"
+  url = "https://gitlab.com"
+  token = "your-gitlab-runner-token"
+  executor = "docker"
+  [runners.custom_build_dir]
+  [runners.cache]
+    [runners.cache.s3]
+    [runners.cache.gcs]
+  [runners.docker]
+    tls_verify = false
+    image = "docker:stable"
+    privileged = false
+    disable_entrypoint_overwrite = false
+    oom_kill_disable = false
+    disable_cache = false
+    volumes = [\"/var/run/docker.sock:/var/run/docker.sock\", \"/cache\"]
+    shm_size = 0
+

example ~/.kube/config for your GitLab secret

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+
+apiVersion: v1
+kind: Config
+clusters:
+- name: "cluster1"
+  cluster:
+    server: "https://your.rancher.url/k8s/clusters/c-cluster-id"
+users:
+- name: "cluster1"
+  user:
+    token: "your kubernetes token"
+
+contexts:
+- name: "cluster1"
+  context:
+    user: "cluster1"
+    cluster: "cluster1"
+
+current-context: "cluster1"
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/self-hosting-security/index.html b/posts/self-hosting-security/index.html new file mode 100644 index 0000000000..0b5c354f51 --- /dev/null +++ b/posts/self-hosting-security/index.html @@ -0,0 +1 @@ + Self-Hosting Security Guide for your HomeLab | Techno Tim
Post

Self-Hosting Security Guide for your HomeLab

When most people think about self-hosting services in their HomeLab, they often think of the last mile. By last mile I mean the very last hop before a user accesses your services. This last hop, whether that’s using certificates or a reverse proxy, is incredibly important, but it’s also important to know that security starts at the foundation of your HomeLab.Today, we’ll work our way up from hardware security, to OS, to networking, to containers, to firewalls, IDS/IPS, reverse proxies, auth proxies for authentication and authorization, and even lean in to an external provider like Cloudflare.

A HUGE thanks to Micro Center for sponsoring this video!

New Customers Exclusive – Get a Free 240gb SSD at Micro Center: https://micro.center/0ef37a

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/slack-bot/index.html b/posts/slack-bot/index.html new file mode 100644 index 0000000000..be4a595daa --- /dev/null +++ b/posts/slack-bot/index.html @@ -0,0 +1 @@ + How to Build a Slack Bot | Techno Tim
Post

How to Build a Slack Bot

Slack is a great chat and communication tool used by small and large businesses as well as personal use.Slack has a great API and great official Node JS clients that help you automate many features of Slack. If you’re thinking of building a bot for Slack, be sure to follow this step by step tutorial on how to build a Slack bot in JavaScript using the Slack API and the Node Slack SDK.With this SDK, we can connect to the Slack Web API and event hook into events using the RTM API and build a bot in just a few minutes that you can add to your Slack server today.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/streamlabs-mac/index.html b/posts/streamlabs-mac/index.html new file mode 100644 index 0000000000..6f70e8f067 --- /dev/null +++ b/posts/streamlabs-mac/index.html @@ -0,0 +1 @@ + Setup and Best Settings for Streamlabs OBS on Mac | Techno Tim
Post

Setup and Best Settings for Streamlabs OBS on Mac

Streamlabs OBS for MacOS is here! In this video we’ll walk through setting up Streamlabs step by step.We’ll install Streamlabs OBS, set up desktop audio with iShowU Audio Capture so you can capture desktop audio, configure our webcam and game capture with a Cam Link, set up our alerts, configure the best possible streaming settings for Streamlabs, adjust our streaming layout, and go live.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/sysracks-12u/index.html b/posts/sysracks-12u/index.html new file mode 100644 index 0000000000..c8ae51ed04 --- /dev/null +++ b/posts/sysracks-12u/index.html @@ -0,0 +1 @@ + A Mini Rack for Your Home! | Techno Tim
Post

A Mini Rack for Your Home!

I decided to go with another rack in my home but this time much smaller! Thanks to Rackstuds for sending a few packs of Rackstuds!

📺 Watch Video

Where to Buy

Products in this video:

(Affiliate links are included in this description. I may receive a small commission at no cost to you.)

My New Rack

Over the years I’ve gone from machines on a shelf, to racking machines in an open rack, to centralizing everything and racking it in an enclosed 36u rack, to what I am building now, and that’s this new 12u closed rack. It’s a smaller version of my 36u rack with a few changes that make this the perfect rack for a small office, home office, or even just at home. But is it right for you? Let’s check it out and see.

Hardware

Sysracks 12u Introducing my 12u Sysracks Server Rack

This is the Sysracks 12u 24” Wall mount 19” enclosure server rack. It measures almost 24” wide, almost 24” deep, and almost 25” tall. It’s a standard 19” rack and if you’re wondering why they call it a 19” in rack, 19” refers to the mountable width of servers and equipment. It’s made of steel and has a powder paint finish in either gray or black. It has 2 brush panels with cable managers at the top and bottom to help with cable management and block dust from coming in. All around the case you are going to see lots of perforated edges, especially around the front doors. This is to help passively cool the entire enclosure. It also includes active cooling with this top 120mm fan module that connects to any standard outlet. There are models, especially the larger units like my 36u rack that come with temperature control units, but I opted to keep this one simple and will probably add temp sensors and smart switches to control this fan if it ever gets to that point. Wait, I thought I said I was keeping it simple??? Speaking of power it also comes with a PDU where you can plug in up to 8 devices and has a a secure on/off switch covered in a detachable cap.

19 in rack I finally realized why they call these 19” racks

In the back we can see wall mounting hooks which makes this easy to wall mount if you choose to do so but I am choosing to attach some casters so I can move it around freely in my office if needed. The back panel is attached with screws but can be easily removed if needed.

On each side we have locking removable panels that can help you secure your enclosure and prevent anyone from getting in while still giving you access to get inside and make adjustments to your equipment.

Coming around to the front we have this nice glass door that has perforated edges on the side and a handle that can also be locked if needed. I like having a glass panel door because it lets me easily see inside to check on my equipment plus it looks cool with all the blinky lights.

Inside the rack has 4 posts to rack up to 12u of equipment making it great for small servers, networking equipment, DVRs, AV equipment, and anything else that can fit in a 19” short depth rack. It also comes with this shelf for equipment however I am not sure if I am going to use it or not yet.

Assembling

Putting it together was so much easier than my 36u rack. You can do it alone but it might help to have someone for the very first step and that’s putting together the frame. Don’t worry though, I was able to manage it alone. After securing the fame, you’ll then need to mount all of the posts so you can rack your equipment. Before you go too far like I did, if you’re going to use the supplied shelf be sure you adjust the posts so that you can mount the shelf later if needed.

The back panel can be attached with a few screws. While I would have loved to see a door like on the 36u model, it makes sense for this to be a panel since it’s also wall mountable.

The sides are removable and can easily pop in and out with these clips. It also comes with a lock and key to secure it if you like.

Assembling the rack Assembling the rack was pretty easy, you can do it with one person

This model supports both legs and casters however it only ships with the legs. If you’re going to use casters too you’ll need to pick some up or buy them separately. I did choose to go with casters because I want to move it around the room when needed. The casters lock in place and are very secure, so secure that I didn’t worry one bit about assembling this on my workbench.

Attaching the front door is pretty easy, but is a little challenging using the shims to get the door to hang just right. I love the look of the rack and I think the perforated edges and glass give it that premium feel. The door has a handle to keep the door shut and can also be locked with the included keys.

Assembled

As I mentioned the back is removable via screws, I do wish it was a door but it’s easy enough to take off and most people are going to wall mount this anyway. Once it’s all put together, It’s pretty easy to work on and get inside of the rack when it’s empty, plenty of room to work on everything I plan on installing.

You can see the vents on the top for cables as well as the fan for cooling. I am glad I have a fan however it doesn’t have a switch to easily toggle on and off so I will end up wiring this up to a smart switch and put a temperature control inside if I ever really need to turn this fan on.

Installing Things

I started out by installing my UniFi 24 port POE switch. This was a switch that I replaced in my other rack but decided to hang on to it for this rack. I don’t think I will be using all 24 ports here in my office but it’s better than buying another switch.

Rackstuds

As you can see I am using RackStuds for this install. RackStuds reached out and sent me a few packs of studs including their new 1ru rack studs. These are awesome and so simple to use. You just squeeze them, pop them in, and then hook up your devices. These new 1ru RackStuds are great for 1u devices like my switch and PDU I put in back. Simple solution. But then I decided to put them to the test. I wanted to rack mount my UPS and that thing weighs 22 lbs and only has rack ears in the front rather than the front and back. I tightened all 4 using their combo pack studs and so far so good. RackStuds are able to hold them without issue and without sagging. Oh, and I wasn’t paying attention when racking my UPS and I racked it upside down, which I then quickly flipped around after noticing, but it was super simple with RackStuds. If you’re interested in the ones I used I’ll have some links below.

Rackstuds This was my first time using Rackstuds, they were really easy to use.

My Thoughts

After installing the UPS, the network switch, and my PDU I took a look at the rack. It’s a really nice rack for short depth items, not to mention that you can use shelves for anything that can’t be rack mounted natively. I am really impressed by the build quality and attention to detail, glass door, and all of the other features - especially for the price. At just 210 dollars I was expecting a lot less but what I got was a perfect rack for my office. This is going to house a few projects coming up so be sure you’re subscribed to see what else I am going to put in it. Well I learned a ton about racking smaller components, building a mini rack, and I hope you learned something too. And remember if you found anything in this post helpful, don’t forget share!

Sysracks 12u close up All in all, I am super happy with this new rack!

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/sysracks-server-rack/index.html b/posts/sysracks-server-rack/index.html new file mode 100644 index 0000000000..5c579d5203 --- /dev/null +++ b/posts/sysracks-server-rack/index.html @@ -0,0 +1 @@ + Best Server Rack for Your HomeLab? Sysracks Enclosed Rack! | Techno Tim
Post

Best Server Rack for Your HomeLab? Sysracks Enclosed Rack!

I’ve been on a quest looking for a new server rack for my HomeLab in my home.I’ve outgrown my current 18u open frame rack and decided to give a 32u Sysracks Enclosed Rack a try! Join me as we put together this server rack, test out all of the features, and I’ll let you know my thoughts about this brand new server rack!

📺 Watch Video

A HUGE thank you to Sysracks for sending me this rack!

Check out their selection of racks at https://sysracks.com

A HUGE thank you to Micro Center for sponsoring this video!

New Customer Exclusive – Free 256GB SSD In-Store: https://micro.center/yi0

Check out Micro Center’s Custom PC Builder: https://micro.center/3dq

Submit your build to Micro Center’s Build Showcase: https://micro.center/lsn

Shop Micro Center’s Black Friday Deals: https://micro.center/rgu

📦 See a collection of Sysracks racks here: https://kit.co/TechnoTim/sysracks-server-racks

Chapters

00:00 - Why get a new Server Rack?

01:14 - Sysracks 32u Server & Features

02:22 - Micro Center (Sponsor)

03:35 - Assembling the Rack

07:38 - Exploring the Rack Features

09:39 - Checking Out the Temperature Control Unit

11:04 - My Thoughts About the Sysracks Server Rack

13:42 - Stream Highlight - “The grow room isn’t big enough for 2 racks!”

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/tadarr-server/index.html b/posts/tadarr-server/index.html new file mode 100644 index 0000000000..58d1bf8674 --- /dev/null +++ b/posts/tadarr-server/index.html @@ -0,0 +1,119 @@ + I Freed Up 700GB+ Converting my Videos Using Tdarr | Techno Tim
Post

I Freed Up 700GB+ Converting my Videos Using Tdarr

Tdarr is a distributed transcoding system that runs on on Windows, Mac, Linux, Arm, Docker, and even Unraid.It uses a server with one or more nodes to transcode videos into any format you like.Today, we’ll set up the Docker and Windows version of Tdarr using a GPU to regain up to 50% of your disk space back.I converted my video collection using Tdarr to h265 and saved over 700 GB of disk space.

A HUGE THANKS to our sponsor, Micro Center!

New Customers Exclusive – Get a Free 256gb SSD at Micro Center: https://micro.center/a643c4

📺 Watch Video

Docker Server + Node

docker-compose.yml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+
version: "3.4"
+services:
+  tdarr:
+    container_name: tdarr
+    image: ghcr.io/haveagitgat/tdarr:latest
+    restart: unless-stopped
+    network_mode: bridge
+    ports:
+      - 8265:8265 # webUI port
+      - 8266:8266 # server port
+      - 8267:8267 # Internal node port
+    environment:
+      - TZ=America/Chicago
+      - PUID=1000
+      - PGID=1000
+      - UMASK_SET=002
+      - serverIP=0.0.0.0
+      - serverPort=8266
+      - webUIPort=8265
+      - internalNode=true
+      - nodeID=MyInternalNode
+      - nodeIP=0.0.0.0
+      - nodePort=8267
+      - NVIDIA_DRIVER_CAPABILITIES=all
+      - NVIDIA_VISIBLE_DEVICES=all
+    volumes:
+      - /path/to/server:/app/server
+      - /path/to/configs:/app/configs
+      - /path/to/logs:/app/logs
+      - /path/to/media/:/media
+      - /path/to/temp/:/temp
+    deploy:
+      resources:
+        reservations:
+          devices:
+            - capabilities:
+              - gpu
+

Windows Node

Tdarr_Node_Config.json

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+
{
+  "nodeID": "Windows-Node",
+  "nodeIP": "192.168.0.100",
+  "nodePort": "8267",
+  "serverIP": "192.168.0.101",
+  "serverPort": "8266",
+  "handbrakePath": "",
+  "ffmpegPath": "",
+  "mkvpropeditPath": "",
+  "pathTranslators": [
+    {
+      "server": "/media/",
+      "node": "C:/media"
+    },
+    {
+      "server": "/temp",
+      "node": "C:/temp"
+    }
+  ],
+  "platform_arch": "win32_x64_docker_false",
+  "logLevel": "INFO"
+}
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/techno-tim-shop-launch/index.html b/posts/techno-tim-shop-launch/index.html new file mode 100644 index 0000000000..ce3e8084fa --- /dev/null +++ b/posts/techno-tim-shop-launch/index.html @@ -0,0 +1 @@ + Introducing, the Techno Tim Shop | Techno Tim
Post

Introducing, the Techno Tim Shop

Today marks a very special day for me. It’s something I’ve been working on for quite some time, and it’s finally ready for everyone to see! 🎉

Today, I launched the Techno Tim Shop with its first drop: the “Dark Mode Everything” collection. This collection was designed in-house, quite literally, by my wife in our own house, and it represents my love for Dark Mode. There’s something for everyone in this collection.

Keep in mind that this is not a print-on-demand service, so supplies are truly limited for this initial drop. Thank you all for helping me get to this point! I couldn’t have done it without you!

https://shop.technotim.live

Where to Buy

You can see all of the items I offer in my shop here:

(Affiliate links may be included. I may receive a small commission at no cost to you.)

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/terraform-cloudflare-github/index.html b/posts/terraform-cloudflare-github/index.html new file mode 100644 index 0000000000..fb0566c441 --- /dev/null +++ b/posts/terraform-cloudflare-github/index.html @@ -0,0 +1,333 @@ + Automate Cloudflare with Terraform and GitHub Actions! - Terraform Tutorial for Beginners | Techno Tim
Post

Automate Cloudflare with Terraform and GitHub Actions! - Terraform Tutorial for Beginners

Today, we’re going to set up and configure Terraform on your machine so we can start using Terraform.Then we’ll configure cf-terraforming to import our Cloudflare state and configuration into Terraform.After that we’ll set up a GitHub report and configure GitHub actions so you have CI and CD for deploying your Infrastructure automatically using a Git Flow.If you’re new to Terraform, that’s fine! This is a beginner tutorial for Terraform and by the end of this, you will feel like an expert!

📺 Watch Video

What is Terraform and how does it help?

Terraform is a powerful infrastructure as code tool to help you create and manage infrastructure across multiple public or private clouds. It can help you provision, configure, and manage infrastructure using their simple and human readable configuration language. Using Terraform helps you automate your infrastructure and your DevOps workflow, do it consistently, and allows you to collaborate with teams in Git.

There are 7 key areas where Terraform shines:

  • Automation: Terraform enables automation of infrastructure provisioning, configuration, and management, which reduces human error and saves time.

  • Consistency: Terraform ensures that your infrastructure is consistent across all environments, from development to production.

  • Collaboration: Terraform allows multiple teams to work together on infrastructure changes, using version control systems like Git.

  • Cloud-agnostic: Terraform supports various cloud providers, including AWS, Google Cloud, and Microsoft Azure, allowing you to use the same tool to manage resources across different clouds.

  • Scalability: Terraform is designed to handle large-scale infrastructure deployments and can easily manage thousands of resources.

  • Reusability: Terraform modules enable you to reuse code and infrastructure components across multiple projects, making it easier to manage infrastructure at scale.

  • Flexibility: Terraform is highly flexible and can be extended through plugins to integrate with other tools and services.

Installing Terraform

This will work on Ubuntu and Windows + WSL

Install terraform for other platforms

Install dependencies

1
+2
+
sudo apt update
+sudo apt install  software-properties-common gnupg2 curl
+

Import the gpg key

1
+2
+
curl https://apt.releases.hashicorp.com/gpg | gpg --dearmor > hashicorp.gpg
+sudo install -o root -g root -m 644 hashicorp.gpg /etc/apt/trusted.gpg.d/
+

Add hashicorp repository

1
+
sudo apt-add-repository "deb [arch=$(dpkg --print-architecture)] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
+

Install terraform

1
+
sudo apt install terraform
+

Check the version

1
+2
+3
+
terraform --version
+Terraform v1.4.0
+on linux_amd64
+

Create your Terraform Cloudflare config

First create a simple terraform config:

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+
terraform {
+  required_providers {
+    cloudflare = {
+      source  = "cloudflare/cloudflare"
+      version = "~> 3.0"
+    }
+  }
+}
+
+provider "cloudflare" {
+  api_token = var.cloudflare_api_token
+}
+
+# Create a record
+resource "cloudflare_record" "www" {
+  # ...
+}
+
+# Create a page rule
+resource "cloudflare_page_rule" "www" {
+  # ...
+}
+

Here is my .editorconfig:

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+
# http://editorconfig.org
+root = true
+
+[*]
+indent_style = space
+indent_size = 2
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = true
+
+[*.md]
+trim_trailing_whitespace = false
+

Initialize terraform and Cloudflare

1
+
terraform init
+

We should see that it installed plugins, and it should have created a lock file.

Terraform Plan and Apply

Next we’ll want to review our plan, we can see our proposed changes

1
+
terraform plan
+

Next we’ll apply our changes.

1
+
terraform apply
+

Verify on the dashboard.

After applying we can verify the results.

we can also test with nslookup

1
+
nslookup yoursite.example.com
+

Check Cloudflare’s site.

if we run plan again, we can see there’s no work to do

1
+
terraform apply
+

Should see that there isn’t any work to do.

Importing Cloudflare State

We will need to import our Cloudflare state into our local Terraform state.

An important point to understand about Terraform is that it can only manage configuration it created or was explicitly told about after the fact. The reason for this limitation is that Terraform expects to be authoritative for the resources it manages. It relies on two types of files to understand what resources it controls and what state they are in. Terraform determines when and how to make changes from the following:

  • A configuration file (ending in .tf) that defines the configuration of resources for Terraform to manage. This is what you worked with in the tutorial steps.
  • A local state file that maps the resource names defined in your configuration file — for example, cloudflare_load_balancer.www-lb — to the resources that exist in Cloudflare.

https://developers.cloudflare.com/terraform/advanced-topics/import-cloudflare-resources/

So this means that we need to sync the remote state of Cloudflare, down to our local state.

This is where cf-terraforming can help

Check for the latest version here: https://github.com/cloudflare/cf-terraforming/tags

Update this command with the latest tag

1
+2
+3
+4
+5
+6
+7
+8
+9
+
curl -L https://github.com/cloudflare/cf-terraforming/releases/download/v0.11.0/cf-terraforming_0.11.0_linux_amd64.tar.gz -o cf-terraforming.tar.gz
+
+tar -xzf cf-terraforming.tar.gz
+
+rm cf-terraforming.tar.gz
+
+sudo mv ./cf-terraforming /usr/local/bin
+
+sudo chmod +x /usr/local/bin/cf-terraforming
+

Then we need to updated our .zshrc or .bashrc with our variables

1
+
nano ~/.zshrc
+
1
+2
+
export CLOUDFLARE_API_TOKEN='12345'
+export CLOUDFLARE_ZONE_ID='abcde'
+

The source your shell

1
+
source ~/.zshrc
+

Now let’s export Cloudflare state

(Be sure you have copied your variables into your shell, or ran the export commands above )

1
+2
+3
+
cf-terraforming generate \
+  --resource-type "cloudflare_record" \
+  --zone $CLOUDFLARE_ZONE_ID > imported.tf
+

Look at the file and copy the contents into your cloudflare.tf

then run

1
+
terraform plan
+

Terraform thinks that we need to apply all of these resources, even though they exist.

We need to import them into our local state.

1
+2
+3
+
cf-terraforming import \
+  --resource-type "cloudflare_record" \
+  --zone $CLOUDFLARE_ZONE_ID
+

This will export a lot of commands, we now need to run them to import them into our state.

All you need to do it copy and paste the commands into your terminal.

This will import your local state, you can see it in terraform.tfstate

If we run terraform plan now, we can see that there aren’t any changes.

Remote State with Terraform Cloud

Terraform Cloud

Be sure to sign up for an account and then get add your CLOUDFLARE_API_TOKEN and an ENV variable in Terraform Cloud.Mark it as seneitive.

Then you’ll want to updated your cloudflare.tf

It should look like this

1
+2
+3
+4
+5
+6
+7
+8
+
  cloud {
+    hostname = "app.terraform.io"
+    organization = "your org"
+
+    workspaces {
+      name = "Cloudflare"
+    }
+  }
+

Your cloudflare.tf file should now look like:

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+
terraform {
+  cloud {
+    hostname = "app.terraform.io"
+    organization = "your org"
+
+    workspaces {
+      name = "Cloudflare"
+    }
+  }
+  required_providers {
+    cloudflare = {
+      source  = "cloudflare/cloudflare"
+      version = "~> 3.0"
+    }
+  }
+}
+
+provider "cloudflare" {
+  api_token = var.cloudflare_api_token
+}
+
+# Create a record
+resource "cloudflare_record" "www" {
+  # ...
+}
+
+# Create a page rule
+resource "cloudflare_page_rule" "www" {
+  # ...
+}
+

Then run

1
+
terraform init
+

This will prompt you to sign in and then import your local state into Terraform cloud.

CI / CD with GitHub Actions

If you want to create a CI / CD pipeline with GitHub actions, you’ll need to create a new repo at GitHub

Here is my .gitignore

.terraform/
+terraform.tfstate*
+

Convert your local folder into a git repo:

first, cd into your folder

Note: Be sure not to commit any of your secrets to git! This includes API tokens, terraform state, and any other files that might include sensitive information

1
+2
+3
+4
+5
+
git init
+git commit -m "first commit"
+git branch -M main
+git remote add origin git@github.com:username/your-repo-name.git
+git push -u origin main
+

To create a branch, add files, commit, and push

1
+2
+3
+4
+
git checkout -b my-new-branch
+git add .
+git commit -m "fix(terraform): made some changes"
+git push --set-upstream origin my-new-branch
+

Be sure you have created a secret TF_API_TOKEN with your Terraform API token.

For reference, here is the terraform GitHub Action (with my bug fix)

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+
name: 'Terraform'
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+
+permissions:
+  contents: read
+
+jobs:
+  terraform:
+    name: 'Terraform'
+    runs-on: ubuntu-latest
+    environment: production
+
+    # Use the Bash shell regardless whether the GitHub Actions runner is ubuntu-latest, macos-latest, or windows-latest
+    defaults:
+      run:
+        shell: bash
+
+    steps:
+    # Checkout the repository to the GitHub Actions runner
+    - name: Checkout
+      uses: actions/checkout@v3
+
+    # Install the latest version of Terraform CLI and configure the Terraform CLI configuration file with a Terraform Cloud user API token
+    - name: Setup Terraform
+      uses: hashicorp/setup-terraform@v2
+      with:
+        cli_config_credentials_token: $
+
+    # Initialize a new or existing Terraform working directory by creating initial files, loading any remote state, downloading modules, etc.
+    - name: Terraform Init
+      run: terraform init
+
+    # Checks that all Terraform configuration files adhere to a canonical format
+    - name: Terraform Format
+      run: terraform fmt -check
+
+    # Generates an execution plan for Terraform
+    - name: Terraform Plan
+      run: terraform plan -input=false
+
+      # On push to "main", build or change infrastructure according to Terraform configuration files
+      # Note: It is recommended to set up a required "strict" status check in your repository for "Terraform Cloud". See the documentation on "strict" required status checks for more information: https://help.github.com/en/github/administering-a-repository/types-of-required-status-checks
+    - name: Terraform Apply
+      if: github.ref == 'refs/heads/main' && github.event_name == 'push'
+      run: terraform apply -auto-approve -input=false
+

Wrapping up

At this point you should be able to run terraform and have your Cloudflare state sync’d with Terraform Cloud and GitHub actions running in CI / CD so you can start deploying your infrastructure using code!

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/touchportal-vs-streamdeck/index.html b/posts/touchportal-vs-streamdeck/index.html new file mode 100644 index 0000000000..dc7519b1d5 --- /dev/null +++ b/posts/touchportal-vs-streamdeck/index.html @@ -0,0 +1 @@ + Touch Portal vs. Stream Deck | Techno Tim
Post

Touch Portal vs. Stream Deck

Let’s compare Touch Portal to Stream Deck.We’ll walk through some of the similarities and differences between the free software Touch Portal and the Stream Deck hardware/software combination.We’ll see if we can set up, configure in a step by step guide, and clone our Stream Deck interface for OBS using Touch Portal and a mobile device, we’ll review features and experiences, then we’ll choose a winner in the Touch Portal vs. Stream Deck face off!

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/traefik-3-docker-certificates/index.html b/posts/traefik-3-docker-certificates/index.html new file mode 100644 index 0000000000..ef4fbd5fc1 --- /dev/null +++ b/posts/traefik-3-docker-certificates/index.html @@ -0,0 +1,727 @@ + Traefik 3 and FREE Wildcard Certificates with Docker | Techno Tim
Post

Traefik 3 and FREE Wildcard Certificates with Docker

In today’s Traefik tutorial we’ll get FREE Wildcard certificates to use in our HomeLab and with all of our internal self-hosted services. We’re going to set up Traefik 3 in Docker and get Let’s Encrypt certificates using Cloudflare as our DNS Provider (we’ll cover how to set up others too). Then we’ll configure local DNS using PiHole (or any other local DNS) to route to our services that are now protected with secure certificates!

📺 Watch Video

Disclosures

Looking to do this same thing in Kubernetes? Check out traefik + cert-manager on Kubernetes

Looking for the Traefik + Portainer guide? Check out traefik + portainer on Docker

For reference, the following folder structure was used:

1
+2
+3
+4
+5
+6
+7
+
./traefik
+├── data
+│   ├── acme.json
+│   ├── config.yml
+│   └── traefik.yml
+└── cf_api_token.txt
+└── docker-compose.yml
+

You can also do this with other DNS providers too!

Docker Setup

See this post on how to install docker and docker-compose

Prepare Our Server

Create folder for your compose and mounts

1
+2
+
mkdir docker_volumes
+cd docker_volumes
+

then we’ll create a folder to hold traefik files

1
+2
+
mkdir traefik
+cd traefik
+

create docker compose file and add contents

1
+2
+
touch docker-compose.yaml
+nano docker-compose.yaml
+

Tasks from Our Compose File

Docker Compose Contents

docker-compose.yaml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+
version: "3.8"
+
+services:
+  traefik:
+    image: traefik:v3.0
+    container_name: traefik
+    restart: unless-stopped
+    security_opt:
+      - no-new-privileges:true
+    networks:
+      - proxy
+    ports:
+      - 80:80
+      - 443:443
+      # - 443:443/tcp # Uncomment if you want HTTP3
+      # - 443:443/udp # Uncomment if you want HTTP3
+    environment:
+      CF_DNS_API_TOKEN_FILE: /run/secrets/cf_api_token # note using _FILE for docker secrets
+      # CF_DNS_API_TOKEN: ${CF_DNS_API_TOKEN} # if using .env
+      TRAEFIK_DASHBOARD_CREDENTIALS: ${TRAEFIK_DASHBOARD_CREDENTIALS}
+    secrets:
+      - cf_api_token
+    env_file: .env # use .env
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - ./data/traefik.yml:/traefik.yml:ro
+      - ./data/acme.json:/acme.json
+      # - ./data/config.yml:/config.yml:ro
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.traefik.entrypoints=http"
+      - "traefik.http.routers.traefik.rule=Host(`traefik-dashboard.local.example.com`)"
+      - "traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_DASHBOARD_CREDENTIALS}"
+      - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
+      - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"
+      - "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
+      - "traefik.http.routers.traefik-secure.entrypoints=https"
+      - "traefik.http.routers.traefik-secure.rule=Host(`traefik-dashboard.local.example.com`)"
+      - "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
+      - "traefik.http.routers.traefik-secure.tls=true"
+      - "traefik.http.routers.traefik-secure.tls.certresolver=cloudflare"
+      - "traefik.http.routers.traefik-secure.tls.domains[0].main=local.example.com"
+      - "traefik.http.routers.traefik-secure.tls.domains[0].sans=*.local.example.com"
+      - "traefik.http.routers.traefik-secure.service=api@internal"
+
+secrets:
+  cf_api_token:
+    file: ./cf_api_token.txt
+
+networks:
+  proxy:
+    external: true
+

data folder

1
+2
+3
+4
+
mkdir data
+cd data
+touch acme.json
+chmod 600 acme.json
+

Traefik Config

1
+2
+
touch traefik.yml
+nano traefik.yml
+

traefik.yml contents:

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+
api:
+  dashboard: true
+  debug: true
+entryPoints:
+  http:
+    address: ":80"
+    http:
+      redirections:
+        entryPoint:
+          to: https
+          scheme: https
+  https:
+    address: ":443"
+serversTransport:
+  insecureSkipVerify: true
+providers:
+  docker:
+    endpoint: "unix:///var/run/docker.sock"
+    exposedByDefault: false
+  # file:
+  #   filename: /config.yml
+certificatesResolvers:
+  cloudflare:
+    acme:
+      email: youremail@email.com
+      storage: acme.json
+      # caServer: https://acme-v02.api.letsencrypt.org/directory # prod (default)
+      caServer: https://acme-staging-v02.api.letsencrypt.org/directory # staging
+      dnsChallenge:
+        provider: cloudflare
+        #disablePropagationCheck: true # uncomment this if you have issues pulling certificates through cloudflare, By setting this flag to true disables the need to wait for the propagation of the TXT record to all authoritative name servers.
+        #delayBeforeCheck: 60s # uncomment along with disablePropagationCheck if needed to ensure the TXT record is ready before verification is attempted 
+        resolvers:
+          - "1.1.1.1:53"
+          - "1.0.0.1:53"
+

Create Docker Network

1
+
docker network create proxy
+

Cloudflare API Token Secret

1
+2
+
touch cf_api_token.txt
+nano cf_api_token.txt
+

Paste your token into file from Cloudflare

Traefik Dashboard Password & .env

make sure you have htpasswd installed.

To install on Linux

1
+2
+
sudo apt update
+sudo apt install apache2-utils
+

Mac OS (should already be installed)

Windows

htpasswd.exe Should already be installed on Windows

Generate credential pair

1
+
echo $(htpasswd -nB user) | sed -e s/\\$/\\$\\$/g
+
1
+2
+
touch .env
+nano .env
+

paste your credential pair:

e.g.

1
+
TRAEFIK_DASHBOARD_CREDENTIALS=user:$$2y$$05$$lSaEi.G.aIygyXRdiFpt7OqmUMW9QUG5I1N.j0bXoXxIjxQmoGOWu
+

Start the stack

1
+
docker compose up -d --force-recreate
+

Troubleshooting

Common ways to troubleshoot

1
+2
+3
+
docker ps
+docker logs traefik
+docker exec -it traefik /bin/sh
+

inside of container

1
+2
+3
+4
+5
+6
+7
+8
+
top
+ls
+cat acme.json
+cat traefik.yml
+ls /run/secrets
+cat /run/secrets/cf_api_token
+echo ${CF_DNS_API_TOKEN_FILE}
+echo ${TRAEFIK_DASHBOARD_CREDENTIALS}
+

DNS

1
+
nslookup traefik-dashboard.local.example.com
+

Switch to Production Acme Endpoints

1
+2
+3
+4
+
...
+      caServer: https://acme-v02.api.letsencrypt.org/directory # prod (default)
+      #caServer: https://acme-staging-v02.api.letsencrypt.org/directory # staging
+...
+

Clear out the existing staging certificates

1
+2
+
cd data
+nano acme.json
+

Clear and save

Restart the stack

1
+
docker compose up -d --force-recreate
+

Adding Another Workload (NGINX Demo)

1
+2
+3
+4
+
mkdir nginx
+cd nginx
+touch docker-compose.yaml
+nano docker-compose.yaml
+

Contents of docker-compose.yaml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+
version: '3.8'
+services:
+  nginx:
+    image: nginxdemos/nginx-hello
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.nginx.rule=Host(`nginx.local.example.com`)"
+      - "traefik.http.routers.nginx.entrypoints=https"
+      - "traefik.http.routers.nginx.tls=true"
+      - "traefik.http.services.nginx.loadbalancer.server.port=8080"
+    networks:
+      - proxy
+
+networks:
+  proxy:
+    external: true
+

Check DNS

1
+
nslookup nginx.local.example.com
+

Start the new NGINX Stack

1
+
docker compose up -d --force-recreate
+

Adding External Routes

Uncomment a few things:

In docker-compose.yaml

1
+2
+3
+
...
+      - ./data/config.yml:/config.yml:ro
+...
+

in traefik.yml

1
+2
+3
+4
+
...
+  file:
+    filename: /config.yml
+...
+

Create config

1
+2
+3
+
cd data
+touch config.yml
+nano config.yml
+

Contents of config.yml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+
http:
+ #region routers 
+  routers:
+    proxmox:
+      entryPoints:
+        - "https"
+      rule: "Host(`proxmox.local.example.com`)"
+      middlewares:
+        - default-headers
+        - https-redirectscheme
+      tls: {}
+      service: proxmox
+    pihole:
+  
+#endregion
+#region services
+  services:
+    proxmox:
+      loadBalancer:
+        servers:
+          - url: "https://192.168.0.17:8006"
+        passHostHeader: true
+#endregion
+  middlewares:
+    https-redirectscheme:
+      redirectScheme:
+        scheme: https
+        permanent: true
+    default-headers:
+      headers:
+        frameDeny: true
+        browserXssFilter: true
+        contentTypeNosniff: true
+        forceSTSHeader: true
+        stsIncludeSubdomains: true
+        stsPreload: true
+        stsSeconds: 15552000
+        customFrameOptionsValue: SAMEORIGIN
+        customRequestHeaders:
+          X-Forwarded-Proto: https
+
+    default-whitelist:
+      ipAllowList:
+        sourceRange:
+        - "10.0.0.0/8"
+        - "192.168.0.0/16"
+        - "172.16.0.0/12"
+
+    secured:
+      chain:
+        middlewares:
+        - default-whitelist
+        - default-headers
+

Restart the stack

1
+
docker compose up -d --force-recreate
+

To see more examples of commonly used services check out config.yml in the reference files

Final Production Files

Traefik docker-compose.yaml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+
version: "3.8"
+
+services:
+  traefik:
+    image: traefik:v3.0
+    container_name: traefik
+    restart: unless-stopped
+    security_opt:
+      - no-new-privileges:true
+    networks:
+      - proxy
+    ports:
+      - 80:80
+      - 443:443
+      # - 443:443/tcp # Uncomment if you want HTTP3
+      # - 443:443/udp # Uncomment if you want HTTP3
+    environment:
+      CF_DNS_API_TOKEN_FILE: /run/secrets/cf_api_token # note using _FILE for docker secrets
+      # CF_DNS_API_TOKEN: ${CF_DNS_API_TOKEN} # if using .env
+      TRAEFIK_DASHBOARD_CREDENTIALS: ${TRAEFIK_DASHBOARD_CREDENTIALS}
+    secrets:
+      - cf_api_token
+    env_file: .env # use .env
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - ./data/traefik.yml:/traefik.yml:ro
+      - ./data/acme.json:/acme.json
+      - ./data/config.yml:/config.yml:ro
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.traefik.entrypoints=http"
+      - "traefik.http.routers.traefik.rule=Host(`traefik-dashboard.local.example.com`)"
+      - "traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_DASHBOARD_CREDENTIALS}"
+      - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
+      - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"
+      - "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
+      - "traefik.http.routers.traefik-secure.entrypoints=https"
+      - "traefik.http.routers.traefik-secure.rule=Host(`traefik-dashboard.local.example.com`)"
+      - "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
+      - "traefik.http.routers.traefik-secure.tls=true"
+      - "traefik.http.routers.traefik-secure.tls.certresolver=cloudflare"
+      - "traefik.http.routers.traefik-secure.tls.domains[0].main=local.example.com"
+      - "traefik.http.routers.traefik-secure.tls.domains[0].sans=*.local.example.com"
+      - "traefik.http.routers.traefik-secure.service=api@internal"
+
+secrets:
+  cf_api_token:
+    file: ./cf_api_token.txt
+
+networks:
+  proxy:
+    external: true
+

traefik.yml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+
api:
+  dashboard: true
+  debug: true
+entryPoints:
+  http:
+    address: ":80"
+    http:
+      redirections:
+        entryPoint:
+          to: https
+          scheme: https
+  https:
+    address: ":443"
+serversTransport:
+  insecureSkipVerify: true
+providers:
+  docker:
+    endpoint: "unix:///var/run/docker.sock"
+    exposedByDefault: false
+  file:
+    filename: /config.yml
+certificatesResolvers:
+  cloudflare:
+    acme:
+      email: youremail@email.com
+      storage: acme.json
+      caServer: https://acme-v02.api.letsencrypt.org/directory # prod (default)
+      # caServer: https://acme-staging-v02.api.letsencrypt.org/directory # staging
+      dnsChallenge:
+        provider: cloudflare
+        #disablePropagationCheck: true # uncomment this if you have issues pulling certificates through cloudflare, By setting this flag to true disables the need to wait for the propagation of the TXT record to all authoritative name servers.
+        #delayBeforeCheck: 60s # uncomment along with disablePropagationCheck if needed to ensure the TXT record is ready before verification is attempted 
+        resolvers:
+          - "1.1.1.1:53"
+          - "1.0.0.1:53"
+

config.yml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+
http:
+ #region routers 
+  routers:
+    proxmox:
+      entryPoints:
+        - "https"
+      rule: "Host(`proxmox.local.example.com`)"
+      middlewares:
+        - default-headers
+        - https-redirectscheme
+      tls: {}
+      service: proxmox
+    pihole:
+  
+#endregion
+#region services
+  services:
+    proxmox:
+      loadBalancer:
+        servers:
+          - url: "https://192.168.0.17:8006"
+        passHostHeader: true
+#endregion
+  middlewares:
+    https-redirectscheme:
+      redirectScheme:
+        scheme: https
+        permanent: true
+    default-headers:
+      headers:
+        frameDeny: true
+        browserXssFilter: true
+        contentTypeNosniff: true
+        forceSTSHeader: true
+        stsIncludeSubdomains: true
+        stsPreload: true
+        stsSeconds: 15552000
+        customFrameOptionsValue: SAMEORIGIN
+        customRequestHeaders:
+          X-Forwarded-Proto: https
+
+    default-whitelist:
+      ipAllowList:
+        sourceRange:
+        - "10.0.0.0/8"
+        - "192.168.0.0/16"
+        - "172.16.0.0/12"
+
+    secured:
+      chain:
+        middlewares:
+        - default-whitelist
+        - default-headers
+

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/traefik-portainer-ssl/index.html b/posts/traefik-portainer-ssl/index.html new file mode 100644 index 0000000000..b2b3495555 --- /dev/null +++ b/posts/traefik-portainer-ssl/index.html @@ -0,0 +1,61 @@ + Put Wildcard Certificates and SSL on EVERYTHING | Techno Tim
Post

Put Wildcard Certificates and SSL on EVERYTHING

Today, we’re going to use SSL for everything.No more self-sign certs.No more http.No more hosting things on odd ports.We’re going all in with SSL for our internal services and our external services too.We going to set up a reverse proxy using Traefik, Portainer, and use that to get wildcard certificates from Let’s Encrypt. Join me and let’s secure all the things.

📺 Watch Video

Looking for the Traefik 3.0 guide? Check out traefik 3 on Docker

Looking to do this same thing in Kubernetes? Check out traefik + cert-manager on Kubernetes

Docker Setup

See this post on how to install docker and docker-compose

Traefik

1
+2
+3
+4
+5
+6
+7
+
mkdir traefik
+cd traefik
+mkdir data
+cd data
+touch acme.json
+chmod 600 acme.json
+touch traefik.yml
+

traefik.yml can be found here

create docker network

1
+
docker network create proxy
+
1
+
touch docker-compose.yml
+

docker-compose.yml can be found here

1
+2
+
cd data
+touch config.yml
+
1
+
docker-compose up -d
+

Portainer

1
+2
+3
+4
+
mkdir portainer
+cd portainer
+touch docker-compose.yml
+mkdir data
+

docker-compose.yml can be found here

Generate Basic Auth Password

1
+2
+
sudo apt update
+sudo apt install apache2-utils
+
1
+
echo $(htpasswd -nb "<USER>" "<PASSWORD>") | sed -e s/\\$/\\$\\$/g
+

NOTE: Replace <USER> with your username and <PASSWORD> with your password to be hashed.

If you’re having an issue with your password, it might not be escaped properly and you can use the following command to prompt for your password

1
+
echo $(htpasswd -nB USER) | sed -e s/\\$/\\$\\$/g
+

Paste the output in your docker-compose.yml in line (traefik.http.middlewares.traefik-auth.basicauth.users=<USER>:<HASHED-PASSWORD>)

Spin up the container

1
+
docker-compose up -d
+

Traefik Routes Config

1
+2
+
cd traefik/data
+nano config.yml
+

config.yml here

1
+
docker-compose up -d --force-recreate
+

Your folder structure should look like the below, if you are following along with the example.But feel free to make it however you wish just keep in mind you’ll need to change the location in the corresponding files.

1
+2
+3
+4
+5
+6
+
./traefik
+├── data
+│   ├── acme.json
+│   ├── config.yml
+│   └── traefik.yml
+└── docker-compose.yml
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/truenas-performance-guide/index.html b/posts/truenas-performance-guide/index.html new file mode 100644 index 0000000000..e3641b65a8 --- /dev/null +++ b/posts/truenas-performance-guide/index.html @@ -0,0 +1 @@ + Optimizing TrueNAS for SPEED (and Safety) | Techno Tim
Post

Optimizing TrueNAS for SPEED (and Safety)

After setting up your TrueNAS server there are lots of things to configure when it comes to tuning ZFS. From pools, to disk configuration, to cache to networking, backups and more. This guide will walk you through everything you should do after installing TrueNAS with a focus on speed, safety, and optimization.

📺 Watch Video

Disclosures:

  • Nothing in this video was sponsored

Pool Optimizations

I chose Mirrored VDEVs for a few reasons:

Upsides

  • Provides redundancy
  • Increased performance
  • Great for small random reads
  • Expansion, much easier than any other raid type
  • You can expand by adding an additional pair
    • This means I only need to buy 2 disks to expand my pool
    • Resilvering is fast

Downsides

  • Write performance can be impacted since each write involves updating all VDEVS in a mirror
  • Adding a separate ZIP like an SSD can improve write performance, which we’ll talk about
  • If I lose 2 drives in the same mirror I lose the whole pool
    • Which means that I need to replace disks fast
    • If your pool of mirrored VDEVs is big enough, the chances are less likely to happen
  • 50% capacity loss

Datasets

  • Encryption: On
  • Sync: Standard
  • Compression: LZ4
  • Enabled Atime: Off
  • ZFS Deduplication: Off

ARC

  • Adaptive Replacement Cache, this is where data is stored that is frequently accessed along with metadata about the files.
  • Algorithm for adding and evicting data for least recently used.
  • This makes accessing files quicker because it doesn’t need to read from disk and takes the load off those disks so they can do another tasks
  • This isn’t really used for write, that’s ZIL, but some async writes and write directly to ARC
  • There’s a general rule of thumb that you should have 1GB for each TB, however the more the better.
  • One tweak that you might have to do if using ZFS on a Linux system like TrueNAS Scale and that’s adjusting the ARC allocation
    • This is not needed after this patch is released
    • By default linux only allocates 50%
    • You can override this with a quick command while the system is running and then you can also follow that up with a startup command to be sure that this persists between reboots
    • Generally speaking you should let your system run for a few days before making this adjustment as well as running any services and VMs to be sure you don’t over allocate your RAM to ARC.
    • See Tom Lawrence’s Video on this topic

Read Speeds

To increase read speeds:

  • More RAM
  • More disks / spindles
  • L2ARC
    • Stripe these, even 1 large SSD is good

Write Speeds

To increase write speeds:

  • More Disks - spinning disks can only read/write at about 150 MB/s
  • Disable Sync write? (No!, not safe)
  • Create SLOG device
    • Should use disks fast that in the pool like SSDs
    • Be sure you have at least a mirror for this
    • This moves ZIL off the main pool, which frees up the pool to do other things

Network Considerations

  • LAGG / LACP gives you 2 lanes
  • Gives you redundancy
  • Generally speaking if your switch supports it, a great idea

Network and disk speed go hand in hand

  • If your pool can’t read at 10 Gb/s there’s no sense of having 10 gb/s networking
  • If your disks have huge IOSps (think all SSD) your network can’t handle the throughput
  • Somewhere in the middle

VLAN Routing

  • Another huge consideration is inter VLAN routing.
  • If you have to cross VLANs, be sure that your switch or router can handle these speeds or you might have to get creative with a dedicated data network that doesn’t traverse VLANs.

Snapshots

  • This is diff based
    • Fist will be relatively large
    • Subsequent will be smaller

My Settings:

  • Lifetime of 2 weeks
  • Enable Recursion
  • Don’t allow taking empty snapshots
  • Enable the schedule

Backups

  • Yes, but hard to do on a budget
  • Ideally you want to replicate these snapshots to another pool, preferably on another machine

Alerts

  • Check to be sure alerts are enabled and working

UPS

  • Yes, enough said

Where to Buy

Here are some items I found useful when building my NAS

(Affiliate links may be included. I may receive a small commission at no cost to you.)

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/truenas-scale-apps/index.html b/posts/truenas-scale-apps/index.html new file mode 100644 index 0000000000..0a4dee91a3 --- /dev/null +++ b/posts/truenas-scale-apps/index.html @@ -0,0 +1 @@ + TrueNAS Scale Apps - Official, Unofficial, Docker, and Kubernetes | Techno Tim
Post

TrueNAS Scale Apps - Official, Unofficial, Docker, and Kubernetes

TrueNAS SCALE is here and with it comes new way of installing and managing applications.You can install official apps, unofficial and community apps using TrueCharts, and also any Docker image or Kubernetes deployment with helm.Join me as we dive into managing applications and exploring TrueNAS SCALES’s new app engine that runs Docker, Kubernetes, and K3S.

📺 Watch Video

If you’re looking for Community App Catalog for TrueNAS SCALE, you can find it here

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/truenas-vs-unraid/index.html b/posts/truenas-vs-unraid/index.html new file mode 100644 index 0000000000..f2d5a81c08 --- /dev/null +++ b/posts/truenas-vs-unraid/index.html @@ -0,0 +1 @@ + TrueNAS vs Unraid - Which one is the BEST NAS OS for my HomeLab | Techno Tim
Post

TrueNAS vs Unraid - Which one is the BEST NAS OS for my HomeLab

Which is the best NAS operating system to use at home and in your HomeLab?

Is it Unraid for maximizing storage efficiency?

Or is it TrueNAS for bringing enterprise ZFS to home?

Let’s find out.

📺 Watch Video

Disclosures

  • This video is NOT sponsored.
  • I bought Unraid with my own money.
  • If you’d like see more sponsor-free videos, see one of the ways to support me below!

Ways to support

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/truenas-zfs-expand/index.html b/posts/truenas-zfs-expand/index.html new file mode 100644 index 0000000000..2448e76fc0 --- /dev/null +++ b/posts/truenas-zfs-expand/index.html @@ -0,0 +1 @@ + The EASIEST way to Expand Your ZFS Pool in TrueNAS (But is it the Best?) | Techno Tim
Post

The EASIEST way to Expand Your ZFS Pool in TrueNAS (But is it the Best?)

ZFS is a great file system that comes with TrueNAS and can meet all of your storage needs.But with it comes some complexity on how to manage and expand your ZFS storage pools.Over the last week I learned all about storage pools and how to move them, expand them, and even what not to do when trying to grow your storage pool.Join me as I figure out how to move a 20 TB pool to my new storage server with 100 TB of raw data.

📺 Watch Video

📦 Products in this video 📦

Seagate Exos 14TB Drives https://amzn.to/3kaQnkN

Seagate IronWolf 8TB Drives https://amzn.to/3iGq3yH

See all of the storage I recommend in this kit!

https://kit.co/TechnoTim/best-ssd-hard-drive-flash-storage

(Affiliate links may be included in this description. I may receive a small commission at no cost to you.)

Chapters

00:00 - What are my options for expanding ZFS?

00:25 - Use ZFS Snapshot Replication (My First Attempt)

02:20 - Just Copy the Data to the New Pool (My Second Attempt)

03:01 - Expand the Pool by Replacing All Disks (My Third Attempt)

04:27 - Replacing All of the Drives & Resilvering

07:16 - Pool has Expanded!

07:43 - My Beef with ZFS and Recommendations

09:20 - Stream Highlight - This is how I got into this mess with ZFS…

A clip used in this video was from Tom Lawrence’s channel. Thanks Tom!

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/turing-pi-2-hardware/index.html b/posts/turing-pi-2-hardware/index.html new file mode 100644 index 0000000000..1726729381 --- /dev/null +++ b/posts/turing-pi-2-hardware/index.html @@ -0,0 +1 @@ + Meet the Turing Pi 2 - Mix Pis and NVidia Jetsons on a Mini ITX Board! | Techno Tim
Post

Meet the Turing Pi 2 - Mix Pis and NVidia Jetsons on a Mini ITX Board!

The Turing Pi 2 is a compact ARM cluster that provides a scalable computing on the edge.The Turning Pi 2 comes with many improvements over the Turning Pi 1.This model ships with 32GB of RAM, SATA III interface, Raspberry Pi Compute module 4 support, and support for NVIDIA Jetson boards.This means that you can mix and match both raspberry Pis along with Nvidia Jetson boards. This gives us a ton of flexibility to be able to run Pis for general compute workloads, and then Nvidia Jetsons for AI or ML workloads.Join me as we explore the Turing Pi 2 and prepare its home inside of my HomeLab server rack.

📺 Watch Video

Turing Pi 2 - https://turingpi.com

Raspberry Pi Compute Modules - https://www.raspberrypi.com/products/compute-module-4

NVIDIA Jetson - https://amzn.to/3eGDQje

Rosewill 2U Server Chassis Case - https://amzn.to/3qxbygk

EVGA 550 Power Supply - https://amzn.to/3EMEzd4

Noctua 80mm Redux PWM Fans - https://amzn.to/3zdBUbp

Samsung EVO microSD 64 GB - https://amzn.to/3FR5Oos

Samsung EVO microSD 128 GB - https://amzn.to/3eCIajx

CR2032 Batteries - https://amzn.to/3zfWE2b

CM4 Heat Sinks - https://amzn.to/31hSVVk

Multipurpose Rails https://amzn.to/3Hr6wsS

4 Pin Splitter Cables https://amzn.to/3mQvzh4

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/twitch-bot/index.html b/posts/twitch-bot/index.html new file mode 100644 index 0000000000..d2b15fc62f --- /dev/null +++ b/posts/twitch-bot/index.html @@ -0,0 +1 @@ + How to Build a Twitch Bot Using TMI.JS (a moderator bot) | Techno Tim
Post

How to Build a Twitch Bot Using TMI.JS (a moderator bot)

Let’s build a bot! Not a bad bot like a view bot, but bot for good.Let’s build a Twitch moderator bot using tmi.js! The Twitch API is powerful and and already has lots of great bots however no bot has the flexibility of creating your own! In this video I will show you how to build a Twitch bot using TMI.JS from start to finish.You’ll see how to use the developer portal, set up oauth, set the correct scopes, get an access token, create a bot using JavaScript, NodeJS, and NPM, invite the bot to your Twitch channel, and have it moderate your chat.Also, We have made this bot open source and will continue to contribute to this bot.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/udm-pro-max/index.html b/posts/udm-pro-max/index.html new file mode 100644 index 0000000000..a4fd15a46c --- /dev/null +++ b/posts/udm-pro-max/index.html @@ -0,0 +1 @@ + FINALLY! A New UniFi Dream Machine! | Techno Tim
Post

FINALLY! A New UniFi Dream Machine!

The UDM Pro Max is here and it’s packed with upgrades like a faster CPU, more RAM, an internal SSD, more eMMC, Dual Drive bays and more! Today we check on the new UniFi Dream Machine Pro Max, configure and test Shadow Mode, and test network throughput to see if this really is the fastest UniFi Dram Machine yet.

📺 Watch Video

Disclosures:

  • Nothing in this video was sponsored
  • Products were given for testing the new Shadow Mode feature and the new UniFi OS4 (coming soon).
  • I wasn’t paid money.

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/ultimate-homelab-server/index.html b/posts/ultimate-homelab-server/index.html new file mode 100644 index 0000000000..e8447469cd --- /dev/null +++ b/posts/ultimate-homelab-server/index.html @@ -0,0 +1 @@ + Building My ULTIMATE, All-inOne, HomeLab Server | Techno Tim
Post

Building My ULTIMATE, All-inOne, HomeLab Server

Today I built the ultimate, all in one, HomeLab Home Server to handle everything.

📺 Watch Video

Disclosures:

  • Sliger did send this case to me however asked for nothing in return.

Other 4u Cases

Other Parts

(Affiliate links may be included in this description. I may receive a small commission at no cost to you.)

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/unifi-ap-bridge-mode/index.html b/posts/unifi-ap-bridge-mode/index.html new file mode 100644 index 0000000000..d4b8318fa8 --- /dev/null +++ b/posts/unifi-ap-bridge-mode/index.html @@ -0,0 +1 @@ + Bridge Mode with UniFi Access Points | Techno Tim
Post

Bridge Mode with UniFi Access Points

Do you have some places where you can’t run ethernet? Do want to extend your ethernet without pulling more cable? Well this is the guide for you.In this step-by-step tutorial we’ll use a Ubiquiti UniFi AP AC PRO and connect a second as a guest, giving use remote ethernet to a remote site! This is the pro tip guide to setting up a wireless bridge! Bonus, we’ll even do a live throughput test to see how much bandwidth we get running in bridge mode with 2 AC Pros!

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/unifi-express/index.html b/posts/unifi-express/index.html new file mode 100644 index 0000000000..57a978a672 --- /dev/null +++ b/posts/unifi-express/index.html @@ -0,0 +1 @@ + Setting up your UniFi Express | Techno Tim
Post

Setting up your UniFi Express

The UniFi Express from Ubiquiti is here and it’s going to shake up how we connect small and home networks. It’s a gateway that has WiFi 6 that runs the UniFi network application and can transform into an access point or mesh when your network grows. We’ll be taking a look at this device, its features, how to configure and manage it, and discuss all the uses cases for this versatile device.

📺 Watch Video

Disclosures:

  • I was not paid
  • I was sent UniFi Express devices for review

What is the UniFi Express?

UniFi Express Introducing the UniFi Express

This newly released UniFi Express device is here and it’s here to shake up small networks. It’s a device that’s flexible enough to be used in just about any situation and comes in a small compact form factor with a small footprint. It’s a compact device that can act as a gateway and provide WiFI 6 to power your entire network, or can transform into a mesh device to expand your wireless network, or you can add it to an existing network and run it in access point only mode. Yes, it’s that flexible.

If you’ve not yet experienced UniFi’s network app and wireless access points, this might be the best entry point for you, and if you’re already using devices in their ecosystem, this can fight seamlessly with your existing network deployments.

Specs

UniFi Express LCM It has a nice little LCM screen that can display useful information

It’s a small compact device that’s all white.

  • It measures about 3 ½ inches long and wide, and sits only about an inch high.
  • It’s made of plastic but has an aluminum bottom, I assume to help dissipate heat.
  • It’s powered by USB C
  • Has 2 network interfaces, a gigabit LAN port and a gigabit WAN port.
  • It has 2x2 2.4 GHz MIMO support and 2x2 5 GHz MIMO support which has a max throughput rate of 573 Mb/s for 2.4 Ghz and 2.4 Gb/s for 5 Ghz.
  • It supports most WiFi standards including WiFi6, and supports the typical WiFi security WPA standards from enterprise all the way up to WPA3.
  • It supports up to 8 unique SSIDS and can service over 60 clients at once, all from this little device.
  • It also has this awesome LCM screen that displays the network status reported by the UniFi network application.

Setting up this device is easy too.

Setting up / Network App

After powering it on you’ll want to adopt this device. It has bluetooth built in so you can adopt it if you have an existing unifi device on your network that also has bluetooth, or even easier from the UniFi network app on your phone.

Then you have the choice of setting up a new system, which is what we’ll choose, but you can also add this to an existing system which we’ll talk about later.

You’ll name your device and set up WiFi, and then it will set up this device for you automatically.

It will prepare the system for a few minutes and after that you’ll be able to connect to your newly created wifi network.

Once you’re connected, you can choose to manage the UniFi network via mobile app, or even the web. If you want to manage this from the cloud you can do this easily in the UniFi site manager. Once you land there you should see your UniFi Express ad clicking on that will bring you to the Network manager app.

If you’re familiar with the UniFi network app, you’ll feel right at home because it’s the same network application you’re used to with other UniFi products. But if you’re not, we’ll walk through some of the highlights of the application so you can understand how you can use your UniFi express.

Dashboard

UniFi network dashboard It comes with the UniFi Dashboard

This is going to give you a heads up display of your network health and statistics. First we’ll need to turn on dark mode, there that’s better. The dashboard is great for seeing how your network is doing at a glance. From here you can drill into the different aspects of your network or for example if you wanted to see why this device is the most active, you can drill into it, see details and insights about the device, and even test the latency right from here.

You can also discover these features using the navigation on the left.

Topology

UniFi network dashboard topology Topology shows how data flows through your network

Topology will show you your network typology and how each device connects to your network. It also has this cool visualization of how traffic flows through your network, I would watch that all day.

UniFi Devices

UniFi network dashboard unifi devices This section shows all of your UniFi devices

The unifi devices will just show your unifi devices on the network. This will look pretty bare with only a unifi express but if you have a more complicated network like I do at home, you can visually see how each device is connected. We’ll make this light up a little later with another device, and even create a mesh network with that additional device just waiting to be adopted.

Client Devices

UniFi network dashboard client devices This section shows all of your client devices, non-UniFi devices

In the client devices section you will see all of your client devices, your non unifi devices that are connected to the network. You’ll also see some more details about each device and you can always drill into each to see more information about them.

For example we can see that this device here is connected to the unifi express, using WiFI 6, and the connection is excellent. And here, again, you see insights, settings, and even test the latency for the device.

Ports

UniFi network dashboard ports This section shows the port manager. The UniFi express only has 2.

In the ports section you see the port manager for each device. This is where you can manage the ports on your device. With the unifi express, we only have 2 ports. 1 LAN and One LAN. As far as port management goes on the WAN device, we can only manage the negotiation, but on the LAN side we can manage all aspects of the port.

We can rename it, disable it or enable it, we can change the VLAN (if we had more set up, which we’ll do in a bit) Allow or block tagged VLANs, and even some advanced configurations/

Radios

UniFi network dashboard radios This section shows the radio manager.

The radios section is where you will get lots of wireless insights. You can see which network you are managing and other information. But if you look at the top this is where you will see some really interesting insights. Coverage is going to show you how dense your network is compared to the clients that are connecting. This is helpful because it will let you know if clients are too far away and if adding another AP is recommended. Connectivity is going to show you if any clients have connectivity issues which is super helpful if some of your clients have issues connecting.

UniFi network dashboard environment This section shows other SSIDs in the area

Environment is going to show you all of the other networks in your area. This is really helpful for choosing your network channels for WiFi, something that UniFi can do for you automatically that we’ll see later. And speed tests are where all of your client speed tests are. This is a hidden gem and yet another reason I love UniFi products.

UniFi WiFiman WiFiMan is a great app that works with UniFi network application to test your network and save the results

They have great mobile apps like WiFi man. WiFI man will help you test your network speeds from the client to the internet, check your WiFI signal, and even help you connect your device to VPN. Once you run a speed test on your device, the results will be stored in the Speed Tests section so you can compare results later.

Gateway

UniFi network dashboard gateway Gateway shows which clients are using which services across your entire network

The gateway section is going to show some of the metrics from your gateway. This includes classification of services being used across your network. You can see which apps, services, and protocols along with the amount of data they are using.

System Log

In the system log section you can see different types of alerts and logs for your device and even manage push notifications for alerts.

Settings

In the settings section is where you can find all of the configuration options for your network.

WiFi

In the wifi section you can create new networks, like a guest network in just a couple of clicks. You have a whole host of options for configuring wireless networks here.

One of the other options you might have seen in the WiFi section is the option to optimize now. This option scans for wireless networks and tries to find the best wifi channel for you to use. I would recommend doing this right away, and then again on a schedule which we’ll cover in a bit.

Networks

In the network sections this is where you will configure some advanced options like VLANs. I won’t cover this here because I’ve already covered this in depth in a video, but this is where you would do it.

Internet

The internet section is for configuring some of your WAN options, things like static IP addresses, dynamic DNS, and others can be configured here.

VPN

The next section is for VPN and that’s where this device really gets awesome, not that it wasn’t already, but you can set up Teleport, which is UniFi’s 0 configuration VPN we talked about earlier with the WiFi Man app which will allow you to create a VPN connection just by sending a link. It’s super handy. If you don’t want to go that route you have your more traditional methods for doing that, with WireGuard, OpenVPN, and L2TP. You can also configure this to be a VPN client of another network, or set up a site to site VPN connecting this network to another network. Again, these are the same options you see across all unifi devices that support the UniFi network app.

Security

In the security section you do see a slight difference between this device and some of their other devices. This device does have IDS and IPS so you’re going to see any configuration options there. IDS and IPS will help detect and block different security volitions based on rules and heuristics. You do see this option on devices like the UDM pro but it’s missing on this device.

I think the reason for this is:

  1. cost
  2. performance
  3. make it more modular

It seems they are breaking this up a bit but we’ll cover this a little later. But here we can configure general security including ad blocking and country blocking, traffic rules that can apply to different categories, port forwarding, probably the most important thing in this section, firewall rules for your VLANs and your WAN.

Routing

We also have routing which is for creating static routes

Profiles

Profiles where you get to create groups and settings that can be applied to ports, speed limits, RADIUS users, and IPs.

System

And lastly in System we can change UI settings, schedule automatic updates, schedule automatic backups, and turn on some additional services in the advanced section. Who is this for Meshing

Use Cases

After looking at all of the features that are supported in the UniFi network application and those that aren’t, you might be wondering who this device is for. The more I thought about this the more use cases I came up with!

Small Business / Small Networks

First of all, it’s obvious that this is for any small business that wants a low cost but powerful network management with WiFi 6. It lets you create and manage a new site with vpn capabilities for a fraction of the cost of a typical deployment and on top of that it gives you WiFi 6. It then allows you to expand the network by adding additional switches and other UniFi access points.

And if that site expands in the future, you can add additional UniFi Express devices that can act as an access point only and even mesh mode. That’s right, if you adopt this device to a network that already has a network controller running it will run in access point mode allowing you to extend your wifi range.

Existing Networks

This also works for existing UniFi networks. Say for instance you have a network set up already and want to add a simple, small access point, you can plug this in, adapt it to your existing network, and have a wifi range extender in minutes.

Remote Workers

This is great for remote workers too, since it can connect back to your corporate network with a VPN connection.

Home Network

UniFi express at home UniFi express is an easy recommendation for home use

This could also be used at home for the home user. It’s more device than most will even need at home but provides a simple way to create a mesh network at home. You can start with one and expand as you need. And a majority of home users only use wireless anyway so the fact that it only has one network port is fine for most people.

Mesh Network for Expansion

This also applies to anyone that has a Dream Router that wants to add some more coverage to their network without running ethernet cables and worrying about Power over ethernet. With an express you just plug one of these in, mesh it, and you’ve expanded your network. This is really helpful if you also have UniFi Protect Wireless cameras or DoorBells that aren’t near your router.

Remote Tech Support

And a few personal use cases that I’ve thought about are installing one of these at my family’s house for the occasional remote support that comes up every now and then. This makes troubleshooting their networks remotely so much easier than walking them through it.

Travel Router

UniFi express at a travel router This might replace my travel router… time will tell

And lastly something that I plan to use this for is for my travel router. I’ve always wanted a UniFi device that’s small enough to travel with that provides secure access back to my home. Now I know that’s super specialized but it’s something that I’ve been trying to build on my own for quite some time.

UniFi Express is Versatile

UniFi express to expand your network UniFi express is a great way to expand your network

The more I think about this device the more use cases I come up with, from the first time home user that wants reliable WiFi at home, to the “pro-sumer” at home that wants to dip their toes in the UnFi ecosystem at a budget, to the company that wants to give a small remote site wifi access and the ability to expand while still managing their network, to the remote user that wants access back to their corporate LAN without a bunch of network gear in their home, to me, the odd ball, who just wants to bring a device with them when the travel so that all devices can securely connect back to home. I am sure there are plenty more use cases I missed, so let me know your thoughts in the comments below.

Well I learned a ton about the net UniFi Express, how to mesh wireless networks, and I hope you learned something too, and remember if you found anything in this post helpful, don’t forget share with a friend!

Join the conversation

Where to Buy

UniFi Express:

Other items in this video (because I know you will ask)

(Affiliate links may be included in this description. I may receive a small commission at no cost to you.)

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/unifi-pro-max/index.html b/posts/unifi-pro-max/index.html new file mode 100644 index 0000000000..b9d521f962 --- /dev/null +++ b/posts/unifi-pro-max/index.html @@ -0,0 +1 @@ + UniFi Pro Max Switches & Etherlighting™ Patch Cables! | Techno Tim
Post

UniFi Pro Max Switches & Etherlighting™ Patch Cables!

Introducing the UniFi Pro Max 24 PoE and UniFi Etherlighting™ Patch Cables from Ubiquiti! We’ll discuss what makes this switch unique, how they are different from the existing pro line, and even take a close look at their new cables that are meant for this switch. Is it useful or just a gimmick?

📺 Watch Video

Disclosures:

  • I was sent a UniFi Pro Max PoE and cables for evaluation
  • I was not paid

Join the conversation

Where to Buy

(Affiliate links may be included in this description. I may receive a small commission at no cost to you.)

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/unraid-first-time/index.html b/posts/unraid-first-time/index.html new file mode 100644 index 0000000000..db827e221e --- /dev/null +++ b/posts/unraid-first-time/index.html @@ -0,0 +1 @@ + I tried Unraid for the FIRST time in 2024 | Techno Tim
Post

I tried Unraid for the FIRST time in 2024

I knew nothing about Unraid until today. I finally installed Unraid in my HomeLab on one of my servers. Is it any good? Does it live up to the hype? Let’s find out in my candid walkthrough of Unraid as you see and hear my successes as well as my struggles.

📺 Watch Video

Disclosures

  • This video is NOT sponsored.
  • I bought Unraid with my own money.
  • If you’d like see more sponsor-free videos, see one of the ways to support me below!

Quality USB Drives

Unraid License

(Affiliate links may be included in this description. I may receive a small commission at no cost to you.)

Ways to support

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

🤝 Support me and help keep this site ad-free!

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/update-flux/index.html b/posts/update-flux/index.html new file mode 100644 index 0000000000..f04a51c313 --- /dev/null +++ b/posts/update-flux/index.html @@ -0,0 +1,97 @@ + Updating Flux Installation Using the Latest Binary from CLI | Techno Tim
Post

Updating Flux Installation Using the Latest Binary from CLI

What is Flux?

Flux is a tool for keeping Kubernetes clusters in sync with sources of configuration (like Git repositories), and automating updates to configuration when there is new code to deploy. It’s open source and you can read more about it on the GitHub repo. Looking for a tutorial on how use this? Check out this video on how to use SOPS and Age for your Git Repos!

Updating Flux

We’re going to use curl so you’ll want to be sure you have it installed

1
+
curl -V
+

This should return something similar to the following

1
+2
+3
+4
+
curl 7.68.0 (x86_64-pc-linux-gnu) libcurl/7.68.0 OpenSSL/1.1.1f zlib/1.2.11 brotli/1.0.7 libidn2/2.2.0 libpsl/0.21.0 (+libidn2/2.2.0) libssh/0.9.3/openssl/zlib nghttp2/1.40.0 librtmp/2.3
+Release-Date: 2020-01-08
+Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp
+Features: AsynchDNS brotli GSS-API HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP UnixSockets
+
1
+
sudo apt update && sudo apt install curl
+

Then we’ll want to download the latest Flux binary by running

1
+
curl -s https://fluxcd.io/install.sh | sudo bash
+

Then we’ll want to be sure it’s installed properly by running

1
+
flux -v
+

This should return something similar to the following

1
+
flux version 0.39.0
+

Next we’ll need to locate our gotk-components.yaml file for flux in our git repo.For example, mine lives in clusters/cluster-01/base

1
+2
+3
+4
+5
+
clusters
+├── cluster-01
+│   ├── base
+│   │   └── flux-system
+│   │       └── gotk-components.yaml
+

One you locate gotk-components.yaml we’ll patch it by using the following command

1
+
flux install --export > clusters/cluster-01/base/flux-system/gotk-components.yaml
+

After this file is updated, you can check to be sure it updated the correct file by running

1
+
git diff
+

You should see something like the following

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+
diff --git a/clusters/cluster-01/base/flux-system/gotk-components.yaml b/clusters/cluster-01/base/flux-system/gotk-components.yaml
+index 79576f0f..9c26b708 100644
+--- a/clusters/cluster-01/base/flux-system/gotk-components.yaml
++++ b/clusters/cluster-01/base/flux-system/gotk-components.yaml
+@@ -1,6 +1,6 @@
+ ---
+ # This manifest was generated by flux. DO NOT EDIT.
+-# Flux Version: v0.38.3
++# Flux Version: v0.39.0
+ # Components: source-controller,kustomize-controller,helm-controller,notification-controller
+ apiVersion: v1
+ kind: Namespace
+@@ -8,7 +8,7 @@ metadata:
+   labels:
+     app.kubernetes.io/instance: flux-system
+     app.kubernetes.io/part-of: flux
+-    app.kubernetes.io/version: v0.38.3
++    app.kubernetes.io/version: v0.39.0
+     pod-security.kubernetes.io/warn: restricted
+     pod-security.kubernetes.io/warn-version: latest
+   name: flux-system
+@@ -23,7 +23,7 @@ metadata:
+     app.kubernetes.io/component: notification-controller
+     app.kubernetes.io/instance: flux-system
+     app.kubernetes.io/part-of: flux
+-    app.kubernetes.io/version: v0.38.3
++    app.kubernetes.io/version: v0.39.0
+   name: alerts.notification.toolkit.fluxcd.io
+:
+

if you see something other than the original gotk-components.yaml being updated, you might want to check the location of the file and try again.

Once this is updated, you can simply commit and push this up and let GitOps do the rest!

1
+2
+3
+
git add .
+git commit -m "feat(flux): Upgraded flux to 0.39.0" # replace with your verion
+git push
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/upgrade-freenas-to-truenas/index.html b/posts/upgrade-freenas-to-truenas/index.html new file mode 100644 index 0000000000..b05b39a217 --- /dev/null +++ b/posts/upgrade-freenas-to-truenas/index.html @@ -0,0 +1 @@ + How to Upgrade FreeNAS to TrueNAS | Techno Tim
Post

How to Upgrade FreeNAS to TrueNAS

Want to migrate FreeNAS to TrueNAS today? It’s simple using this step by step tutorial.We’ll walk through how to upgrade FreeNAS to TreNAS CORE.We’ll cover upgrading FreeNAS to TrueNAS on a physical machine (bare metal) as well as a virtualized install of FreeNAS. We’ll prepare our services, jails, plugins, virtual machines, pools, and disks for the migration and then upgrade each.We’ll even show you how to do an offline upgrade of TrueNAS and then how to upgrade a ZFS pool with newer feature flags.Finally we’ll walk through what’s different between TrueNAS and FreeNAS.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/upgrade-proxmox-to-8/index.html b/posts/upgrade-proxmox-to-8/index.html new file mode 100644 index 0000000000..d5159d1e29 --- /dev/null +++ b/posts/upgrade-proxmox-to-8/index.html @@ -0,0 +1,259 @@ + How to Upgrade Proxmox 7 to 8 | Techno Tim
Post

How to Upgrade Proxmox 7 to 8

Proxmox 8.0 has been released (June, 22, 2023) and includes several new features and a Debian version upgrade. Among the changes are:

  • Debian 12 “Bookworm”, but using a newer Linux kernel 6.2
  • QEMU 8.0.2, LXC 5.0.2, ZFS 2.1.12
  • Optional Text mode installer (TUI)
  • New default CPU type x86-64-v2-AES for VMs
  • Ceph Quincy 17.2.6 and a new, stable Ceph Enterprise repository
  • Authentication realm sync jobs
  • ACL for network resources
  • Resource mappings between PCI(e) or USB devices and nodes in a cluster
  • and more….

Many have been asking how to upgrade, so I decided to put together an easy-to-follow post to get your Proxmox server upgraded to 8!

Preparing the Upgrade to Proxmox 8

This might go without saying, but you’ll want to be sure you back up your Proxmox server’s configs as well as any virtual machines running on thi server. After you’ve done that, you’ll need to check to be sure you are running at least 7.4.15 or newer (If you need to upgrade from 6 to 7, see my post on how to do this). If you aren’t sure which version you are running, you can run this to check:

1
+
pveversion
+

This should output something similar to:

1
+
pve-manager/7.4-15/a5d2a31e (running kernel: 5.15.108-1-pve)
+

Next we’ll want to run an upgrade script to check to if there are any potential issues during the upgrade process. Don’t worry, this does not execute anything other than checks and is safe to run multiple times.

You can run it by executing:

1
+
pve7to8
+

You can also run it with all checks enabled by executing:

1
+
 pve7to8 --full
+

You should see something similar to the following in the output:

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+54
+55
+56
+57
+58
+59
+60
+61
+62
+63
+64
+65
+66
+67
+68
+69
+70
+71
+72
+73
+74
+75
+76
+77
+78
+79
+80
+81
+82
+83
+84
+85
+86
+87
+88
+89
+90
+91
+92
+93
+94
+95
+96
+97
+
➜  ~  pve7to8 --full
+= CHECKING VERSION INFORMATION FOR PVE PACKAGES =
+
+Checking for package updates..
+PASS: all packages up-to-date
+
+Checking proxmox-ve package version..
+PASS: proxmox-ve package has version >= 7.4-1
+
+Checking running kernel version..
+PASS: running kernel '5.15.108-1-pve' is considered suitable for upgrade.
+
+= CHECKING CLUSTER HEALTH/SETTINGS =
+
+PASS: systemd unit 'pve-cluster.service' is in state 'active'
+PASS: systemd unit 'corosync.service' is in state 'active'
+PASS: Cluster Filesystem is quorate.
+
+Analzying quorum settings and state..
+INFO: configured votes - nodes: 3
+INFO: configured votes - qdevice: 0
+INFO: current expected votes: 3
+INFO: current total votes: 3
+
+Checking nodelist entries..
+PASS: nodelist settings OK
+
+Checking totem settings..
+PASS: totem settings OK
+
+INFO: run 'pvecm status' to get detailed cluster status..
+
+= CHECKING HYPER-CONVERGED CEPH STATUS =
+
+SKIP: no hyper-converged ceph setup detected!
+
+= CHECKING CONFIGURED STORAGES =
+
+PASS: storage 'backups' enabled and active.
+PASS: storage 'fast10' enabled and active.
+PASS: storage 'local' enabled and active.
+INFO: Checking storage content type configuration..
+PASS: no storage content problems found
+PASS: no storage re-uses a directory for multiple content types.
+
+= MISCELLANEOUS CHECKS =
+
+INFO: Checking common daemon services..
+PASS: systemd unit 'pveproxy.service' is in state 'active'
+PASS: systemd unit 'pvedaemon.service' is in state 'active'
+PASS: systemd unit 'pvescheduler.service' is in state 'active'
+PASS: systemd unit 'pvestatd.service' is in state 'active'
+INFO: Checking for supported & active NTP service..
+WARN: systemd-timesyncd is not the best choice for time-keeping on servers, due to only applying updates on boot.
+  While not necessary for the upgrade it's recommended to use one of:
+    * chrony (Default in new Proxmox VE installations)
+    * ntpsec
+    * openntpd
+
+INFO: Checking for running guests..
+WARN: 6 running guest(s) detected - consider migrating or stopping them.
+INFO: Checking if the local node's hostname 'draco' is resolvable..
+INFO: Checking if resolved IP is configured on local node..
+PASS: Resolved node IP '192.168.0.11' configured and active on single interface.
+INFO: Check node certificate's RSA key size
+PASS: Certificate 'pve-root-ca.pem' passed Debian Busters (and newer) security level for TLS connections (4096 >= 2048)
+PASS: Certificate 'pve-ssl.pem' passed Debian Busters (and newer) security level for TLS connections (2048 >= 2048)
+INFO: Checking backup retention settings..
+PASS: no backup retention problems found.
+INFO: checking CIFS credential location..
+PASS: no CIFS credentials at outdated location found.
+INFO: Checking permission system changes..
+INFO: Checking custom role IDs for clashes with new 'PVE' namespace..
+PASS: no custom roles defined, so no clash with 'PVE' role ID namespace enforced in Proxmox VE 8
+INFO: Checking if LXCFS is running with FUSE3 library, if already upgraded..
+SKIP: not yet upgraded, no need to check the FUSE library version LXCFS uses
+INFO: Checking node and guest description/note length..
+PASS: All node config descriptions fit in the new limit of 64 KiB
+PASS: All guest config descriptions fit in the new limit of 8 KiB
+INFO: Checking container configs for deprecated lxc.cgroup entries
+PASS: No legacy 'lxc.cgroup' keys found.
+INFO: Checking if the suite for the Debian security repository is correct..
+INFO: Checking for existence of NVIDIA vGPU Manager..
+PASS: No NVIDIA vGPU Service found.
+INFO: Checking bootloader configuration...
+SKIP: not yet upgraded, no need to check the presence of systemd-boot
+SKIP: No containers on node detected.
+
+= SUMMARY =
+
+TOTAL:    33
+PASSED:   27
+SKIPPED:  4
+WARNINGS: 2
+FAILURES: 0
+
+ATTENTION: Please check the output for detailed information!
+

As you can see there are a few warnings but nothing failing. The warnings I have listed are ones related to time packages (which I am going to ignore) and one related to machines still running. To resolve the second warning I will shutdown all the machines before I upgrade.

Upgrade APT Packages

We’ll want to be sure that we’ve applied all updates to our current installation before upgrading to 8. You can do this by running:

1
+2
+
apt update
+apt dist-upgrade
+

If there are updates, I recommend applying them all, rebooting, and upgrading again if needed. Repeat this until there aren’t any up updates to apply.

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+
➜  ~ apt update
+Hit:1 http://security.debian.org bullseye-security InRelease
+Hit:2 http://download.proxmox.com/debian/pve bullseye InRelease
+Hit:3 http://ftp.us.debian.org/debian bullseye InRelease
+Hit:4 http://ftp.us.debian.org/debian bullseye-updates InRelease
+Reading package lists... Done
+Building dependency tree... Done
+Reading state information... Done
+All packages are up to date.
+
+➜  ~ apt dist-upgrade
+Reading package lists... Done
+Building dependency tree... Done
+Reading state information... Done
+Calculating upgrade... Done
+0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
+

Updating APT Repositories

Well need to update our Debian and Proxmox apt repositories to Bookworm:

1
+
sed -i 's/bullseye/bookworm/g' /etc/apt/sources.list
+

If you’re also using the “no-subscription” repository, you’ll also want to update those too:

1
+
sed -i -e 's/bullseye/bookworm/g' /etc/apt/sources.list.d/pve-install-repo.list
+

Mine is actually at /etc/apt/sources.list.d/pve-no-enterprise.list so I will run instead:

1
+
sed -i -e 's/bullseye/bookworm/g' /etc/apt/sources.list.d/pve-no-enterprise.list
+

You can verify these files by checking to be sure they were updated with bookworm:

1
+
cat /etc/apt/sources.list
+
1
+
cat /etc/apt/sources.list.d/pve-install-repo.list
+

or for me personally:

1
+
cat /etc/apt/sources.list.d/pve-no-enterprise.list
+

You should see something like this:

1
+
deb http://download.proxmox.com/debian/pve bookworm pve-no-subscription
+

Remember, you are just verifying the sed replaced bullseye with bookworm in each file.

Upgrading Ceph

If you’re running ceph you’ll want to check the Proxmox 7 to 8 Upgrade Wiki for a few additional steps. I am not running ceph so I will skip this part.

Upgrade the system to Debian Bookworm and Proxmox VE 8.0

Now all that’s left is updating the system! If you’ve made it this far it’s now time to upgrade! I would recommend stopping or migrating any virtual machines and LXC containers before proceeding.

1
+2
+
apt update
+apt dist-upgrade
+

This step may take some time depending on your internet speed and server resources.

The upgrade might ask you to approve changes to configurations files. I am going to defer to the Proxmox documentation for this step, which is shown below:

It’s suggested to check the difference for each file in question and choose the answer accordingly to what’s most appropriate for your setup. Common configuration files with changes, and the recommended choices are:

  • /etc/issue -> Proxmox VE will auto-generate this file on boot, and it has only cosmetic effects on the login console.
    • Using the default “No” (keep your currently-installed version) is safe here.
  • /etc/lvm/lvm.conf -> Changes relevant for Proxmox VE will be updated, and a newer config version might be useful.
    • If you did not make extra changes yourself and are unsure it’s suggested to choose “Yes” (install the package maintainer’s version) here.
  • /etc/default/grub -> Here you may want to take special care, as this is normally only asked for if you changed it manually, e.g., for adding some kernel command line option.
    • It’s recommended to check the difference for any relevant change, note that changes in comments (lines starting with #) are not relevant.
    • If unsure, we suggested to selected “No” (keep your currently-installed version)

Verifying the Upgrade

After upgrading all packages you can verify the upgrade by running:

1
+
pve7to8
+

If all went well, you should see everything pass (or with minimal warnings).

You can now reboot your system.

After rebooting and logging into the system for the first time, you’ll want to clear your browser’s cache for pve web, or just hard reload:

  • Windows (CTRL + SHIFT + R)
  • macOS (⌘ + Alt + R)

If you have more servers in your cluster, repeat this for each server!

Enjoy Proxmox 8!

Proxmox upgraded! Check to be sure you see Proxmox 8 here!

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/upgrade-your-room/index.html b/posts/upgrade-your-room/index.html new file mode 100644 index 0000000000..b21658852d --- /dev/null +++ b/posts/upgrade-your-room/index.html @@ -0,0 +1 @@ + Upgrade Your ROOM (One of the most OVERLOOKED stream upgrades!) | Techno Tim
Post

Upgrade Your ROOM (One of the most OVERLOOKED stream upgrades!)

There are so many upgrades out there for streaming, what do I start with? Video card? Microphone? Audio? CPU? RAM? Lights? I started with one that is overlooked by many streamers, and it’s the room I stream in.So come along with me as give a tour of my stream room makeover! Hopefully this video gives you some stream background ideas for sofas, lights, smart LED lights, accent lighting, coffee tables, plants, rugs, bookshelves, and even Hyrule Historia as I walk through my stream studio setup!

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/uptime-kuma/index.html b/posts/uptime-kuma/index.html new file mode 100644 index 0000000000..6d20df86fe --- /dev/null +++ b/posts/uptime-kuma/index.html @@ -0,0 +1,43 @@ + Meet Uptime Kuma, a Fancy Open Source Uptime Monitor for all your HomeLab Monitoring Needs | Techno Tim
Post

Meet Uptime Kuma, a Fancy Open Source Uptime Monitor for all your HomeLab Monitoring Needs

You’ve spun up lots of self-hosted services in your HomeLab but you haven’t set up monitoring and alerting yet.Well, be glad you waited because today well set up Uptime Kuma to do just that.Uptime Kuma is a self-hosted, open source, fancy uptime monitoring and alerting system.It can monitor HTTP, HTTP with keyword, TCP, Ping, and even DNS systems!

https://github.com/louislam/uptime-kuma

📺 Watch Video

Docker Setup

See this post on how to install docker and docker-compose

Running the container

If you’re using Docker compose

1
+2
+3
+4
+5
+6
+7
+
mkdir uptime-kuma
+cd uptime-kuma
+touch docker-compose.yml
+nano docker-compose.yml # copy the contents from below
+mkdir data
+ls
+docker-compose up -d --force-recreate
+

docker-compose.yml

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+
---
+version: "3.1"
+
+services:
+  uptime-kuma:
+    image: louislam/uptime-kuma:1
+    container_name: uptime-kuma
+    volumes:
+      - /home/serveradmin/docker_volumes/uptime-kuma/data:/app/data
+    ports:
+      - 3001:3001
+    restart: unless-stopped
+    security_opt:
+      - no-new-privileges:true
+

If you’re using Rancher, Portainer, Open Media Vault, Unraid, or anything else with a GUI, just copy and paste the environment variables, ports, and volumes from above into the form on the web page.

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/ventoy-tutorial/index.html b/posts/ventoy-tutorial/index.html new file mode 100644 index 0000000000..8e10ddc20b --- /dev/null +++ b/posts/ventoy-tutorial/index.html @@ -0,0 +1 @@ + How to Create a Multiboot USB with Ventoy Fast, Simple, and Easy Guide | Techno Tim
Post

How to Create a Multiboot USB with Ventoy Fast, Simple, and Easy Guide

In this quick no fluff video, I will show you how to create a multi-bootable USB drive with Ventoy that can boot all of your ISO, WIM, IMG, VHD, and EFI files.It supports both MBR and GPT partitions. This is the last USB drive you will ever need and you won’t ever need to format another one.Ventoy is free and open source.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/virtualize-truenas/index.html b/posts/virtualize-truenas/index.html new file mode 100644 index 0000000000..ad3ea217cb --- /dev/null +++ b/posts/virtualize-truenas/index.html @@ -0,0 +1 @@ + How to Install and Virtualize TrueNAS with Proxmox | Techno Tim
Post

How to Install and Virtualize TrueNAS with Proxmox

Do you want a DIY NAS? Do you want to set up TrueNAS? Have you considered virtualizing TrueNAS with Proxmox? In this video we’ll walk through installing and setting up TrueNAS and configure a samba share for Windows.We’ll also install it on a virtual server using ProxmoxVE that’s running in my Homelab.Both are free and open source.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/virtualize-vs-containerize/index.html b/posts/virtualize-vs-containerize/index.html new file mode 100644 index 0000000000..3dbb738065 --- /dev/null +++ b/posts/virtualize-vs-containerize/index.html @@ -0,0 +1 @@ + Virtualize vs. Containerize (Which should I choose?) | Techno Tim
Post

Virtualize vs. Containerize (Which should I choose?)

Should I virtualize this? Should I containerize this? These are great questions to ask yourself when spinning up self-hosted services in your Homelab environment.We’ll review my previous video (20 Ways to Use a Virtual Machine (and other ideas for your homelab) and decide which should run in a Docker container, which should be virtualized with Proxmox, and which should run on hardware as bare metal.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/vlan-firewall-unifi/index.html b/posts/vlan-firewall-unifi/index.html new file mode 100644 index 0000000000..bed3ae5846 --- /dev/null +++ b/posts/vlan-firewall-unifi/index.html @@ -0,0 +1 @@ + Configuring VLANs, Firewall Rules, and WiFi Networks - UniFi Network Application | Techno Tim
Post

Configuring VLANs, Firewall Rules, and WiFi Networks - UniFi Network Application

What is a VLAN and How Do They Help?

Today we’re going to cover setting up VLANs using UniFi’s network controller.We’ll set up a VLAN, from start to finish, which includes creating a new network, configuring a wireless network that uses VLANs, and then we’ll set up firewall rules to make sure we’re keeping our network safe. If you think VLANs are only for the enterprise, you’re wrong, I will show you how they are helpful at home too.

📺 Watch Video

So what’s a VLAN? A VLAN or Virtual Local Area Networks, is a group of devices, computers, or servers that communicate with each other as if they are on the same physical LAN, but they are actually located on separate physical LAN segments.VLANs can be created by configuring a managed network switch to segment the network into different broadcast domains.

So why are VLANs important, even to the home user?

  • VLANs are important for security.
    • They can help isolate sensitive data and systems from the rest of your network, improving security by preventing unauthorized access.
  • VLANs are important for performance.
    • VLANs can be used to separate network traffic into different segments, reducing network congestion and improving overall performance.
  • VLANS are important for management.
    • VLANS can be used to simplify network management by grouping devices based on location, department, or even function making it much easier to configure, monitor, and troubleshoot.
  • VLANs give you flexibility.
    • VLANS allow for network changes and reconfigurations without physical changes to your network infrastructure saving you time and money, and we all want to save that, right?

So what’s not to love about VLANs if they give you greater control over network traffic, help optimize network performance, give you better security, and give you management and flexibility? Well, for me it was complexity and knowing where to start.

Hardware

Ubiquiti UniFi 6 Lite Access Point - https://l.technotim.live/ubiquiti

UniFI UDM SE - https://l.technotim.live/ubiquiti

UniFi UDM Pro - https://l.technotim.live/ubiquiti

(Affiliate links are included in this description. I may receive a small commission at no cost to you.)

How to Create a VLAN with UniFi

Unifi Network - Networks A list of common VLANs in UniFi Network Application

  • Navigate Settings
  • Choose Networks
  • Choose “Create New Network”
  • Name it whatever we like (IoT)
  • Choose something descriptive
  • Choose your router (if applicable), but I wouldn’t offload routing unless you know what you’re doing.
  • I typically uncheck auto scale network and define it myself
  • We’ll choose the host address and netmask
  • While we’re at it we should also choose manual for the advanced section
  • Choose a VLAN Id
    • I typically match the 3rd octet in my case that would be 100
  • If you’re using Apple devices or Chromecast (or similar devices) on this network, you’ll want to turn on IGMP snooping & Multicast DNS
  • DHCP Mode - you’ll want to keep as DHCP server
  • For DHCP Range you’ll want to choose the beginning and end of your range.Can be anything within range.At home I usually start at 100 so I know which devices are using DHCP at a glance.
  • There are other options here that you don’t really need to change but if you do, change them to your liking

Congrats you just created your first VLAN! 🎉

Creating Wireless Network for a VLAN

Unifi Network - WiFi A list of common WiFI networks in UniFi Network Application

Once we’ve created our VLAN, we can now add this to a wireless network.This is perfect for IoT devices or really any VLAN that you want to use over your wireless network.

  • First, we’ll go to Settings, then WiFi
  • Then choose create new WiFi Network
  • We’ll name the network and give it a password
  • Then we’ll choose the Network it belongs to (IoT)
  • In the network list we can see our newly created network!
  • You can make any other adjustments you need to your wireless network, but I am going to keep the defaults.
  • Then we’ll hit apply

If you check your access points, you can now see this wireless network being set up and provisioned with the new config that contains our new WiFi network that is bound to our VLAN!

Assigning a VLAN to a Switch port

Unifi Network - Ports UniFi Network application port management

You can now assign this to one of your switch post by going into your switch and assigning it this VLAN / VLAN ID

Choose the new VLAN and let your device get a new DHCP address from the new VLAN. You should expect to see an IP in the range that we set above.

Once you choose once we assign it, let’s connect a device and test it out.

Connect a device, check its IP, ping google, then ping another device on another VLAN.Uh-oh!

UniFi allows inter VLAN communication out of the box.I guess this was a conscious decision from them to make things easier, but it does make your networks open to other networks.

We can fix that, with a firewall rule!

Configuring a Network Profile

Unifi Network - Profiles

A list of common WiFI networks in UniFi Network Application

Before we set up our firewall rules, first let’s create a profile.Profiles are a simple way to group items or alias them.This comes in handy later when creating firewall rules.

  • Navigate to Profiles
  • Create a new Profile
  • Name it something like “(VLAN NAME) Only”
  • Set type to IPv4 Address/Subnet
  • Add all of your other VLANs
    • 192.168.0.0/24 (this is the default network)
    • 192.168.10.0/24 (this is my “Trusted” network)

Again, this Profile is for all other VLANs, not our new VLAN we just created.

Configuring Firewall Rule

In order to block inter VLAN Communication we’ll need to set up some firewall rules.The pattern I usually follow is blocking all traffic from one VLAN destined to all other VLANs.This can be done by creating Profiles.

  • Navigate to Firewall & Security
  • Choose the Type
    • For inter VLAN communication you’ll want to choose “LAN In”
  • Give your Rule a description, I usually follow the convention
    • Block thing to other thing
    • e.g. Block IoT to ALL
    • Be sure this applies before predefined rules
    • for Action, choose “Drop”
  • For Source Type, Choose “Network”
  • For Network choose your new VLAN e.g. “IoT”
  • For Destination choose “Port/IP Group”
  • For IPv4 Address Group choose “IoT Only” (this is the Profile we created above)
  • For Port Group choose “Any”

This rule will block all communication that that originates on your IoT VLAN to all other VLANs (IoT Only).

You’ll also want to be sure that this rule applies after every rule that you want to allow in your list of Firewall rules.

  • Navigate to Firewall & Security
  • Check rule order
  • Be sure that any rule you create that Allows / Accepts is above this rule that Blocks / Denies.

Testing

Testing Your Rules

Be sure to test all of your firewall rules!

Once you have these rules in place, I highly recommend you test your firewall rules.Some examples of things you should test

  • Can you communicate with the IoT VLAN from your Trusted VLAN?
  • Can you communicate with the Trusted VLAN from your IoT VLAN?
  • Can you communicate with the gateway (192.168.100.1) from your IoT VLAN?
  • Can you communicate with DNS from your IoT VLAN?

Checking these types of things will help you verify that your network rules are being applied properly.Repeat these tests anytime you make changes.

Wrapping up

At this point you should have a new VLAN that works on your WiFi access points, your network ports, and should have firewall rules in place to prevent unauthorized access! You can simply repeat this process for every new VLAN that you need! Have you set up VLANs yet?

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/wake-on-lan/index.html b/posts/wake-on-lan/index.html new file mode 100644 index 0000000000..d47b672adc --- /dev/null +++ b/posts/wake-on-lan/index.html @@ -0,0 +1,113 @@ + The Ultimate Guide to Wake on LAN for Windows, MacOS, and Linux | Techno Tim
Post

The Ultimate Guide to Wake on LAN for Windows, MacOS, and Linux

What is Wake on LAN and why is it so hard?

After releasing my video on the PiKVM I realized that there was so much confusion about Wake on LAN, and rightfully so, that I decided to put together this guide on how to configure Wake on LAN on any machine. Wake on LAN (WoL) is a networking standard that allows a computer to be turned on by sending a network packet. The client sends a special packet (sometimes referred to as a “magic packet”) and the remote machine will wake up either from a cold power state or from sleep.This is where it starts to get complicated because different hardware manufactures have implemented different controls in BIOS to enable or disable this, and to make even more complex operating systems like Windows, macOS, and Linux have also implemented their own way to wake the machine up when it’s sleeping or in a low powered state.I am just going to throw this out there, Wake on LAN is hard.Since there are many different combinations I will try to cover how to configure your machines wake up successfully regardless of hardware, operating system, and power state.

Preparing your hardware for Wake on LAN

In order to wake your machine up, we have to be sure that WoL features are turned on in the BIOS and that other features are disabled.Since I cannot test every single BIOS out there, I am going to use my machine as an example for the types of options you will need to enable or disable.Most of the options should be named similarly however where it is located in your BIOS will depend on your manufacturer.

First, you’ll need to get into the BIOS of the machine, this is typically done by pressing a key at book like f2 or del but varies by machine.

Once you’re in you’re in we’ll start changing some settings.

Power settings

You’ll want to look around for something similar to power settings.If you do not see these options in your power settings, it could be in advanced, networking, or onboard devices.

Windows WOL Client Power settings menu for Intel NUC.This will look different for your machine but the idea is still the same

Here are some things to look for:

  • Deep S4/S5 Sleep - You’ll want to disable this, otherwise only the power button will wake the machine which will disable Wake on LAN

  • Wake on LAN from S4/S5 - You’ll want to enable this setting and if it has an option choose Power on - Normal Boot

  • Wake System from S5 - You’ll want to disable this.This is basically an alarm clock for your machine.There’s no need to enable this unless you want set a time for it to turn on every day.I’ve used this in the past as a contingency plan for some of my servers in case they were powered off accidentally. I would set an alarm for 12 AM.

  • USB S4/S5 Power - I typically disable this if it’s a server since nothing should be plugged in but if it’s a desktop with USB devices you want powered you can turn it on safely.

  • Wake on LAN - enable this might sound obvious but some older systems have an option that says exactly that however newer systems have options for waking in all of the different sleep states.

  • What to do when AC Power is restored - This is optional but I usually set it to Stay Off if it’s a desktop, Power On if it’s a server that should always be on, and Last power state if it’s something like a machine that I wake seldomly.There is one exception, which is if you have a way to toggle the power remotely too.I have a USP PDU Pro from UniFi that I can toggle all of my servers on and off.If you are able to toggle them on and off, the best setting is Power On, that way you have a way to power them on, even if they were gracefully shut down previously.

Another quick check you can do is power down the machine and check to be sure the network light is lit up on your NIC.If it’s not, this means Wake on LAN is not enabled on your machine and you’ll have to find the option in your BIOS to make it work.

Bare Metal Wake up

If you don’t have an operating system on your machine yet, you should be able to wake up the machine over the network now.If you do have an operating system on your machine, another way you can test a bare metal / cold boot wake is by pulling the power on the machine and then plugging it back in.The reason this should work is because modern operating systems might not fully shut down (they go into a sort of sleep) or might disable WoL on the NIC when shutting down.We’ll fix this in the next section.

Waking up a Windows machine

After you enabled Wake on LAN in the BIOS, and verified you see the light on your NIC blinking when you power off your machine, we can now enable Wake on LAN at the operating system level for Windows.This will work on all modern versions of Windows (Windows 10 and Windows 11).

Device manager

First we’ll want to open the Device Manager.You can do this from the UI or from a command prompt

1
+
devmgmt.msc
+

Windows device manager Be sure to select the network card that you use to connect to your network.

  • Once open you’ll want to expand Network adapters and find your network adapter, then right click and choose Properties
  • Then choose the Power Management tab and be sure that all of these options are enabled
    • Allow the computer to turn off this device to save power
    • Allow this device to wake the computer
    • Only allow a magic packet to wake the computer.

Windows Power management for NIC Power Management options for your network adapter.

Then we’ll need to verify a few more settings.These settings may or may not exist and depend on your network adapter manufacturer.

  • Click on the Advanced Tab for your Network Adapter
  • Find Wake on Magic Packet and set it to Enabled
  • Find WOL & Shutdown Link Speed and set it to 10 Mbps You’ll want to be sure that your switch supports this speed, otherwise Auto should be fine
  • Click OK

You should check to see if Wake on LAN works before proceeding to the next step since this might not be necessary with your machine.

Fast Startup

Another Windows Feature that can prevent a machine from shutting down properly to allow Wake on LAN is Fast Startup.This disables hibernation.I recommend testing to see if Wake on LAN works before disabling this.

First, we’ll need to open the Power Control Panel.You can do this from the UI or from a command prompt

1
+
powercfg.cpl
+

Then we’ll need to change some settings

  • Click Choose what the power buttons do from the left menu
  • Click Change settings that are currently unavailable
  • Uncheck Turn on fast startup (recommended)
  • Click Save changes

You should now check to see if Wake on LAN works for your machine.

Waking up a Linux machine

After you enable Wake on LAN in the BIOS, and verified you see the light on your NIC blinking when you power off your machine, we can now enable Wake on LAN at the operating system level for Linux.This sounds odd but I have found that machines (especially Linux) need WoL turned on for each NIC.

Install ethtool if you don’t have it already

1
+2
+
sudo apt update
+sudo apt install ethtool
+

First check to see if WoL is supported by your NIC

1
+2
+
ip a # this will list all of your NICs
+sudo ethtool eno1 # replace with one of the NICs you want to check
+

This should output something similar to

Settings for eno1:
+        Supported ports: [ TP ]
+        Supported link modes:   10baseT/Half 10baseT/Full
+                                100baseT/Half 100baseT/Full
+                                1000baseT/Full
+        Supported pause frame use: No
+        Supports auto-negotiation: Yes
+        Supported FEC modes: Not reported
+        Advertised link modes:  10baseT/Half 10baseT/Full
+                                100baseT/Half 100baseT/Full
+                                1000baseT/Full
+        Advertised pause frame use: No
+        Advertised auto-negotiation: Yes
+        Advertised FEC modes: Not reported
+        Speed: 1000Mb/s
+        Duplex: Full
+        Auto-negotiation: on
+        Port: Twisted Pair
+        PHYAD: 1
+        Transceiver: internal
+        MDI-X: on (auto)
+        Supports Wake-on: pumbg
+        Wake-on: g
+        Current message level: 0x00000007 (7)
+                               drv probe link
+        Link detected: yes
+

You’re looking for Supports Wake-on: pumbg with at least the letter g in the string.This means that the NIC does support WoL for a magic packet, which is a good thing.If you don’t see this here, don’t worry we’ll fix it in netplan

Using Netplan

There are lots of outdated commands you’ll find on the internet that won’t work or will partially work so I advise that you only do this with netplan.If you don’t have netplan installed (Debian, etc…) skip to the next section.

To edit your netplan

1
+
sudo nano /etc/netplan/01-netcfg.yaml  # replace with your netplan yaml
+

Once here, you’ll see your network settings.You’ll want to turn on wakeonlan in this yaml for each NIC.For example if you have 2 NICs, eno1 and enp2s0 you would add it in both places under that key.

1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+
# This file describes the network interfaces available on your system
+# For more information, see netplan(5).
+network:
+  version: 2
+  renderer: networkd
+  ethernets:
+    eno1:
+      dhcp4: yes
+      wakeonlan: true
+    enp2s0:
+      dhcp4:  yes
+      wakeonlan: true
+

Once this is set, you’ll want to apply your netplan.

1
+
sudo netplan apply
+

Then we’ll want to shutdown

1
+
sudo shutdown -P now
+

Now we should be able to wake up the machine using WoL from a remote machine.

Without Netplan (Debian, etc…)

Since you don’t have netplan we’ll have to create a service and enable it.Do not do this step if you configure it with netplan.

Find the path to ethtool

1
+
which ethtool
+

In my case it’s at /usr/sbin/ethtool but your may vary.

Nest we’ll create a file at /etc/systemd/system/wol.service

1
+
nano /etc/systemd/system/wol.service
+

In this file add the following

1
+2
+3
+4
+5
+6
+7
+8
+9
+
[Unit]
+Description=Enable Wake On LAN
+
+[Service]
+Type=oneshot
+ExecStart = /usr/sbin/ethtool --change eno1 wol g
+
+[Install]
+WantedBy=basic.target
+

You’ll want to be sure to change your path for ethtool as well eno1 to the name of your NIC

Then we’ll need to enable the service

1
+2
+
sudo systemctl daemon-reload
+sudo systemctl enable wol.service
+

Then we can check to be sure out service is started

1
+
systemctl status wol
+

Then we’ll want to shutdown

1
+
sudo shutdown -P now
+

Now we should be able to wake up the machine using WoL from a remote machine.

Waking up a Mac

Waking up a Mac is pretty easy, the easiest of them all.The most challenging part is finding the option in System Preferences.

For a Macbook:

  • Open System Preferences and search for power
  • Click on Power Nap in Battery
  • You’ll see Wake for network access here you can choose whether you want to wake up Always or Only on Power Adapter.Either of these options should be fine.

For all other Macs you’ll want to search System Preferences for another option.

  • Search for “Energy Saver”
  • Here you’ll see an option to Wake for network access.Be sure this is check

Windows WOL Client This option might appear different in different versions of macOS and it also varies by form factor, but you’ll want to be sure that the “Wake for network access” option is turned on

Installing a Wake on LAN client

In order to wake up a remote machine machine up, you will need a tool that can send a wake on LAN packet to the remote machine.

Windows Wake On LAN CLient

I am a fan of doing this in a terminal however a decent Windows utility with a GUI is WakeOnLAN.It’s also open source and hosted on GitHub.After installing it and configuring a machine to wake you should be able to wake your machine if it is on the same network and you’ve followed the other steps that are outlined in this guide.

Windows WOL Client WakeOnLAN is an open source Windows utility that has a nice GUI

Linux Wake on LAN client

I usually prefer installing a command line tool to wake machines up over the network from a Linux machine and I typically using wakeonlan an open source utility that’s simple to use.

To install it on a Debian-like system:

1
+2
+
sudo apt update
+sudo apt install wakeonlan
+

Once it’s installed you can now wake machines on the same network by using the command:

1
+
 sudo wakeonlan 00:11:22:33:44:55
+

If your machine is on another network and you can reach the broadcast IP, you can supply it in your command

1
+
 sudo wakeonlan -i 192.168.2.255 00:11:22:33:44:55
+

Be sure to replace the mac address and broadcast IP above with the mac address of the remote machine and set the broadcast IP if on a different network.

macOS Wake on LAN client

To instal a client for macOS it’s very simple using brew

1
+
brew install wakeonlan
+

Once it’s installed you can now wake machines on the same network by using the command:

1
+
 wakeonlan 00:11:22:33:44:55
+

If your machine is on another network and you can reach the broadcast IP, you can supply it in your command

1
+
 wakeonlan -i 192.168.2.255 00:11:22:33:44:55
+

Be sure to replace the mac address and broadcast IP above with the mac address of the remote machine and set the broadcast IP if on a different network.

Wrapping up

At this point you should be able to power on any machine from any machine on your network. One piece of advice is if you are using VLANs you’ll want to b sure you are sending the WoL packet from the same network, otherwise you’ll have to be sure that you can reach and target the right broadcast IP from the network you are on.As I mentioned in the beginning of this post, Wake on LAN is hard however if you follow these steps for each machine type you should be able to enjoy reliably waking up your machine remotely over the network.

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/we-are-homelab/index.html b/posts/we-are-homelab/index.html new file mode 100644 index 0000000000..a98140a88f --- /dev/null +++ b/posts/we-are-homelab/index.html @@ -0,0 +1 @@ + What is a HomeLab and How Do I Get Started? | Techno Tim
Post

What is a HomeLab and How Do I Get Started?

What is a Home Lab and how do you get started? It’s easy. You can get started today in a few different ways. You can virtualize your entire home lab or build it on an old PC, a Raspberry Pi, or even some enterprise servers. The choice is really up to you. You’ll need to first establish some goals for your homelab to determine capacity for your workloads. After that, the rest is up to you. You can take it as far as you want to go, and remember each home lab is almost as unique as the individual who builds it!

Please share this with anyone who asks what a Home Lab is.

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/webtop-container/index.html b/posts/webtop-container/index.html new file mode 100644 index 0000000000..2b069e2298 --- /dev/null +++ b/posts/webtop-container/index.html @@ -0,0 +1,13 @@ + Linux desktop, inside of a container, inside of a browser??? Yes. A Webtop. | Techno Tim
Post

Linux desktop, inside of a container, inside of a browser??? Yes. A Webtop.

Have you ever thought about running a Linux desktop inside of a container? Me neither until I found this awesome project from LinuxServer called Webtops.A webtop is a technology stack that allows you to run Ubuntu or Alpine Linux within a container that is fully accessible from a browser.This allows you to use most Linux features with a container with a fraction of the cost of resources.Join me as we configure one from beginning to end.

📺 Watch Video

Docker Setup

See this post on how to install docker and docker-compose

Webtop

docker-compose.yml and .env can be found here

Files and folders

1
+2
+3
+4
+5
+
mkdir webtop
+cd webtop
+mkdir config
+cd ..
+nano docker-compose.yml
+

Create Webtop container

1
+
docker-compose up -d
+

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/whats-in-the-box/index.html b/posts/whats-in-the-box/index.html new file mode 100644 index 0000000000..6ac011e705 --- /dev/null +++ b/posts/whats-in-the-box/index.html @@ -0,0 +1 @@ + Unboxing YouTube 100K Subs Play Button Creator Award | Techno Tim
Post

Unboxing YouTube 100K Subs Play Button Creator Award

YouTube sent a package.I have a feeling I know what it is, but we’ll all find out live!

📺 Watch Video

Find all of my server gear here! https://kit.co/TechnoTim/techno-tim-homelab-and-server-room-upgrade-2021

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/windows-11-proxmox/index.html b/posts/windows-11-proxmox/index.html new file mode 100644 index 0000000000..ec8d6cd68c --- /dev/null +++ b/posts/windows-11-proxmox/index.html @@ -0,0 +1 @@ + Virtualize Windows 11 with Proxmox the Right Way! | Techno Tim
Post

Virtualize Windows 11 with Proxmox the Right Way!

Windows 11 is here and with it comes new hardware requirements.These requirements not only affect physical hardware but also virtual hardware too.The TPM 2.0 requirement for Windows 11 is shaking the tech community, HomeLab community, and even virtualization too.Well have no fear, today we’re going to virtualize Windows 11 with a virtual TPM chip! We’re going to create a virtual machine according to proxmox best practices and even install a virtual TMP chip so that you can test Windows 11 with your hardware and software before upgrading Windows 10 in your HomeLab or production environment without any hacks!

📺 Watch Video

Windows 11 Download

https://www.microsoft.com/en-us/software-download/windows11

KVM/QEMU Windows guest drivers (virtio-win) download

https://github.com/virtio-win/virtio-win-pkg-scripts

Need to Upgrade to Proxmox 7?

See the guide here

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/windows-developer-setup/index.html b/posts/windows-developer-setup/index.html new file mode 100644 index 0000000000..81e4061e80 --- /dev/null +++ b/posts/windows-developer-setup/index.html @@ -0,0 +1,31 @@ + Setting Up Windows for JavaScript Development THE RIGHT WAY (WSL Terminal NVM Node Yarn VS Code ZSH) | Techno Tim
Post

Setting Up Windows for JavaScript Development THE RIGHT WAY (WSL Terminal NVM Node Yarn VS Code ZSH)

You want to get started developing JavaScript with NodeJS, ReactJS, or AngularJS but you’re not sure how to get started? This is a complete, step by step guide on how to configure your Windows machines for JavaScript development the right way.You’ll learn how to install and configure Windows, the new Windows Terminal, WSL, Ubuntu, ZSH with Oh My ZSH, yarn, NPM, NVM, NodeJS, and VS Code.We’ll also configure our git client for SSH access to GitHub.This is the perfect beginner tutorial for anyone trying to develop software on a Windows PC.

📺 Watch Video

Update Ubuntu

1
+
sudo apt-get update
+
1
+
sudo apt-get upgrade
+

install zshell

1
+
sudo apt-get install zsh
+

oh-my-zsh

Check this site for the command https://ohmyz.sh/#install

It should be something like this:

1
+
sh -c "$(curl -fsSL https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"
+

nvm

Be sure zshell and oh-my-zsh are working before continuing

Check this site for the command https://github.com/nvm-sh/nvm

It should be something like this, but be sure to use the version from the link above

1
+
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.38.0/install.sh | bash
+

If nvm doesn’t work, check this https://youtu.be/kL8iGErULiw?t=507

Close all terminals and all VS Code instances after doing this step

Install Node

1
+
nvm install 12.16.1
+

Install yarn

Be sure nvm and node are working before continuing

Check this site for the latest command https://classic.yarnpkg.com/en/docs/install/#alternatives-stable

It should be something like this, but be sure to use the version from the link above

1
+
curl -o- -L https://yarnpkg.com/install.sh | bash
+

Configure Git

You’ll want to follow this guide for configuring git.Be sure to follow the LINUX version

https://docs.github.com/en/github/using-git/getting-started-with-git-and-github

1
+
git config --global user.name "Techno Tim"
+
1
+
git config --global user.email "your_email@example.com"
+
1
+
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
+
1
+
eval $(ssh-agent -s)
+

Cloning a repo

1
+
mkdir code && cd code
+

Be sure you choose the right repo before cloning, this is just an example

1
+
git clone git@github.com:techno-tim/techno-boto-discord.git
+
1
+
cd techno-boto-discord
+
1
+
yarn
+

Continuing with the bot turotials

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/windows-powertoys/index.html b/posts/windows-powertoys/index.html new file mode 100644 index 0000000000..234e7d1269 --- /dev/null +++ b/posts/windows-powertoys/index.html @@ -0,0 +1 @@ + Use Windows like a Pro! - PowerToys Tutorial | Techno Tim
Post

Use Windows like a Pro! - PowerToys Tutorial

Today we’re going to maximize your Productivity on Windows with Microsoft PowerToys. I’ll show you step-by-step how you can use, customize, and be more efficient when using Microsoft PowerToys.

📺 Watch Video

What are PowerToys for Windows?

PowerToys is a set of utilities and apps that help you enhance the functionality of Windows and maximize your productivity. These tools provide a range of features, shortcuts, enhancements, and various ways to make you more efficient when using Windows. It also has some features that you might have seen in other operating systems but can be enabled in Windows too with PowerToys.

If you haven’t heard of PowerToys or it’s been a while since you’ve looked at all the features, sit back as we go through every utility in the PowerToys suite and by the end of this video you’ll be be a pro, or at least you’ll look like one while using Windows. PowerToys is open source and is being rapidly developed and they are adding new features with almost every release. So hopefully byu the end of this video I will have convinced you to install PowerToys and hit the like and subscribe button. Once installed you’ll have a little icon in your system tray where you can launch individual applications, toggle features on and off, or see all settings for all applications.

To get started, download and install PowerToys.

Always On Top

Always On Top Keep a windows on top with Always On Top

We’ll start with Always on Top. This allows you to pin windows on top of all of your other windows. This is helpful for those times when you want a window to always hover above all other windows, regardless of which window is in focus.

To activate it you press: ⊞ Win+Ctrl+T

This will play a sound and show a border around the window that will always be on top. Now if you try to drag a window on top of this window it will remain on top. You can adjust the color mode for the border and choose any color you like or just stick with your theme’s default. You can also adjust the thickness of the border and choose whether or not you want to round the corners. Finally, you can also choose to enable or disable the sound when activating. You can also choose to exclude apps from pinning on top by entering the process name here. After adding it here, this process will ignore the shortcut to activate Always on Top.

Awake

Awake Keep your computer awake without adjusting your power settings!

Awake is a quick way to keep your computer away without having to adjust any of your power & sleep settings. This is helpful when running demos, conferences, or any other task where you want to be sure that your device doesn’t go to sleep or turn off its screen.

In the settings for this utility you can choose to keep using the selected power plan, which means it will not affect your power settings at all.

If you change it Keep away indefinitely, your computer will stay awake until you explicitly put the machine to sleep or your exit or disable the utility. This also activates the Keep screen on setting, which gives you the option to also keep your screen on too.

If you choose to keep away for a time interval you can choose how long you want the utility to stay in this mode before reverting back to the previous state. Once the timer is up, it will revert back to the default setting.

The last setting, keep awake until expiration allows you to choose a date and time to end awake mode. This is Like the previous setting, after this expires, it will revert back to your previous setting. This is handy if you have a specific date and time you want to end awake mode.

Color Picker

Color Picker Pick a color from any running application using Color Picker!

Next up is Color Picker and this is one of my favorite utilities in Power Toys. It lets you choose a color from any currently running application and you can copy it in a configurable format to your clipboard. Unlike color pickers for browsers, this works system wide and is great for creatives and developers.

To activate the Color Picker press: ⊞ Win+Shift+C

This will activate the color picker window where you can drag your cursor to any item on the screen. You will see a color preview and the color value in a specific format that we can change. To sample the color, just click and it’s on your clipboard ready for you to paste.

We have lots of nice options we can change in the settings for this utility, for example, we can choose what happens when we activate the color picker, we can choose to open the editor, pick a color and open the editor, or only pick a color. I set mine to pick a color and open editor because this gives me a popup after choosing my color where I can choose the one of the supported color formats to choose from. I can copy the value to my clipboard to use it. It also has a history feature on the left where I can choose previously sampled colors which is nice if you use this tool often. If you want to fine tune the color you picked, the editor will also show 2 shades darker and 2 shades lighter in the editor window at the top. If you want to go back to the previously selected color it will be in your history. Also, you can choose to customize the color even more by clicking on the color at the top middle and making adjustments using the slider.

You can also choose the default color formats to choose from and even add your own if you don’t see one of the 3 that come out of the box. I typically only use HEX and RGB in my day tyo day but it’s nice to know you have the option to add more.

Another thing I usually turn on is showing the color name. This is handy if you aren’t great at color recognition and need a way to describe this color to someone else. Just toggle it on, activate the color picker and you will see the name of the color that it matches.

FancyZones

Fancy Zones! Customize your windows layout using FancyZones!

The Windows manager in Windows is ok and is improved in later versions of Windows but FancyZones take this to the next level. FancyZones is a windows manager utility for arranging and snapping windows into custom layouts to help you work the way you want to with your windows and allows you to quickly restore them too. This is one of the most feature rich utilities in the stack so I’ll try to break down the most important parts to get you going fast.

If you’re going to FancyZones I would recommend letting FancyZones override the default Windows Snap that’s built in. You can do this in the settings and toggling on the override settings

Next let’s choose a default layout for our zones.

You can activate this by pressing: ⊞ Win+Shift+`

Here you can choose one of the existing templates or create your own. Let’s choose one of the existing ones for now.

After choosing a template you can now drag a window while holding Shift and you will see your zones appear. As you move the window around you will see zones you can snap this window too. If you want to snap zone 3, just drop it in zone 3 and it will fill this area. You can repeat this for any window you have open.

If you want to do this without using the mouse, you can press: ⊞ Win+left/right

For example if you want to move a window into one of the zones, while the window is in focus press ⊞ Win + right multiple times to cycle through the zones. Once you find the zone you want, just let go of the ⊞ Win key and you’re done!

Once you start snapping windows in the same zone, you might find that you want to switch between windows that are snapped to the same zone, you can easily do this by selecting a window in that zone and then pressing ⊞ Win+PgUp/PgDn. This will cycle through all windows snapped to this zone.

If you want to customize a zone template you can do so by pressing ⊞ Win+Shift+` and then editing your template and adjusting some of the options. You can increase the number of zones, increase the space around zones, and even the distance to highlight adjacent zones which is helpful when trying to merge 2 zones together when dragging a window around.

If you’re not happy with existing zone templates you can create your own by using the Zone Editor

If you activate the Zone picker with: ⊞ Win+Shift+` You will see this button at the bottom that says create new layout. If you click, you can create your own custom zones in either a grid layout that snaps windows into place without overlapping, or canvas which is kind of free form and will allow you to overlap windows.

Now there are many more customization options in the settings like changed colors, multi monitor support

File Locksmith

File Locksmith! Unlock those pesky locked files using File Locksmith!

File Locksmith is a nice little utility to help you know which files are in use and by which process. This is really helpful if you are trying to figure out which application is locking a file. For example if I right click on this folder and select “What’s using this file?” it will check to see if any of the files in this folder are being used. We can see here that I have a document opened with Word, Excel, VSCode, and even explorer. I can expand the details of each and see what the specific files are. I can even end the task from here, killing the process and removing the lock. Just be careful if you end the task, it will kill all instances of it.

File Explorer Add-ons

File Explorer Add-ons! Make Windows Explorer more useful with these add-ons!

This File Explorer add-on utility adds some additional functionality to Windows Explorer. The first setting allows you to preview additional file types in the preview pane on the right. To toggle on the preview pane you can press Alt + P. With this setting toggled on you can now see previews for SVGs, Markdown, Source code files, PDFs, and gcode files. The other setting with this the File Explorer add-on utility allows you to see more thumbnails inside of explorer when browsing your file system. This can be handy if you work with these types of files, letting you easily see a preview of the file before opening.

Host File Editor

Host File Editor! Never make a mistake again editing your host file with Host File Editor!

The Host File Editor utility allows you to quickly make changes to your host file. Your host file is the first place Windows looks to resolve IP addresses and although not common unless you are in IT, you might have some non standard items in this list. The host file editor makes it easy to edit this file without making mistakes. You’ll want to be sure that most of the settings are at default in order to get the most out of this utility and that’s “launch as administrator”, “show a warning at startup”, “top being the position of additional content”, and the encoding being “UTF-8”. You can then launch the host file editor and quickly add additional host entries without having to edit them manually. You can add comments, toggle them on and off, reorder entries moving them up and down, run a test ping, and even see the original host file by clicking on this button.

Image Resizer

Host File Editor! Bulk resize images with Image Resizer!

Another great feature of Power Toys is the image resizer. The image resizer lets you bulk resize images just by right clicking and then choosing “Resize pictures” This will pop up some options where you can choose the output for the resize. There are some presets that you can adjust in the settings but the default options are best. After choosing your size and clicking resize, Windows will batch convert all of them files for you. By default it will make copies so it’s safe to run, but this can be changed easily when resizing your files. There are also more settings you can choose from in the image Resizer settings. Still waiting on that webp option.

Keyboard Manager

Keyboard Manager! Take control of your keyboard mapping using Keyboard Manager!

The Keyboard Manage is a nice little utility that allows you to remap your keys on your keyboard. This is handy if you have an odd keyboard or want to customize some unused keys. For example if we want to remap a keep that is rarely used, at least form, like the CapsLock key, we can easily do that by opening the utility and then either selecting or pressing our physical key of CapsLock and then selecting or typing the key you want to map it to. I chose to enter. When saving you will see a warning about CapsLock no longer being mapped but that’s ok since I never use it. You’re free to remap this if you like. After saving this, you can now see that my CapsLock key is working just like my Enter key! Well, looks like I can’t yell at anyone on the internet anymore, so let’s un do that. JK

You can also remap shortcuts if you like. If we wanted to remap the control + c shortcut to control +v in chrome only, we can do it like this. This will now override the copy function with the paste function only when in chrome. Confusing, but it works great.

Mouse Utilities

Mouse Utilities! Get some help for your cursor with Mouse Utilities!

Mouse Utilities is another one of my favorite Power Toys in this suite. It is a collection of features that enhance the mouse and cursor functions on Windows. It has 4 different features, the first being FInd my Mouse.

Find My Mouse highlights the position of the cursor when you press the left Control key twice. This is helpful if you can’t find your mouse or even when giving demos to emphasize an area in your demonstration. I use this quite a bit to help viewers focus on what I am focusing on. You can change many aspects of this spotlight and animation, making it just the way you like. You can even change the activation method so if you don’t like pressing left control twice, you can just shake your mouse until it activates.

The next is Mouse Highlighter, this will highlight left and right clicks of your mouse. You can activate it by pressing ⊞ Win+Shift+H. Once activated left clicks will be the default color of yellow and right clicks will be the default color of blue. If you want a different color or experience all of these can be adjusted in the settings.

The next is Mouse Jump. You can activate it with ⊞ Win+Shift+D and then it will show you a screenshot of your desktop. If you click on an area in the image, it will jump your cursor to the location that was clicked. This is great for large monitors where you need to travel great distances. Maybe one day I will have a monitor with a resolution this high to where I need something like this.

The last one in Mouse Utilities is Mouse Pointer Crosshairs. If you activate this with ⊞ Win+Alt+P it will draw crosshairs centered on your mouse pointer. You can adjust any of the settings for the crosshairs in the Appearance & Behavior section.

Mouse Without Borders

Mouse Without Borders! Remote control up to 4 machines using one mouse and keyboard with Mouse Without Borders!

This is by far one of the coolest features of Power Toys and probably the most complicated. Mouse Without Borders allows you to control up to 4 computers from the same machine with only one keyboard and mouse. Think of it like extending your desktop across multiple machines but you can remote control all machines from all machines. This will make more sense in a bit. You’ll need at least one additional machine with Power Toys installed. Once you have Power Toys installed on all machines, be sure that Enable Mouse Without Borders is turned on.

On the first computer, select New Key to generate a new security key so you can securely connect. Then on the second machine enter the Security Key that was generated on the first machine and enter the first machine’s name. Then select connect. You will then see both machines appear in the device layout. You can rearrange them here to match their physical layout. Now you can switch between each computer by just moving your mouse cursor to the edge of the screen and it will transition between computers! You can add additional computers by repeating this process! Another cool thing I learned is that you can also go the other way too and control your primary machine from the secondary, just start moving the mouse over the shared edge and it will jump back to your main machine!

There are lots of settings and features that you can play with, but some worth mentioning are: sharing the clipboard between machines. This is allows you to copy text from one machine and paste it into another and Copying files between machines. Files less than 100 MB can be transferred too! This is as simple as copying a file and then pasting it. You will see the file transferred using the clipboard. Pretty cool! If you ever want to disconnect from other remote machines, you can simply generate a new key and the others will drop.

There are additional settings, keyboard shortcuts, and even a troubleshooting section that I encourage you to explore once you’ve set this up.

Paste As Plain Text

Paste As Plain Text! Remove all formatting when copying and pasting text with Paste As Plain Text!

Paste as plain text is just what it sounds like, it will paste text as plain text without the additional formatting. This is super helpful when you are copying something from the web and pasting it into a document. To fix this all you need to do is enable Paste as Plain Text in Power Toys and then when pasting just ⊞ Win+Ctrl+Alt+V and it will paste your text without the formatting.

Peek

Peek! Get a quick preview of your files without switching context with Peek!

Peek is a nice little utility that lets you preview a file without opening it up and without scaling up explorer. To use Peek, be sure it’s turned on and then select a file in explorer and press Ctrl+Space. THis will bring up a preview window where you can check out the file and even arrow through files if you have multiple. Then to close just press the same keys Ctrl+Space and it will close the preview.

PowerRename

PowerRename! Rename multiple files like a pro with PowerRename!

PowerRename is another one of my top used Power Toys. It’s a bulk renaming tool that has a ton of flexibility for managing file names in bulk. To use it, be sure it’s enabled and then select a group of files you want to rename and right click. From there you will see the PowerRename option. After clicking it you will see a new interface that will help you rename files along with a preview. You search within a file name for specific text and even use regex if you like. You can then add text to replace the found text. You can apply it to extensions, files, folders, and sub folders. You can also shift the case to lower, upper, title case, or capitalize each word. You can even enumerate each item, basically giving them a numeric suffix. One other cool thing you can do is use variables in the file name. You can see a list of variables by licking the info button. From here you can click variables and it will add them to the text to replace. Once you are satisfied with the text, you can apply it and it will batch rename all of your files!

PowerToys Run

PowerToys Run! Quickly launch applications, do calculations, and more using the missing app launcher for Windows, Run!

PowerToys Run is one of those features that once you start using it’s hard to go back to the old way of doing things. It saves so much time and you look cool doing it too. PowerToys run is a quick launch utility that when pressed will allow you to launch applications, do calculations, even search the web just by typing and it’s way faster than the start menu.

To launch PowerTypes Run press: Alt+Space

From here you can do simple things like launch applications. If you want to launch Chrome just type “chrome” then hit enter. Easy enough. You can also search for files, settings, and even the web. You can also do some advanced searches using plugins. For example if you want to do calculations, you just type in the expression and it will compute it and if you want to copy the value to your clipboard you just hit enter. If you want to base64 encode something you can just type #base64 abcdef and see the value and hit enter to copy it to your clipboard. If you want a guid, just type #guid and it will generate one for you. There are lots of plugins you can explore in the settings or toggle off if you don’t plan on using them. Definitely worth checking out all of the available settings you can change if you’re going to use this feature. Super powerful, super cool.

Quick Accent

Quick Accent! Never misspell jalapeños again with Quick Accent!

Quick Accent is a quick way to type accented characters, this is especially useful when using a keyboard layout that doesn’t support the specific accent.

For example on a US English keyboard layout there isn’t an easy to type “ñ”. This makes it hard to type jalapeños. But don’t worry, with the Quick Accent power toy it’s super easy to do. After enabling Quick Accent you can activate it by pressing the key you want to accent along with space. Here we’ll hold N while pressing space. Then you can keep pressing the spacebar to cycle through the different characters. Once you find the one you want, just let go of the N and it will insert it. If you want to insert “ö” in German, you hold O, and tap spacebar until you find it, then let go of O. There are many settings you can change, especially the activation key if you want to switch from using the spacebar.

Registry Preview

Registry Preview! Get a visual preview of Registry files using Registry Preview!

Registry preview is a quick little utility to visually preview registry changes. If you’ve ever opened a registry file with a text editor, you know the struggle of trying to validate these files, especially when editing. Registry Preview makes that a little easier. After opening Registry Preview you’ll then want to select a registry file to open. On the right you can see a preview of where this key lives in your registry along with any of the values. If you want to edit this file, you can on the right. Once edited you can save the file and then reload the file and you can then see the changes in the preview window. If you’re satisfied with these changes you can write them to the registry. You can also use the “Open Key” button to open the registry editor directly to your key. A word of caution, only edit the registry if you know what you’re doing.

Screen Ruler

Screen Ruler! Measure pixels anywhere with Screen Ruler!

Screen Ruler is a PowerToy that’s not only helpful if you’re a designer or developer, but it’s also super fun to use! Screen ruler helps you measure the pixels on your screen based on image edge detection. You can activate it with ⊞ Win+Shift+M and then from here you can choose your measure style.

Bounds will create a bounding box where you can click and drag your mouse to measure the pixels in the box you draw. You can also hold Shift to have your boxes persist until you cancel your selections.

Spacing Will measure both vertical and horizontal pixels at the same time as you move your cursor around the screen. Horizontal and Vertical measure will do the same but only measuring one at a time. You can cancel any of these at any time by clicking the X or just hitting escape. There are a handful of options you can configure if you want to in settings.

Shortcut Guide

Shortcut Guide! Forget what a Windows keyboard shortcut does? Check it quickly with Shortcut Guide!

The shortcut guide is a nice little utility that shows common Windows shortcuts in an overlay. You can activate this by pressing ⊞ Win+Shift+/ or ⊞ Win+Shift+? If you’re looking for the forward slash. From here you can see all of the items you can lunch by pressing the ⊞ Win + the key you see on the screen. For example, it says the emoji panel can be opened with ;, so all we need to do is press ⊞ Win+;. Feel free to explore the other shortcuts on the screen.

Text Extractor

Text Extractor! Extract text from any image using Text Extractor!

Text extractor is a great utility to extract text from any image and copy it to your clipboard. It uses OCR to do this and it actually works pretty good. THis is great when you want to quickly grab text from an image or a screenshot. To activate it all you need to do it press ⊞ Win+Shift+T and then with your crosshair select the area that you want to extra text from. After selecting it will be copied to your clipboard where you can paste it. The text extractor can only extract languages that have the OCR language pack installed, so if you need to install additional languages I’ll have a link in my documentation on how to do that.

Video Conference Mute

Video Conference Mute! Take control of your microphone and camera during conferences using Video Conference Mute!

Now this PowerToy is in legacy mode meaning they won’t release any updates to it but it’s worth mentioning because it’s still available. I wouldn’t be surprised to see this go away since Windows is starting to support this natively without this Power Toy. Anyway…

First you’ll need to be sure you run Power Toys as Administrator. You’ll need to close it first, then right-click and run as administrator. After you do this and visit the Video Conference Mute section you will see shortcuts for muting the camera and microphone.

To mute both your camera and microphone you can press ⊞ Win+Shift+Q and you will see a little bar appear that shows that both are muted. You can press this combination again to toggle them both on. To toggle just the microphone you press ⊞ Win+Shift+A and to toggle the just the camera it’s ⊞ Win+Shift+O. If you want toi mute your microphone and toggle it only when you want to speak, you can use the push to talk feature by pressing ⊞ Win+Shift+I. This will unmute your microphone when you are holding this combination of keys. Again, this is a legacy feature that I personally don’t use but I want to cover it for completeness.

Conclusion

I hope you can see how powerful the Windows Power Toys are and how they can help you be more efficient at using Windows. There are so many useful utilities in this suite and more being added with each new release. I learned quite a few new shortcuts, and new ways of working on Windows, and I hope you learned something too! And remember if you found anything in this post helpful, don’t forget to share!

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/windows-terminal-wsl/index.html b/posts/windows-terminal-wsl/index.html new file mode 100644 index 0000000000..efb8ac0fde --- /dev/null +++ b/posts/windows-terminal-wsl/index.html @@ -0,0 +1 @@ + Windows Terminal and WSL Config Fast, Simple, and Easy Guide | Techno Tim
Post

Windows Terminal and WSL Config Fast, Simple, and Easy Guide

Lots of people ask which terminal I use on Windows and how I configure it.It’s pretty simple, I use the Microsoft Windows Terminal and it’s a fantastic terminal on Windows.It is free and open source.With Windows Terminal, you can install and configure different environments for Windows and Linux.You can choose between Ubuntu or any other WSL 1 or WSL 2 (Windows Subsystem for Linux) environment along with the typical PowerShell and cmd.In this fast, simple, and easy tutorial we’ll set up the Windows Terminal, install WSL, then install Ubuntu, and configure Ubuntu with ZSH (zshell) and oh my zsh (0h-my-zsh).Then, you’ll know exactly how I configure my Terminal on Windows.Bonus Now all your copy pasta commands will work on Windows, macOS, and Linux!

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/wiregaurd-setup/index.html b/posts/wiregaurd-setup/index.html new file mode 100644 index 0000000000..b984d5373b --- /dev/null +++ b/posts/wiregaurd-setup/index.html @@ -0,0 +1 @@ + Meet WireGuard, the new hotness in VPN... | Techno Tim
Post

Meet WireGuard, the new hotness in VPN...

Self hosting a VPN has traditionally been hard to set up and we’ve had very few options.That is until WireGuard came about. WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography.It also supports running inside of a Docker container and that’s exactly what we’ll be using in this tutorial!

📺 Watch Video

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/zimablade-review/index.html b/posts/zimablade-review/index.html new file mode 100644 index 0000000000..3928b6fae7 --- /dev/null +++ b/posts/zimablade-review/index.html @@ -0,0 +1 @@ + Introducing the ZimaBlade! - An affordable Low Power Single Board Computer! | Techno Tim
Post

Introducing the ZimaBlade! - An affordable Low Power Single Board Computer!

Introducing the ZimaBlade, an affordable, low power, single board computer that’s great for a home server, homelabs, tinkering, NAS, retro gaming, or even a dual boot desktop system like me.

📺 Watch Video

Disclosures:

  • I was not paid
  • Ice Whale provided ZimaBlades and accessories for testing
  • I bought everything else with my own money

Intro

ZimaBlade among others ZimaBlade stands out

Every so often a device comes into focus that’s a little different than the rest. It looks familiar yet different. It stands out among the others in the sea of familiar devices and once you use it and hold it in your hands you understand why it’s different and why that matters. This is the ZimaBlade, a single board computer from Ice Whale. It’s the second device we’ve seen from them and it’s much different from their first device, the ZimaBoard. There are a few features that make you think that this might be a successor to the ZimBoard, but there are many others which show that the ZimaBlade can stand on its own as a new product in their lineup. Today I am taking a look at the ZimaBlade and discussing some of my thoughts around this device, how it compares to the ZimaBoard, and some of the interesting quirks I found that you might be interested in.

Unbox Experience

ZimaBlade looks like an 80s walkman ZimaBlade looks like a Walkman from the 80s, and that’s a good thing

Upon opening you can’t help but notice the cyber punk theme on the packaging and the device. I am a fan of this design and it fits right in with the renegade, self-hosting, cyber native vibe they are going for. Next, they chose to make the case transparent, which again plays well with the theme they have going and gives this device some character. And last, how much it looks like a Walkman from the 80s. Now that’s not a bad thing, Walkmans had a ton of style, came in all shapes and sizes, and was an icon in 80s culture. But I digress.

Hardware Specs

ZimaBlade hardware ZiaBlade without its case

The ZimaBlade comes with either an Intel Celeron J3455 Quad core Apollo Lake processor or an Intel Celeron Dual core processor depending on which model you choose.
This CPU supports AES NI for encryption, VT-x for virtualization, and VT-d for directed I/O or hardware passthrough.

This processor is paired with the Intel integrated HD 500 graphics processor which is clocked at around 700 Mhz. This chip also supports QuickSync and a handful of other features that help ensure that video playback is smooth as well as enough processing power to do some lightweight retro gaming. You output the video with this mini display port that supports up to 4k at 60Hz.

It has a SODIMM slot that supports up to 16 GB of DDR3 RAM which is removable and not soldered on. As far as storage goes it has 32GB eMMC for storage and dual SATA 3.0 ports for connecting additional drives if you choose to do so.

It has a 1 Gb ethernet port and as far as USB goes it has one USB A 3.0 port and one USB C port that supports power, data, and display.

The back of this case is also aluminum alloy that is fused to the heatsink which will help dissipate heat without a fan,

Last but not least is this bump you see here and that’s the PCIe 2.0 x4 slot. This slot is what made the ZimaBoard unique, was not only creating an x86 single board computer but also including a PCI slot to connect devices that you can’t use on other mini PCs, laptops, or similar devices without using a Thunderbolt enclosure. And as you can see the ZimaBlade also gets this slot.

This slot can be used for almost any PCIe device you can think of that can fit into a 4x slot and doesn’t require external power. This includes things like 10g network adapters, 2.5g network adapters, additional USB ports, WiFi 6 adapters, additional SATA ports, NVMe adapters, cards and for AI and ML.

First Boot experience

ZimaBlade in side of its case ZimaBlade with its case, showing off some of its ports

After installing the RAM and plugging in the device you will boot into Debian Linux which comes preinstalled. You can sign in using the username and password of casaos. You’ll want to change this as soon as possible and update your system.

You might want to grab the IP too because you’ll need it to get into the CasaOS web UI that also comes preinstalled. CasaOS is an open source management interface to help you install over 50 docker apps with a single click along with supporting any other docker image you can find. It makes setting up a NAS with Docker apps a snap and great for a beginner although if you’re already familiar with other open source NAS solutions you might be missing some features when evaluating CasaOS.

If you’re interested in a deeper dive into what CasaOS is, I’ve done a video on 20 different projects you can run on your ZimaBoard and now ZimaBlade, including CasaOS.

One thing that was mentioned in the instructions, yes I read them, if you go out to you can easily find your Zima device by clicking this button. Now this didn’t work for me even though my devices were on the same network but that might be because this feature isn’t ready yet.

You’ll also see that they have released Windows and Mac clients too. After downloading and installing these clients you’ll notice that it also installs ZeroTier. Again, there isn’t documentation on this stuff yet because it’s pretty new but it looks like they might allow you to connect to your Zima device easily over the internet no matter where you are and if you have an edge connection or not. This might be for the upcoming ZimaOS that I peeped on their Github. Oh and if you’re worried about the code or client that’s running, all of this is open source and on GitHub so you’re free to check it out if you don’t trust it.

My Workbench Testing System

A mini pc doesn't usually have support for PCIe PCIe connectivity is often not found on mini PCs

The nice thing about this hardware being open is that you are not locked into how the vendor wants to use it. If you don’t like Debian or CasaOS, fine, just wipe it and install whatever you like. Want to build your own NAS using OpenMediaVault or TrueNAS, go for it. Just get a bootable flash drive, install it, connect a couple of drives and you’re good to go. If you do go this route I would recommend picking up the NAS kit that includes this dual 3.5” storage drive stand and a special Y SATA cable that helps you connect and power 2 additional drives. And just like that you have a NAS…. or do what I did and create a dual boot Windows and Linux system!

I use both Windows and Linux a ton on my workbench and I always find myself toggling back and forth when testing hardware. Plugging in When I saw the ZimaBlade had a case for 2 additional drives I knew right away that this is how I was going to use it. I grabbed a few old SSDs out of my drawer, picked up a couple of cheap 3.5 to 2.5” drive adapters, installed the drives, and then connected them all with this Y SATA splitter and it was ready to go.

Installing a dual boot system on this was relatively easy however I’ve had some experience with this in past and I even did a video on it, but if you’re interested on how to do this I will have a link to my documentation that will explain exactly how to do dual boot with a ZimaBlade.

Now when booting I can choose Windows or Linux when booting up. You can see that this little quad core processor is working its tail off during the boot process but it tapers off after a few seconds. The integrated intel video card works decent enough for watching videos and I assume it works fine too for retro games but this is just enough for what I need to test out hardware and flash and wipe drives.

Windows boot, showing GPU and CPU metrics This device can boot into Windows 11 and play videos, no problem!

On the Windows side it’s using anywhere from 6-10 watts of power after signing in and letting the machine sit for about 5 minutes to ensure that most sign in tasks were complete. This variance we see here is due to a lot of the background tasks that run on Windows and a little bit for the task manager.

When launching the default browser of Edge and playing a video on YouTube we can see the power usage jump from 10–18 watts. The other thing when looking at the task manager is that the integrated graphics have kicked in to decode the video. If we look at the stats for nerds there were only a few dropped frames and most of them were when starting the video and resizing the window to full screen.

Linux boot, showing GPU and CPU metrics It’s no surprise that this also works with Linux! (Ubuntu 23.10 shown in picture)

The same goes for Linux, when booting this Ubuntu 23.10 machine the machine I can choose Linux from the GRUB menu and boot into Ubuntu Desktop and as you can see the CPU and resources taper off after a few seconds and everything runs smoothly. Power usage after letting the machine sit for about 5 minutes is anywhere between 5 - 7 watts, again the variance is due to background tasks and System Monitor. Playing a YouTube video with the default browser of Firefox we can see the power usage jump from 11 - 17 watts. System monitor doesn’t report GPU status so I installed intel gpu utilities and was able to see the intel video card decoding the video.

One of the things I use this for most often is flashing SSDs and wiping and formatting drives. These two things are pretty cumbersome to do without physically plugging them into a system via SATA, PCIe, or Thunderbolt. Each of these solutions take up a lot of space or require additional hardware requirements. I found that having an “open air” PCIe slot on this machine makes it super simple to test complete any of these tasks, and with a small footprint. And this is just one of many possibilities with the ZimaBlade because at the end of the day, it’s really just a mini desktop.

My Thoughts About the ZimaBlade

ZimaBlade in white The engineering sample came with a white PCB, let’s hope it sticks around

I do have some thoughts after using this for a couple of days. Overall it’s great and hard to complain about something when there’s so much to like.

I think my biggest gripe has been power. I went into this thinking that I can use any USB C power adapter since it supports Power Delivery 3.0. Turns out that this is a 12v Power Delivery 3.0 power supply and I couldn’t find any power adapters here at home that supported it, not my Macbook charger, an Anker charger, or even this no-name charger. This really isn’t a big deal however if I used one of my existing adapters, it seemed to also do something weird to the device to where I had to reset the CMOS a few times. I reached out to IceWhale and they pointed out that I needed to use a Power Delivery 3.0 12v/3a power adapter like the one that is included. I 100% agree that the provided adapter works but USB C Power Delivery 3.0 with 12v/3a is less common in North America with a lot of power adapters, at least the ones I have access to. IceWhale did say that they were going to try to make it compatible with more adapters before production so we’ll see. Moral of the story is just use the adapter they ship and you’ll be fine, which means you might want to buy their power adapter to be sure. When using the correct power adapter with a USB C hub, everything worked fine including USB, HDMI, and power delivery.

Another small gripe is that you can’t see the power LED when you have it in the case. The only reason I am bringing this up is because I had to check the LED over and over when figuring out the previous issue related to power. Not a big deal but one little hole or clear cutout in the case would go a long way.

While we’re on the topic of LEDs it would be nice to have a pair of lights for the NIC for status and activity and also I noticed that the HD activity light doesn’t flash for eMMC. Again, not deal breakers, just nice to haves.

Also a small power button would have been awesome. I still feel odd pulling out the power to reset or power down this machine. I did check for pins and I could only make out the reset switch. It would be great to add these pins to the documentation, I am sure others will ask about this if they haven’t already, and everything else is documented nicely in the booklet that shipped with the device.

Oh, and they sent me 2 devices, one was an engineering sample with a white PCB and one that is closer to the final product which has a black PCB. Honestly I love the white PCB model even though I am a huge fan of dark mode! This white PCB just makes it feel more SciFi and futuristic and really makes all of the componentry pop. I dunno, what do you think? Light Mode PCB or Dark Mode?

ZimaBlade with device dangling Hopefully some printed caddies or the like make their way into the ecosystem

Also, it would be cool if there were some sort of printable adapter to prop up your PCIe devices when they are plugged in. When you aren’t using the 2 drive base stand it’s easy to prop something under it, but when it’s dangling about 6 inches up it’s kind of scary. A printable tray or stand that could hook into the existing stand would go a long way. You could even sprinkle in some of the Cyber Punk designs from the device.

OK it sounds like I am nitpicking now but these are just small things that I think would really put some polish on this device.

It’s hard to complain when there’s so much to like about this $64 board. I know that it has an older CPU in it, along with DDR3, and the PCI is only 2.0, but considering the cost and what I will use it for I would rather keep the cost down than pay for features I personally won’t use.

And I think that’s the goal of this device as stated by IceWhale:

“The ZimaBoard was built on top of a relatively expensive ($120-$200) x86 single-board computer compared with the popular Raspberry Pi. Since most people can’t afford such expensive hardware without knowing what exactly it can do, we decided to create something better suited for the broader cyber native – something that is cheaper, smaller, and easier to use and carry around.”

If this is something you want to support, check out the links for more information:

Well I learned a lot about the new ZimaBlade, Power Delivery over USB C, Dual Booting Windows and Linux and I hope you learned something too. And remember if you found anything in this post helpful, don’t forget to share!

Join the conversation

Where to Buy

ZimaBlade:

ZimaBlade Accessories:

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/posts/zimaboard-projects/index.html b/posts/zimaboard-projects/index.html new file mode 100644 index 0000000000..5b71ea3e68 --- /dev/null +++ b/posts/zimaboard-projects/index.html @@ -0,0 +1 @@ + 20 Home Server Projects You Can Start TODAY - CasaOS + ZimaBoard | Techno Tim
Post

20 Home Server Projects You Can Start TODAY - CasaOS + ZimaBoard

I’ve had a ton of fun setting up and configuring a ZimaBoard and CasaOS over the last few weeks! While CasaOS is a great fit for your Home Server projects, I also decided to walk through over 20 other home server projects you can start today. These projects are for everyone, from the beginner, to the tinkerer, to the hardcore enthusiast! Thanks to ZimaBoard for sending this device!

📺 Watch Video

Where to Buy

Check out ZimaBoard today!

See the whole kit here! - See the entire Kit https://kit.co/TechnoTim/zimaboard-project-kit

(Affiliate links are included in this description. I may receive a small commission at no cost to you.)

What is a ZimaBoard

The ZimaBoard has been out for a little while now but I thought it would be a great time to check in and see how it’s doing, along with the open source project CasaOS which ships with every ZimaBoard. I also wanted to share with you lots of projects you can start today with a ZimaBoard in case you need some inspiration for your tech projects. I’ll cover some of the easy or “beginner” projects that don’t take a lot of work to get going, then we’ll cover some of the projects for the Tinkerer, and then those projects for the hardcore weekend warrior tech types. But first, what is a ZimaBoard?

Hardware

The ZimaBoard is a self proclaimed “World’s First Hackable Single Board Server” Which means that it’s a complete functioning computer built on a single board circuit and while most don’t have expansion slots, this one actually does. The ZimaBoard comes in 3 varieties, the 232 has an Intel Celeron N3350 Dual core CPU, 2G of RAM, the 432 which has quad core Intel Celeron N3450 CPU with 4G of RAM, and the 832 which has the same Quad core Intel Celeron N3450 but has twice the RAM of the 432 for a total of 8GB of RAM.

ZimaBoard Introducing the ZimaBoard!

Outside of those differences each ZimBoard comes with 32 GB eMMC storage, 2 SATA ports for disk drives, 2 Gigabit LAN ports, 2 USB 3.0 ports, and what makes this different than most kits you see out there is the PCIe slot that you can connect PCIe devices to, but more on that later.

It also has a mini display port that can output up to 4k 60 and has a TDP of only 6 watts.

ZimaBoard Front It has a mini Display Port, (2) 1 Gbs NICs, (2) USB 3.0 Ports, and 12v power

A few other things you might be interested in if you are a geek like me is that the CPU supports Intel VT-x for virtualization, VT-d for hardware passthrough, AES-NI for encryption, and video transcoding, all which will come in handy with some of the projects we’re going to talking about today.

Beginner

So first, we’re going to start with the “beginner” projects, but don’t be fooled by the name, this doesn’t mean that these projects aren’t technical, it just means that they take very little to get started. We’re going to start with one of the best uses for your ZimaBoard and that’s CasaOS.

CasaOS

CasasOS comes preinstalled with your ZimaBoard. CasaOS is an open source service, I’ll say and not necessarily an OS, it’s installed on top of Debian and many other Linux distributions but I still think that name is fitting. It’s software that focuses on delivering simple personal cloud experiences around the Docker ecosystem, and I think they’ve done a great job on delivering on that promise. You can launch it from the desktop on your ZimaBoard or you can simply connect to it from a web browser on your network.

You’ll be greeted with a dashboard and a few widgets. We can see the time and date, our system status including CPU and RAM usage, our storage along with any additional connected drives, and our network status where we can toggle between our two network adapters. We also get a built-in search bar where we can search using our favorite search engine.

There are two things you’ll be using this dashboard for:

  • Installing and managing apps
  • Managing the file system including shares.

Apps

If we launch the app store and take a look, we can see lots of applications that we can choose to install. The nice thing about CasaOS, is that every app you see here can be installed and configured with a single click. That means no messing with ports, account names, volumes, or any of the other typical things you have to do when installing Docker containers. Also, you don’t even need to know what a Docker container is. You can almost treat this as an app store without knowing any of the implementation details. Some of the apps included in the app store are:

  • PiHole for network-wide ad blocking
  • Plex or Jellyfin a media server
  • Home Assistant for home automation - Nextcloud for a Google Workspaces like experience

and many others that will help you build up your own little personal cloud in no time!

CasaOS CasaOS is a nice little open source service to run on your ZimaBoard and more!

And if you can’t find the application you want in their app store, you can also run any Docker container you like by using the custom install feature in the app store and then either filling out a form, or using the import feature to paste the docker commands, Docker compose file, or appfile (which is an export you create to share with friends from your own apps). Importing configs will fill out the form for you. It’s kind of hit or miss if all the settings will be imported properly so it’s worth a look to make sure they are right.

Once these apps are installed, if they have a web management page we can simply click on the app to launch it and configure it from there.

Files App

The other place where you’ll probably spend a lot of time is in the Files “app”. This app is a super elegant way to manage files and share and I think it’s one of the cleanest web file management UIs out there, not only because it looks good and is fast, but also because it makes sharing files super easy, let’s take a look…

Files App The Files app is a nice way to manage your files!

After launching the files app we can see a default storage location for our media and documents and from here we can upload, download, and manage files if we like and it even has a built-in file previewer for different file types. If you want to share a file from here, you can simply share the folder from the menu, and then open it from any machine on your local network. That has to be one of the simplest ways of sharing files I’ve seen. If you want to see all your shares you can simply click on this share icon at the bottom and it will list all of your shares.

Since we’re talking about sharing and we’re down here in the bottom left, we should talk about the FilesDrop feature. This is a cool feature similar to AirDrop for Apple devices, except it works on the web and with any device that has a browser.

Let’s say for instance we are on our Windows machine and want to share a file with our phone. Instead of transferring the files through Google Drive and uploading and then downloading them on our phone we can simply do it all through CasaOS. If we click on the FilesDrop button it will launch a new experience where it shows my machine (the Windows Chrome machine) and then any other device that connects to CasaOS and visits this page will also show up here. When I connect my phone you should see another icon pop up. (It says macOS Chrome but should say iOS Chrome but that’s not important.) From my Windows machine I can click on my phone icon and then choose files I want to send to it. If I want to send this photo right here, I choose it, and then on my phone I will get a prompt to save it, I can then save it to my phone! I can also go the other way and upload files from my phone back to my machine, all without the cloud and from any device that has a web browser!

FilesDrop FilesDrop is like AirDrop, but for any machine with a browser and only uses your local network connection!

One other feature that you might be interested in when using the Files app is the availability to connect cloud storage. If we click on the plus we can add a Dropbox account, Google Drive, or even another network share on our local network. This feature is really cool for connecting and transferring things from your Google Drive to your own cloud or vice versa. This is also helpful for migrating to or from the cloud and could be even more useful if one day you can back up your data from CasaOS to one of these locations.

Another thing you might be interested in is the storage feature. This feature is limited but allows you to add additional drives to your ZimaBoard in a snap. You just open the storage manager, and click create storage. You’ll get a prompt asking you if you want to add this device and that it will erase all contents from the device. Once it’s created you will see the device in the files app and you can use it for additional storage. There’s also this new merge storage option that will merge all of your storage into one, which seems like a simple way of expanding your storage but this also means that if one drive dies you might lose all of your data. I did enable it and it does exactly what it says, it merges multiple drives into one using mergefs. It’s also pretty easy to undo this too.

Storage manager You can add and wipe additional drives, and even merge them if you want!

Now don’t let the simplicity of this UI fool you, you can still do some advanced things from the web dashboard like access to logs, access to a terminal, as well as the logs from each individual docker container and the ability to exec into them. All in all, I think CasaOS is probably one of the best projects for this ZimaBoard.

Operating Systems

The next project I can see people using this for is installing and running operating systems. Windows and Linux run fine on a ZimaBoard and I’ve tested it with Windows 10, Ubuntu Desktop, and Ubuntu server and I am sure many other distributions will run on this board because at the end of the day it’s a x86 intel based system. You won’t have any issues getting or installing drivers because it’s running on Intel hardware. Most things will be plug and plug and play and if you are going to go this route I would recommend picking up a USB hub and a solid state drive for additional storage. Then, you can run or test your software on this tiny little package. It does output to 4k 60Hz so it will look great on your display though it will start to push the limits on what you can do with this little board. Office apps, web browsing, watching video are all fine, anything outside of that and you might need a little more power. You could even dual boot Windows and Linux with 2 drives either by connecting 2 drives or by swapping them each time you want to boot but that’s starting to get into some of the more advanced use cases, and more for the Tinkerer.

Ubuntu Desktop I’ve tested on Windows 10, Ubuntu Desktop, and Ubuntu Server and all run great!

Tinkerers

This next group of things you can do with your ZimaBoard is dedicated to the Tinkerers. These are folks who aren’t afraid of running Linux headless, know their way around a terminal, know how to exit VIM (first make sure you are not in edit mode and that you are in command mode and then press :quit, but if you’ve made changes… nevermind, you get the picture)

The first thing I would recommend running on a ZimaBoard for this group is Portainer. Portainer is a great UI to run all of your containerized applications, some of the same applications we talked about earlier like Plex, Jellyfin, Nextcloud, and many others. This gives you a lot more control over which OS you run and which applications you run and you can keep it as minimal as you want, saving on resources. But with that comes a little complexity. But you’re a tinkerer, right?

Emulation Station

Another quick project that sounds like a ton of fun is Emulation Station which is the same software that Retro Pi is based on. Just install your OS, Windows or Linux, and then install Emulation Station and your emulators, connect to a few controllers and you are good to go. The ZimaBoard has all of the rest of the hardware you need to play retro games and is compact enough to bring with you on a road trip.

ZimaBoard with retro controllers You can easily build out an Emulation Station with a couple of USB powered controllers!

Other uses for a ZimaBoard include some projects that I will definitely use this for and these are diagnostic and troubleshooting projects.

Diagnostic & Troubleshooting

First is a disk wiping station. Having a dedicated little machine to securely wipe disks that I am no longer using is welcomed because my current solution is using an old janky PC. Having something this small and dedicated to wiping disks just makes sense after you use it. I can just boot to killdisk, start a wipe and walk away.

Disk wiping station You can easily connect HDDs and SSDs for a disk wiping station and more!

Another thing I use that old janky PC for is updating firmware on devices, especially SSDs. This is usually the case when building new systems or replacing drives in existing systems. I can even do the same for NVMe drives with this PCIe adapter.

Connect NVMe Drives You can also connect NVMe drives with this adapter

Another thing I do with that old janky PC (sorry old PC) is clone disks. I use CloneZilla every now and then to backup or clone hard drives from one to another. CloneZilla has been my go to for years either backing up and restoring images over the network or doing a disk to disk clone. If you’re doing a disk to disk clone you will need to pick up this special Y adapter that lets you connect 2 drives at once, but it’s like 4 dollars in their store. One of the other use cases is simple data recovery. It’s nice to have a small simple machine that I can plug a drive into and run and try to recover files if the drive is no longer bootable. And all of this is easy and accessible using a ZimaBoard.

What about a NAS?

Now you may have noticed I didn’t mention NAS, that’s because I honestly think the best NAS you can use on this tiny little machine is using CasaOS, sure TrueNAS and OpenMediaVault should work but CasaOS already does this beautifully. And since you are a Tinkerer, you might as well install Debian headless then CasaOS to save resources!

Hard Core

The last group of projects is geared towards the hardcore. It’s for those folks who like to push hardware to the limits or experiment with something that they’ve never tried before. This is where I think the PCIe slot really comes into play. This PCIe slot can be used to connect any PCIe device as long as it can run in a x4 slot, which should be most because the slot is open here at the end.

PCIe Slot Most PCIe devices will fit into this slot since they end is slotted (Power but has limited power)

While I know it’s technically possible to attach a video card to this device, I am not sure that a majority of the people who pick up this device will be doing so. I could be wrong, but I think more people will be attaching smaller devices like extra NICs, wireless adapters, and possibly more sata drives.

ZimaBoard with GPU While GPUs will fit, your mileage may vary on whether they work or not.

Network Firewall, Hypervisor, and More!

This opens the door for turning this device into a router or firewall. Having 4 cores, 2 gigabit NICs, AES-NI, and up to 8 GB of RAM make this a solid choice for pfSense or OPNSense, it’s small, compact, has enough compute and RAM, has dual NICs, and is completely silent. And if you want to turn this into an access point, all you need to do is add a wireless NIC and you a nice little OpenWRT system!

ZimaBoard with PCIe NIC Yup, you can even turn this into a Firewall / Router with a few extra NICs!

But even if you’re not into creating a router or firewall and you’re the hardcore type there are plenty of projects for you. If you know RaidOwl, he created a high availability cluster with 3 using Proxmox. Which is another use case, and that’s installing a hypervisor. Because the ZimaBoard supports both VT-x and VT-d it can be used to test out the latest HyperVisor.

And if creating and testing virtualization isn’t your thing, there’s the use case that I think that this is great for and it’s for developing and testing hardware. Most developers I know have laptops and don’t have access to a PCIe slot and that can be painful if you are working on a project that requires it, for example machine learning and AI. The Coral TPU from Google is a great example of how you can add a small PCIe device that is capable of doing AI in a small package, and if you can get your hands on one it could fit right in this slot. Having access to AI on a small board like this could let you do local detections from your video feeds so you can detect things like people, cars, and more. There are so many use cases for the hardcore that I could go on all day!

Google Coral TPU If I could get my hands on a Google Coral TPU, it would fit right here (Hey Google, call me!)

What do I think?

ZimaBoards are super flexible and can be applied to many projects, whether you are a beginner, a tinkerer, or a hardcore enthusiast there’s bound to be a project for you. I am sure that I didn’t cover all of the projects you can do with a ZimaBoard and if I missed one let me know what you’d use it for in the comments below. Well, I learned a lot about ZimaBoards, lots of cool projects, and I hope you learned something too. And remember if you found anything in this blog post helpful, don’t forget to share!

ZimaBoard is small You can get an idea of how small the ZimaBoard really is next to this AAA battery!

Join the conversation

🛍️ Check out the new Merch Shop at https://l.technotim.live/shop

⚙️ See all the hardware I recommend at https://l.technotim.live/gear

🚀 Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files

This post is licensed under CC BY 4.0 by the author.
diff --git a/redirects.json b/redirects.json new file mode 100644 index 0000000000..169162618a --- /dev/null +++ b/redirects.json @@ -0,0 +1 @@ +{"/norobots/":"https://technotim.live/404.html","/assets/":"https://technotim.live/404.html","/posts/":"https://technotim.live/404.html"} \ No newline at end of file diff --git a/robots.txt b/robots.txt new file mode 100644 index 0000000000..ccb1fa1b6a --- /dev/null +++ b/robots.txt @@ -0,0 +1,10 @@ +User-agent: GPTBot +Disallow: / +User-agent: ChatGPT-User +Disallow: / +User-agent: Google-Extended +Disallow: / +User-agent: CCBot +Disallow: / +User-agent: PerplexityBot +Disallow: / diff --git a/shop/index.html b/shop/index.html new file mode 100644 index 0000000000..8d266cc3e7 --- /dev/null +++ b/shop/index.html @@ -0,0 +1 @@ + Shop | Techno Tim
Merch
diff --git a/sitemap.xml b/sitemap.xml new file mode 100644 index 0000000000..c1afb79218 --- /dev/null +++ b/sitemap.xml @@ -0,0 +1,1584 @@ + + + +https://technotim.live/posts/goxlr-wireless/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/obs-best-settings/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/upgrade-your-room/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/touchportal-vs-streamdeck/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/discord-bot/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/virtualize-truenas/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/iscsi-truenas/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/windows-developer-setup/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/proxmox-setup/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/proxmox-windows/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/proxmox-ubuntu-server/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/gpu-passthrough/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/proxmox-update/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/docker-rancher-kubernetes/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/office-upgrade/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/20-ways-virtual-machine/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/twitch-bot/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/streamlabs-mac/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/proxmox-pfsense/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/plex-containerized/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/pihole-containerized/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/virtualize-vs-containerize/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/home-assistant/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/heimdall-dashboard/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/rancher-2-upgrade-backup-restore/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/slack-bot/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/homelab-hardware-tour/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/homelab-services-tour-2020/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/proxmox-backup-server/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/upgrade-freenas-to-truenas/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/code-server-self-host/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/reverse-proxy-kubernetes/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/duck-dns/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/portainer-2/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/host-rancher-securely/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/self-hosted-devops-stack/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/unifi-ap-bridge-mode/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/guacamole-remote-access-gateway/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/broadlink-control/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/gpu-passthrough-linux/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/migrate-database-docker-kubernetes/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/home-network-upgrade/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/fist-13-things-linux/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/nextcloud-setup/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/wiregaurd-setup/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/1u-server-upgrade/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/first-11-things-proxmox/ +2024-06-17T19:46:48-05:00 + + +https://technotim.live/posts/ha-pi-hold-gravity-sync/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/rancher-ha-install/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/k3s-ha-install/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/ansible-automation/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/longhorn-install/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/librespeed/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/home-security-upgrade/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/3090-machine-learning/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/deep-learning-my-life/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/dual-boot-windows-ubuntu/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/ventoy-tutorial/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/handbrake-docker-k8s/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/portainer-update/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/we-are-homelab/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/windows-terminal-wsl/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/rancher-vs-portainer/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/multi-arch-k3s-rpi/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/rancher-new-ui/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/k3s-traefik-rancher/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/rancher-monitoring/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/pi-hole-dns/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/traefik-portainer-ssl/ +2024-04-30T12:39:32-05:00 + + +https://technotim.live/posts/pi-hole-blocklists/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/authelia-traefik/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/webtop-container/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/proxmox-7/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/how-i-create-my-content/ +2023-08-04T11:07:00-05:00 + + +https://technotim.live/posts/open-source-linktree-alt/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/docker-compose-install/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/meet-file-browser/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/NUT-server-guide/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/uptime-kuma/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/windows-11-proxmox/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/homelab-tour-2021/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/grafana-loki-kubernetes/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/grafana-loki/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/homelab-services-tour-2021/ +2024-05-30T11:47:16-05:00 + + +https://technotim.live/posts/keepalived-ha-loadbalancer/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/turing-pi-2-hardware/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/low-power-efficient-proxmox/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/self-hosting-security/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/crowdsec-traefik/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/custom-docker-image/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/truenas-scale-apps/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/meet-harvester/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/cloud-init-cloud-image/ +2024-06-04T22:28:42-05:00 + + +https://technotim.live/posts/k3s-etcd-ansible/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/tadarr-server/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/pterodactyl-game-server/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/flux-devops-gitops/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/jekyll-docs-site/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/100-days-of-homelab/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/my-homelab-regrets/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/10gbe-cat5e-homelab-network/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/kube-grafana-prometheus/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/whats-in-the-box/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/kube-traefik-cert-manager-le/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/homelab-tools-accessories/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/45-drives-storinator/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/secret-encryption-sops/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/rgb-storinator/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/sysracks-server-rack/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/new-ups-rack/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/nut-server-script/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/proxmox-alerts/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/homelab-tour-2022/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/homelab-services-tour-2022/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/truenas-zfs-expand/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/proxmox-nested-virtualization/ +2024-05-30T11:47:16-05:00 + + +https://technotim.live/posts/metal-as-a-service-packer/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/install-age/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/install-mozilla-sops/ +2024-06-12T09:47:02-05:00 + + +https://technotim.live/posts/update-flux/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/fast-internet-test-cli/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/pikvm-at-scale/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/wake-on-lan/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/vlan-firewall-unifi/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/rotate-sops-encryption-keys/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/terraform-cloudflare-github/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/low-power-efficient-server/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/low-power-cluster/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/k8s-reflector/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/scrypted-home-hub/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/mobile-homelab/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/100-days-of-homelab-1-year-later/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/upgrade-proxmox-to-8/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/renovate-bot-kubernetes/ +2024-09-29T10:22:10-05:00 + + +https://technotim.live/posts/automate-lawn-garden/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/zimaboard-projects/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/sysracks-12u/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/poe-adapters/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/windows-powertoys/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/45drives-creator-summit-day-1/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/45homelab-hl15-creator-summit/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/ota-tv-with-plex/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/mac-studio-rack/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/desk-tour-2023/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/zimablade-review/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/netbootxyz-tutorial/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/hl15-review/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/unifi-express/ +2024-02-22T15:25:04-06:00 + + +https://technotim.live/posts/homelab-hardware-tour-2023/ +2024-02-22T15:37:27-06:00 + + +https://technotim.live/posts/unifi-pro-max/ +2024-02-22T15:37:27-06:00 + + +https://technotim.live/posts/homelab-services-tour-2024/ +2024-02-22T15:37:27-06:00 + + +https://technotim.live/posts/homepage-dashboard/ +2024-02-22T15:37:27-06:00 + + +https://technotim.live/posts/pikvm-tesmart/ +2024-02-22T15:37:27-06:00 + + +https://technotim.live/posts/truenas-performance-guide/ +2024-02-22T15:37:27-06:00 + + +https://technotim.live/posts/techno-tim-shop-launch/ +2024-02-22T15:50:31-06:00 + + +https://technotim.live/posts/gatus-uptime-monitoring/ +2024-02-26T12:03:15-06:00 + + +https://technotim.live/posts/localsend/ +2024-03-09T10:30:14-06:00 + + +https://technotim.live/posts/homelab-datacenter-1/ +2024-03-22T12:53:56-05:00 + + +https://technotim.live/posts/homelab-colo-architecture-review/ +2024-09-17T18:47:39-05:00 + + +https://technotim.live/posts/advanced-kubernetes-networking/ +2024-05-17T17:03:05-05:00 + + +https://technotim.live/posts/udm-pro-max/ +2024-04-23T12:48:11-05:00 + + +https://technotim.live/posts/traefik-3-docker-certificates/ +2024-09-29T21:41:40-05:00 + + +https://technotim.live/posts/ultimate-homelab-server/ +2024-05-15T08:26:06-05:00 + + +https://technotim.live/posts/no-more-microsd/ +2024-05-18T13:29:56-05:00 + + +https://technotim.live/posts/unraid-first-time/ +2024-06-05T11:08:10-05:00 + + +https://technotim.live/posts/proxmox-helper-scripts/ +2024-05-30T12:35:07-05:00 + + +https://technotim.live/posts/truenas-vs-unraid/ +2024-06-09T10:53:52-05:00 + + +https://technotim.live/posts/change-detection-docker/ +2024-06-21T11:56:14-05:00 + + +https://technotim.live/posts/private-practical-local-ai/ +2024-07-10T07:59:31-05:00 + + +https://technotim.live/posts/ai-stack-tutorial/ +2024-07-15T13:11:39-05:00 + + +https://technotim.live/posts/mini-rack-homelab-stack/ +2024-07-26T08:00:00-05:00 + + +https://technotim.live/posts/create-your-own-zigbee-hub/ +2024-08-06T21:38:16-05:00 + + +https://technotim.live/posts/homelab-assistant/ +2024-09-02T13:43:36-05:00 + + +https://technotim.live/posts/creator-summit-2024-demicrosoftification/ +2024-09-05T21:22:15-05:00 + + +https://technotim.live/posts/plex-build-low-power-server/ +2024-09-16T08:00:00-05:00 + + +https://technotim.live/posts/proxmox-backup-server/ +2024-09-28T14:08:17-05:00 + + +https://technotim.live/posts/living-room-nas/ +2024-09-28T08:00:00-05:00 + + +https://technotim.live/about/ +2024-10-03T13:19:59-05:00 + + +https://technotim.live/shop/ +2024-10-03T13:19:59-05:00 + + +https://technotim.live/sponsor/ +2024-10-03T13:19:59-05:00 + + +https://technotim.live/ + + +https://technotim.live/tags/goxlr/ + + +https://technotim.live/tags/streaming/ + + +https://technotim.live/tags/twitch/ + + +https://technotim.live/tags/hardware/ + + +https://technotim.live/tags/obs/ + + +https://technotim.live/tags/office/ + + +https://technotim.live/tags/touch-portal/ + + +https://technotim.live/tags/stream-deck/ + + +https://technotim.live/tags/coding/ + + +https://technotim.live/tags/javascript/ + + +https://technotim.live/tags/discord/ + + +https://technotim.live/tags/self-hosted/ + + +https://technotim.live/tags/truenas/ + + +https://technotim.live/tags/proxmox/ + + +https://technotim.live/tags/windows/ + + +https://technotim.live/tags/homelab/ + + +https://technotim.live/tags/rancher/ + + +https://technotim.live/tags/kubernetes/ + + +https://technotim.live/tags/wsl/ + + +https://technotim.live/tags/nvm/ + + +https://technotim.live/tags/zsh/ + + +https://technotim.live/tags/node/ + + +https://technotim.live/tags/linux/ + + +https://technotim.live/tags/ubuntu/ + + +https://technotim.live/tags/docker/ + + +https://technotim.live/tags/minecraft/ + + +https://technotim.live/tags/gaming/ + + +https://technotim.live/tags/mac/ + + +https://technotim.live/tags/streamlabs/ + + +https://technotim.live/tags/portainer/ + + +https://technotim.live/tags/plex/ + + +https://technotim.live/tags/pi-hole/ + + +https://technotim.live/tags/home-assistant/ + + +https://technotim.live/tags/heimdall/ + + +https://technotim.live/tags/slack/ + + +https://technotim.live/tags/vscode/ + + +https://technotim.live/tags/traefik/ + + +https://technotim.live/tags/metal-lb/ + + +https://technotim.live/tags/duckdns/ + + +https://technotim.live/tags/github/ + + +https://technotim.live/tags/gitlab/ + + +https://technotim.live/tags/network/ + + +https://technotim.live/tags/unifi/ + + +https://technotim.live/tags/guacamole/ + + +https://technotim.live/tags/vnc/ + + +https://technotim.live/tags/ssh/ + + +https://technotim.live/tags/rdp/ + + +https://technotim.live/tags/broadlink/ + + +https://technotim.live/tags/iot/ + + +https://technotim.live/tags/nvidia/ + + +https://technotim.live/tags/mysql/ + + +https://technotim.live/tags/database/ + + +https://technotim.live/tags/nextcloud/ + + +https://technotim.live/tags/wireguard/ + + +https://technotim.live/tags/vpn/ + + +https://technotim.live/tags/gravity-sync/ + + +https://technotim.live/tags/keepalived/ + + +https://technotim.live/tags/k3s/ + + +https://technotim.live/tags/nginx/ + + +https://technotim.live/tags/ansible/ + + +https://technotim.live/tags/longhorn/ + + +https://technotim.live/tags/librespeed/ + + +https://technotim.live/tags/protect/ + + +https://technotim.live/tags/home-security/ + + +https://technotim.live/tags/machine-learning/ + + +https://technotim.live/tags/deep-learning/ + + +https://technotim.live/tags/ai/ + + +https://technotim.live/tags/life/ + + +https://technotim.live/tags/ventoy/ + + +https://technotim.live/tags/handbrake/ + + +https://technotim.live/tags/software/ + + +https://technotim.live/tags/terminal/ + + +https://technotim.live/tags/raspberry-pi/ + + +https://technotim.live/tags/grafana/ + + +https://technotim.live/tags/prometheus/ + + +https://technotim.live/tags/dns/ + + +https://technotim.live/tags/ssl/ + + +https://technotim.live/tags/authelia/ + + +https://technotim.live/tags/webtop/ + + +https://technotim.live/tags/youtube/ + + +https://technotim.live/tags/content-creation/ + + +https://technotim.live/tags/adobe/ + + +https://technotim.live/tags/littlelink-server/ + + +https://technotim.live/tags/docker-compose/ + + +https://technotim.live/tags/file-browser/ + + +https://technotim.live/tags/nut/ + + +https://technotim.live/tags/ups/ + + +https://technotim.live/tags/pdu/ + + +https://technotim.live/tags/open-source/ + + +https://technotim.live/tags/uptime-kuma/ + + +https://technotim.live/tags/monitoring/ + + +https://technotim.live/tags/alerting/ + + +https://technotim.live/tags/windows-11/ + + +https://technotim.live/tags/virtualization/ + + +https://technotim.live/tags/logging/ + + +https://technotim.live/tags/promtail/ + + +https://technotim.live/tags/helm/ + + +https://technotim.live/tags/dashboard/ + + +https://technotim.live/tags/certificates/ + + +https://technotim.live/tags/shlink/ + + +https://technotim.live/tags/jekyll/ + + +https://technotim.live/tags/loki/ + + +https://technotim.live/tags/nas/ + + +https://technotim.live/tags/containerization/ + + +https://technotim.live/tags/turing-pi/ + + +https://technotim.live/tags/security/ + + +https://technotim.live/tags/crowdsec/ + + +https://technotim.live/tags/fail2ban/ + + +https://technotim.live/tags/container/ + + +https://technotim.live/tags/image/ + + +https://technotim.live/tags/harvester/ + + +https://technotim.live/tags/cloud-image/ + + +https://technotim.live/tags/cloud-init/ + + +https://technotim.live/tags/cloud/ + + +https://technotim.live/tags/clone/ + + +https://technotim.live/tags/etcd/ + + +https://technotim.live/tags/metallb/ + + +https://technotim.live/tags/kube-vip/ + + +https://technotim.live/tags/tdarr/ + + +https://technotim.live/tags/pterodactyl/ + + +https://technotim.live/tags/redis/ + + +https://technotim.live/tags/mariabdb/ + + +https://technotim.live/tags/opensource/ + + +https://technotim.live/tags/flux/ + + +https://technotim.live/tags/devops/ + + +https://technotim.live/tags/gitops/ + + +https://technotim.live/tags/website/ + + +https://technotim.live/tags/challenge/ + + +https://technotim.live/tags/10gbe/ + + +https://technotim.live/tags/alert-manager/ + + +https://technotim.live/tags/live/ + + +https://technotim.live/tags/unboxing/ + + +https://technotim.live/tags/cert-manager/ + + +https://technotim.live/tags/cloudflare/ + + +https://technotim.live/tags/letsencrypt/ + + +https://technotim.live/tags/tools/ + + +https://technotim.live/tags/accessories/ + + +https://technotim.live/tags/server/ + + +https://technotim.live/tags/storinator/ + + +https://technotim.live/tags/45-drives/ + + +https://technotim.live/tags/git/ + + +https://technotim.live/tags/secrets/ + + +https://technotim.live/tags/sops/ + + +https://technotim.live/tags/age/ + + +https://technotim.live/tags/rgb/ + + +https://technotim.live/tags/server-rack/ + + +https://technotim.live/tags/sysracks/ + + +https://technotim.live/tags/eaton/ + + +https://technotim.live/tags/tripp-lite/ + + +https://technotim.live/tags/automation/ + + +https://technotim.live/tags/zfs/ + + +https://technotim.live/tags/storage/ + + +https://technotim.live/tags/packer/ + + +https://technotim.live/tags/maas/ + + +https://technotim.live/tags/hashicorp/ + + +https://technotim.live/tags/canonical/ + + +https://technotim.live/tags/secops/ + + +https://technotim.live/tags/cli/ + + +https://technotim.live/tags/mozilla/ + + +https://technotim.live/tags/fast/ + + +https://technotim.live/tags/pikvm/ + + +https://technotim.live/tags/kvm/ + + +https://technotim.live/tags/arch/ + + +https://technotim.live/tags/wol/ + + +https://technotim.live/tags/wake-on-lan/ + + +https://technotim.live/tags/vlan/ + + +https://technotim.live/tags/terraform/ + + +https://technotim.live/tags/pfsense/ + + +https://technotim.live/tags/k8s/ + + +https://technotim.live/tags/reflector/ + + +https://technotim.live/tags/scrypted/ + + +https://technotim.live/tags/smart-home/ + + +https://technotim.live/tags/apple/ + + +https://technotim.live/tags/google/ + + +https://technotim.live/tags/amazon/ + + +https://technotim.live/tags/alexa/ + + +https://technotim.live/tags/homekit/ + + +https://technotim.live/tags/travel/ + + +https://technotim.live/tags/openwrt/ + + +https://technotim.live/tags/debian/ + + +https://technotim.live/tags/renovate/ + + +https://technotim.live/tags/lawn/ + + +https://technotim.live/tags/weather/ + + +https://technotim.live/tags/gardening/ + + +https://technotim.live/tags/zimaboard/ + + +https://technotim.live/tags/casaos/ + + +https://technotim.live/tags/rackstuds/ + + +https://technotim.live/tags/poe/ + + +https://technotim.live/tags/powertoys/ + + +https://technotim.live/tags/productivity/ + + +https://technotim.live/tags/microsoft/ + + +https://technotim.live/tags/45drives/ + + +https://technotim.live/tags/ceph/ + + +https://technotim.live/tags/hl15/ + + +https://technotim.live/tags/45homelab/ + + +https://technotim.live/tags/tv/ + + +https://technotim.live/tags/ota/ + + +https://technotim.live/tags/epg/ + + +https://technotim.live/tags/dvr/ + + +https://technotim.live/tags/thunderbolt/ + + +https://technotim.live/tags/mac-studio/ + + +https://technotim.live/tags/nvme/ + + +https://technotim.live/tags/xmac-studio/ + + +https://technotim.live/tags/sonnet/ + + +https://technotim.live/tags/desk/ + + +https://technotim.live/tags/tour/ + + +https://technotim.live/tags/studio/ + + +https://technotim.live/tags/ultrawide/ + + +https://technotim.live/tags/zimablade/ + + +https://technotim.live/tags/netbootxyz/ + + +https://technotim.live/tags/pxe/ + + +https://technotim.live/tags/45/ + + +https://technotim.live/tags/homepage/ + + +https://technotim.live/tags/tesmart/ + + +https://technotim.live/tags/merch/ + + +https://technotim.live/tags/dark-mode/ + + +https://technotim.live/tags/gatus/ + + +https://technotim.live/tags/app/ + + +https://technotim.live/tags/localsend/ + + +https://technotim.live/tags/android/ + + +https://technotim.live/tags/ios/ + + +https://technotim.live/tags/macos/ + + +https://technotim.live/tags/datacenter/ + + +https://technotim.live/tags/colocation/ + + +https://technotim.live/tags/architecture/ + + +https://technotim.live/tags/rke2/ + + +https://technotim.live/tags/pihole/ + + +https://technotim.live/tags/multus/ + + +https://technotim.live/tags/networking/ + + +https://technotim.live/tags/cni/ + + +https://technotim.live/tags/cilium/ + + +https://technotim.live/tags/udm/ + + +https://technotim.live/tags/ubiquiti/ + + +https://technotim.live/tags/lets-encrypt/ + + +https://technotim.live/tags/unraid/ + + +https://technotim.live/tags/pi/ + + +https://technotim.live/tags/microsd/ + + +https://technotim.live/tags/ssd/ + + +https://technotim.live/tags/lxc/ + + +https://technotim.live/tags/changedetection/ + + +https://technotim.live/tags/llm/ + + +https://technotim.live/tags/ollama/ + + +https://technotim.live/tags/whisper/ + + +https://technotim.live/tags/mini-rack/ + + +https://technotim.live/tags/home-automation/ + + +https://technotim.live/tags/zigbee/ + + +https://technotim.live/tags/pc/ + + +https://technotim.live/categories/streaming/ + + +https://technotim.live/categories/coding/ + + +https://technotim.live/categories/truenas/ + + +https://technotim.live/categories/homelab/ + + +https://technotim.live/categories/proxmox/ + + +https://technotim.live/categories/vlog/ + + +https://technotim.live/categories/self-hosted/ + + +https://technotim.live/categories/kubernetes/ + + +https://technotim.live/categories/rancher/ + + +https://technotim.live/categories/portainer/ + + +https://technotim.live/categories/k3s/ + + +https://technotim.live/categories/traefik/ + + +https://technotim.live/categories/docker/ + + +https://technotim.live/categories/maas/ + + +https://technotim.live/categories/utilities/ + + +https://technotim.live/categories/cloud/ + + +https://technotim.live/categories/conferences/ + + +https://technotim.live/categories/network/ + + +https://technotim.live/categories/life/ + + +https://technotim.live/categories/apps/ + + +https://technotim.live/categories/hardware/ + + +https://technotim.live/categories/home-automation/ + + +https://technotim.live/page2/ + + +https://technotim.live/page3/ + + +https://technotim.live/page4/ + + +https://technotim.live/page5/ + + +https://technotim.live/page6/ + + +https://technotim.live/page7/ + + +https://technotim.live/page8/ + + +https://technotim.live/page9/ + + +https://technotim.live/page10/ + + +https://technotim.live/page11/ + + +https://technotim.live/page12/ + + +https://technotim.live/page13/ + + +https://technotim.live/page14/ + + +https://technotim.live/page15/ + + +https://technotim.live/page16/ + + +https://technotim.live/page17/ + + +https://technotim.live/page18/ + + diff --git a/sponsor/index.html b/sponsor/index.html new file mode 100644 index 0000000000..6348df658d --- /dev/null +++ b/sponsor/index.html @@ -0,0 +1 @@ + Sponsor | Techno Tim
Sponsor

Sponsor

🤝 Help keep this site ad-free!

This site and all of its contents is self-hosted and ad-free. If you’d like to help keep it this way, consider supporting by one of the following options:

You can support me and my work directly:

I also make a small commission (at no cost to you) if you use one of my affiliate links below:

Donating directly:

diff --git a/sw.min.js b/sw.min.js new file mode 100644 index 0000000000..7c3a9e7248 --- /dev/null +++ b/sw.min.js @@ -0,0 +1 @@ +const swconfUrl = '/assets/js/data/swconf.js'; importScripts(swconfUrl); const purge = swconf.purge; function verifyHost(url) { for (const host of swconf.allowHosts) { const regex = RegExp(`^http(s)?://${host}/`); if (regex.test(url)) { return true; } } return false; } function verifyUrl(url) { if (!verifyHost(url)) { return false; } const requestPath = new URL(url).pathname; for (const path of swconf.denyPaths) { if (requestPath.startsWith(path)) { return false; } } return true; } if (!purge) { swconf.allowHosts.push(location.host); } self.addEventListener('install', (event) => { if (purge) { return; } event.waitUntil( caches.open(swconf.cacheName).then((cache) => { return cache.addAll(swconf.resources); }) ); }); self.addEventListener('activate', (event) => { event.waitUntil( caches.keys().then((keyList) => { return Promise.all( keyList.map((key) => { if (purge) { return caches.delete(key); } else { if (key !== swconf.cacheName) { return caches.delete(key); } } }) ); }) ); }); self.addEventListener('message', (event) => { if (event.data === 'SKIP_WAITING') { self.skipWaiting(); } }); self.addEventListener('fetch', (event) => { event.respondWith( caches.match(event.request).then((response) => { if (response) { return response; } return fetch(event.request).then((response) => { const url = event.request.url; if (purge || event.request.method !== 'GET' || !verifyUrl(url)) { return response; } let responseToCache = response.clone(); caches.open(swconf.cacheName).then((cache) => { cache.put(event.request, responseToCache); }); return response; }); }) ); }); diff --git a/tabs/all-posts.md b/tabs/all-posts.md new file mode 100644 index 0000000000..3089053a45 --- /dev/null +++ b/tabs/all-posts.md @@ -0,0 +1,5 @@ + diff --git a/tabs/categories.md b/tabs/categories.md new file mode 100644 index 0000000000..b9609ff0f9 --- /dev/null +++ b/tabs/categories.md @@ -0,0 +1,5 @@ + diff --git a/tabs/tags.md b/tabs/tags.md new file mode 100644 index 0000000000..081b7c2159 --- /dev/null +++ b/tabs/tags.md @@ -0,0 +1,5 @@ + diff --git a/tags/10gbe/index.html b/tags/10gbe/index.html new file mode 100644 index 0000000000..94acb2d406 --- /dev/null +++ b/tags/10gbe/index.html @@ -0,0 +1 @@ + 10gbe | Techno Tim
Tag
diff --git a/tags/45-drives/index.html b/tags/45-drives/index.html new file mode 100644 index 0000000000..d114e8af82 --- /dev/null +++ b/tags/45-drives/index.html @@ -0,0 +1 @@ + 45-drives | Techno Tim
Tag
diff --git a/tags/45/index.html b/tags/45/index.html new file mode 100644 index 0000000000..9989f55ad8 --- /dev/null +++ b/tags/45/index.html @@ -0,0 +1 @@ + 45 | Techno Tim
Tag
diff --git a/tags/45drives/index.html b/tags/45drives/index.html new file mode 100644 index 0000000000..50f2934303 --- /dev/null +++ b/tags/45drives/index.html @@ -0,0 +1 @@ + 45drives | Techno Tim
Tag
diff --git a/tags/45homelab/index.html b/tags/45homelab/index.html new file mode 100644 index 0000000000..163b0e31c7 --- /dev/null +++ b/tags/45homelab/index.html @@ -0,0 +1 @@ + 45homelab | Techno Tim
Tag
diff --git a/tags/accessories/index.html b/tags/accessories/index.html new file mode 100644 index 0000000000..0cc52bf44b --- /dev/null +++ b/tags/accessories/index.html @@ -0,0 +1 @@ + accessories | Techno Tim
Tag
diff --git a/tags/adobe/index.html b/tags/adobe/index.html new file mode 100644 index 0000000000..940ef7475b --- /dev/null +++ b/tags/adobe/index.html @@ -0,0 +1 @@ + adobe | Techno Tim
Tag
diff --git a/tags/age/index.html b/tags/age/index.html new file mode 100644 index 0000000000..6566f735a3 --- /dev/null +++ b/tags/age/index.html @@ -0,0 +1 @@ + age | Techno Tim
Tag
diff --git a/tags/ai/index.html b/tags/ai/index.html new file mode 100644 index 0000000000..48f08aaaee --- /dev/null +++ b/tags/ai/index.html @@ -0,0 +1 @@ + ai | Techno Tim
Tag
diff --git a/tags/alert-manager/index.html b/tags/alert-manager/index.html new file mode 100644 index 0000000000..4ad0dbf01a --- /dev/null +++ b/tags/alert-manager/index.html @@ -0,0 +1 @@ + alert-manager | Techno Tim
Tag
diff --git a/tags/alerting/index.html b/tags/alerting/index.html new file mode 100644 index 0000000000..171d321f05 --- /dev/null +++ b/tags/alerting/index.html @@ -0,0 +1 @@ + alerting | Techno Tim
Tag
diff --git a/tags/alexa/index.html b/tags/alexa/index.html new file mode 100644 index 0000000000..07f5234398 --- /dev/null +++ b/tags/alexa/index.html @@ -0,0 +1 @@ + alexa | Techno Tim
Tag
diff --git a/tags/amazon/index.html b/tags/amazon/index.html new file mode 100644 index 0000000000..9e8af623c1 --- /dev/null +++ b/tags/amazon/index.html @@ -0,0 +1 @@ + amazon | Techno Tim
Tag
diff --git a/tags/android/index.html b/tags/android/index.html new file mode 100644 index 0000000000..fd739c05ad --- /dev/null +++ b/tags/android/index.html @@ -0,0 +1 @@ + android | Techno Tim
Tag
diff --git a/tags/ansible/index.html b/tags/ansible/index.html new file mode 100644 index 0000000000..783e15bd37 --- /dev/null +++ b/tags/ansible/index.html @@ -0,0 +1 @@ + ansible | Techno Tim
Tag
diff --git a/tags/app/index.html b/tags/app/index.html new file mode 100644 index 0000000000..41daa91c6c --- /dev/null +++ b/tags/app/index.html @@ -0,0 +1 @@ + app | Techno Tim
Tag
diff --git a/tags/apple/index.html b/tags/apple/index.html new file mode 100644 index 0000000000..3d2f681dec --- /dev/null +++ b/tags/apple/index.html @@ -0,0 +1 @@ + apple | Techno Tim
Tag
diff --git a/tags/arch/index.html b/tags/arch/index.html new file mode 100644 index 0000000000..6a614de1d8 --- /dev/null +++ b/tags/arch/index.html @@ -0,0 +1 @@ + arch | Techno Tim
Tag
diff --git a/tags/architecture/index.html b/tags/architecture/index.html new file mode 100644 index 0000000000..ae9a95d46a --- /dev/null +++ b/tags/architecture/index.html @@ -0,0 +1 @@ + architecture | Techno Tim
Tag
diff --git a/tags/authelia/index.html b/tags/authelia/index.html new file mode 100644 index 0000000000..b12aa8087a --- /dev/null +++ b/tags/authelia/index.html @@ -0,0 +1 @@ + authelia | Techno Tim
Tag
diff --git a/tags/automation/index.html b/tags/automation/index.html new file mode 100644 index 0000000000..a1ecd0b708 --- /dev/null +++ b/tags/automation/index.html @@ -0,0 +1 @@ + automation | Techno Tim
Tag
diff --git a/tags/broadlink/index.html b/tags/broadlink/index.html new file mode 100644 index 0000000000..15707da858 --- /dev/null +++ b/tags/broadlink/index.html @@ -0,0 +1 @@ + broadlink | Techno Tim
Tag
diff --git a/tags/canonical/index.html b/tags/canonical/index.html new file mode 100644 index 0000000000..a3b1bdf735 --- /dev/null +++ b/tags/canonical/index.html @@ -0,0 +1 @@ + canonical | Techno Tim
Tag
diff --git a/tags/casaos/index.html b/tags/casaos/index.html new file mode 100644 index 0000000000..404aedbbd3 --- /dev/null +++ b/tags/casaos/index.html @@ -0,0 +1 @@ + casaos | Techno Tim
Tag
diff --git a/tags/ceph/index.html b/tags/ceph/index.html new file mode 100644 index 0000000000..00f9507621 --- /dev/null +++ b/tags/ceph/index.html @@ -0,0 +1 @@ + ceph | Techno Tim
Tag
diff --git a/tags/cert-manager/index.html b/tags/cert-manager/index.html new file mode 100644 index 0000000000..8c48259a37 --- /dev/null +++ b/tags/cert-manager/index.html @@ -0,0 +1 @@ + cert-manager | Techno Tim
Tag
diff --git a/tags/certificates/index.html b/tags/certificates/index.html new file mode 100644 index 0000000000..b3f4e451ab --- /dev/null +++ b/tags/certificates/index.html @@ -0,0 +1 @@ + certificates | Techno Tim
Tag
diff --git a/tags/challenge/index.html b/tags/challenge/index.html new file mode 100644 index 0000000000..58c312aa63 --- /dev/null +++ b/tags/challenge/index.html @@ -0,0 +1 @@ + challenge | Techno Tim
Tag
diff --git a/tags/changedetection/index.html b/tags/changedetection/index.html new file mode 100644 index 0000000000..8187ebb841 --- /dev/null +++ b/tags/changedetection/index.html @@ -0,0 +1 @@ + changedetection | Techno Tim
Tag
diff --git a/tags/cilium/index.html b/tags/cilium/index.html new file mode 100644 index 0000000000..d67c70d41d --- /dev/null +++ b/tags/cilium/index.html @@ -0,0 +1 @@ + cilium | Techno Tim
Tag
diff --git a/tags/cli/index.html b/tags/cli/index.html new file mode 100644 index 0000000000..1e618d66fc --- /dev/null +++ b/tags/cli/index.html @@ -0,0 +1 @@ + cli | Techno Tim
Tag
diff --git a/tags/clone/index.html b/tags/clone/index.html new file mode 100644 index 0000000000..422f48cfd8 --- /dev/null +++ b/tags/clone/index.html @@ -0,0 +1 @@ + clone | Techno Tim
Tag
diff --git a/tags/cloud-image/index.html b/tags/cloud-image/index.html new file mode 100644 index 0000000000..17ee1362b5 --- /dev/null +++ b/tags/cloud-image/index.html @@ -0,0 +1 @@ + cloud-image | Techno Tim
Tag
diff --git a/tags/cloud-init/index.html b/tags/cloud-init/index.html new file mode 100644 index 0000000000..dfe934d5de --- /dev/null +++ b/tags/cloud-init/index.html @@ -0,0 +1 @@ + cloud-init | Techno Tim
Tag
diff --git a/tags/cloud/index.html b/tags/cloud/index.html new file mode 100644 index 0000000000..21d7db1a84 --- /dev/null +++ b/tags/cloud/index.html @@ -0,0 +1 @@ + cloud | Techno Tim
Tag
diff --git a/tags/cloudflare/index.html b/tags/cloudflare/index.html new file mode 100644 index 0000000000..4cb124403c --- /dev/null +++ b/tags/cloudflare/index.html @@ -0,0 +1 @@ + cloudflare | Techno Tim
Tag
diff --git a/tags/cni/index.html b/tags/cni/index.html new file mode 100644 index 0000000000..a695f34813 --- /dev/null +++ b/tags/cni/index.html @@ -0,0 +1 @@ + cni | Techno Tim
Tag
diff --git a/tags/coding/index.html b/tags/coding/index.html new file mode 100644 index 0000000000..c23102fa18 --- /dev/null +++ b/tags/coding/index.html @@ -0,0 +1 @@ + coding | Techno Tim
Tag
diff --git a/tags/colocation/index.html b/tags/colocation/index.html new file mode 100644 index 0000000000..da59307f45 --- /dev/null +++ b/tags/colocation/index.html @@ -0,0 +1 @@ + colocation | Techno Tim
Tag
diff --git a/tags/container/index.html b/tags/container/index.html new file mode 100644 index 0000000000..d20910c254 --- /dev/null +++ b/tags/container/index.html @@ -0,0 +1 @@ + container | Techno Tim
Tag
diff --git a/tags/containerization/index.html b/tags/containerization/index.html new file mode 100644 index 0000000000..a32188986b --- /dev/null +++ b/tags/containerization/index.html @@ -0,0 +1 @@ + containerization | Techno Tim
Tag
diff --git a/tags/content-creation/index.html b/tags/content-creation/index.html new file mode 100644 index 0000000000..23cba36539 --- /dev/null +++ b/tags/content-creation/index.html @@ -0,0 +1 @@ + content-creation | Techno Tim
Tag
diff --git a/tags/crowdsec/index.html b/tags/crowdsec/index.html new file mode 100644 index 0000000000..ed225297bb --- /dev/null +++ b/tags/crowdsec/index.html @@ -0,0 +1 @@ + crowdsec | Techno Tim
Tag
diff --git a/tags/dark-mode/index.html b/tags/dark-mode/index.html new file mode 100644 index 0000000000..0b12368de3 --- /dev/null +++ b/tags/dark-mode/index.html @@ -0,0 +1 @@ + dark-mode | Techno Tim
Tag
diff --git a/tags/dashboard/index.html b/tags/dashboard/index.html new file mode 100644 index 0000000000..41bd67564a --- /dev/null +++ b/tags/dashboard/index.html @@ -0,0 +1 @@ + dashboard | Techno Tim
Tag
diff --git a/tags/database/index.html b/tags/database/index.html new file mode 100644 index 0000000000..cce81eaaa8 --- /dev/null +++ b/tags/database/index.html @@ -0,0 +1 @@ + database | Techno Tim
Tag
diff --git a/tags/datacenter/index.html b/tags/datacenter/index.html new file mode 100644 index 0000000000..fe588f544b --- /dev/null +++ b/tags/datacenter/index.html @@ -0,0 +1 @@ + datacenter | Techno Tim
Tag
diff --git a/tags/debian/index.html b/tags/debian/index.html new file mode 100644 index 0000000000..8de6ad7170 --- /dev/null +++ b/tags/debian/index.html @@ -0,0 +1 @@ + debian | Techno Tim
Tag
diff --git a/tags/deep-learning/index.html b/tags/deep-learning/index.html new file mode 100644 index 0000000000..3985ea974c --- /dev/null +++ b/tags/deep-learning/index.html @@ -0,0 +1 @@ + deep-learning | Techno Tim
Tag
diff --git a/tags/desk/index.html b/tags/desk/index.html new file mode 100644 index 0000000000..753dc90ceb --- /dev/null +++ b/tags/desk/index.html @@ -0,0 +1 @@ + desk | Techno Tim
Tag
diff --git a/tags/devops/index.html b/tags/devops/index.html new file mode 100644 index 0000000000..c90ad80195 --- /dev/null +++ b/tags/devops/index.html @@ -0,0 +1 @@ + devops | Techno Tim
Tag
diff --git a/tags/discord/index.html b/tags/discord/index.html new file mode 100644 index 0000000000..c379496863 --- /dev/null +++ b/tags/discord/index.html @@ -0,0 +1 @@ + discord | Techno Tim
Tag
diff --git a/tags/dns/index.html b/tags/dns/index.html new file mode 100644 index 0000000000..12636bb117 --- /dev/null +++ b/tags/dns/index.html @@ -0,0 +1 @@ + dns | Techno Tim
Tag
diff --git a/tags/docker-compose/index.html b/tags/docker-compose/index.html new file mode 100644 index 0000000000..40e6618572 --- /dev/null +++ b/tags/docker-compose/index.html @@ -0,0 +1 @@ + docker-compose | Techno Tim
Tag
diff --git a/tags/docker/index.html b/tags/docker/index.html new file mode 100644 index 0000000000..c2eccfd673 --- /dev/null +++ b/tags/docker/index.html @@ -0,0 +1 @@ + docker | Techno Tim
Tag

docker 43

diff --git a/tags/duckdns/index.html b/tags/duckdns/index.html new file mode 100644 index 0000000000..c2ba6ce1c7 --- /dev/null +++ b/tags/duckdns/index.html @@ -0,0 +1 @@ + duckdns | Techno Tim
Tag
diff --git a/tags/dvr/index.html b/tags/dvr/index.html new file mode 100644 index 0000000000..af6981775a --- /dev/null +++ b/tags/dvr/index.html @@ -0,0 +1 @@ + dvr | Techno Tim
Tag
diff --git a/tags/eaton/index.html b/tags/eaton/index.html new file mode 100644 index 0000000000..56da922509 --- /dev/null +++ b/tags/eaton/index.html @@ -0,0 +1 @@ + eaton | Techno Tim
Tag
diff --git a/tags/epg/index.html b/tags/epg/index.html new file mode 100644 index 0000000000..e65d6ab989 --- /dev/null +++ b/tags/epg/index.html @@ -0,0 +1 @@ + epg | Techno Tim
Tag
diff --git a/tags/etcd/index.html b/tags/etcd/index.html new file mode 100644 index 0000000000..7fa1916627 --- /dev/null +++ b/tags/etcd/index.html @@ -0,0 +1 @@ + etcd | Techno Tim
Tag
diff --git a/tags/fail2ban/index.html b/tags/fail2ban/index.html new file mode 100644 index 0000000000..b3cd70bab6 --- /dev/null +++ b/tags/fail2ban/index.html @@ -0,0 +1 @@ + fail2ban | Techno Tim
Tag
diff --git a/tags/fast/index.html b/tags/fast/index.html new file mode 100644 index 0000000000..70199975d0 --- /dev/null +++ b/tags/fast/index.html @@ -0,0 +1 @@ + fast | Techno Tim
Tag
diff --git a/tags/file-browser/index.html b/tags/file-browser/index.html new file mode 100644 index 0000000000..2af98f1dab --- /dev/null +++ b/tags/file-browser/index.html @@ -0,0 +1 @@ + file-browser | Techno Tim
Tag
diff --git a/tags/flux/index.html b/tags/flux/index.html new file mode 100644 index 0000000000..4f2ce5df9f --- /dev/null +++ b/tags/flux/index.html @@ -0,0 +1 @@ + flux | Techno Tim
Tag
diff --git a/tags/gaming/index.html b/tags/gaming/index.html new file mode 100644 index 0000000000..68f95f5f72 --- /dev/null +++ b/tags/gaming/index.html @@ -0,0 +1 @@ + gaming | Techno Tim
Tag
diff --git a/tags/gardening/index.html b/tags/gardening/index.html new file mode 100644 index 0000000000..5958acc915 --- /dev/null +++ b/tags/gardening/index.html @@ -0,0 +1 @@ + gardening | Techno Tim
Tag
diff --git a/tags/gatus/index.html b/tags/gatus/index.html new file mode 100644 index 0000000000..ff23924c13 --- /dev/null +++ b/tags/gatus/index.html @@ -0,0 +1 @@ + gatus | Techno Tim
Tag
diff --git a/tags/git/index.html b/tags/git/index.html new file mode 100644 index 0000000000..e00bf93426 --- /dev/null +++ b/tags/git/index.html @@ -0,0 +1 @@ + git | Techno Tim
Tag
diff --git a/tags/github/index.html b/tags/github/index.html new file mode 100644 index 0000000000..5f084ec2be --- /dev/null +++ b/tags/github/index.html @@ -0,0 +1 @@ + github | Techno Tim
Tag
diff --git a/tags/gitlab/index.html b/tags/gitlab/index.html new file mode 100644 index 0000000000..51caa2c3de --- /dev/null +++ b/tags/gitlab/index.html @@ -0,0 +1 @@ + gitlab | Techno Tim
Tag
diff --git a/tags/gitops/index.html b/tags/gitops/index.html new file mode 100644 index 0000000000..5b33390708 --- /dev/null +++ b/tags/gitops/index.html @@ -0,0 +1 @@ + gitops | Techno Tim
Tag
diff --git a/tags/google/index.html b/tags/google/index.html new file mode 100644 index 0000000000..3f681d9bac --- /dev/null +++ b/tags/google/index.html @@ -0,0 +1 @@ + google | Techno Tim
Tag
diff --git a/tags/goxlr/index.html b/tags/goxlr/index.html new file mode 100644 index 0000000000..707d6d8d5c --- /dev/null +++ b/tags/goxlr/index.html @@ -0,0 +1 @@ + goxlr | Techno Tim
Tag
diff --git a/tags/grafana/index.html b/tags/grafana/index.html new file mode 100644 index 0000000000..6f662be5f4 --- /dev/null +++ b/tags/grafana/index.html @@ -0,0 +1 @@ + grafana | Techno Tim
Tag
diff --git a/tags/gravity-sync/index.html b/tags/gravity-sync/index.html new file mode 100644 index 0000000000..414d65157c --- /dev/null +++ b/tags/gravity-sync/index.html @@ -0,0 +1 @@ + gravity-sync | Techno Tim
Tag
diff --git a/tags/guacamole/index.html b/tags/guacamole/index.html new file mode 100644 index 0000000000..1d39b504d1 --- /dev/null +++ b/tags/guacamole/index.html @@ -0,0 +1 @@ + guacamole | Techno Tim
Tag
diff --git a/tags/handbrake/index.html b/tags/handbrake/index.html new file mode 100644 index 0000000000..753d649892 --- /dev/null +++ b/tags/handbrake/index.html @@ -0,0 +1 @@ + handbrake | Techno Tim
Tag
diff --git a/tags/hardware/index.html b/tags/hardware/index.html new file mode 100644 index 0000000000..0bf65eea43 --- /dev/null +++ b/tags/hardware/index.html @@ -0,0 +1 @@ + hardware | Techno Tim
Tag

hardware 56

diff --git a/tags/harvester/index.html b/tags/harvester/index.html new file mode 100644 index 0000000000..ac2c394e43 --- /dev/null +++ b/tags/harvester/index.html @@ -0,0 +1 @@ + harvester | Techno Tim
Tag
diff --git a/tags/hashicorp/index.html b/tags/hashicorp/index.html new file mode 100644 index 0000000000..6236be980e --- /dev/null +++ b/tags/hashicorp/index.html @@ -0,0 +1 @@ + hashicorp | Techno Tim
Tag
diff --git a/tags/heimdall/index.html b/tags/heimdall/index.html new file mode 100644 index 0000000000..3b2f016406 --- /dev/null +++ b/tags/heimdall/index.html @@ -0,0 +1 @@ + heimdall | Techno Tim
Tag
diff --git a/tags/helm/index.html b/tags/helm/index.html new file mode 100644 index 0000000000..cb6b1115a8 --- /dev/null +++ b/tags/helm/index.html @@ -0,0 +1 @@ + helm | Techno Tim
Tag
diff --git a/tags/hl15/index.html b/tags/hl15/index.html new file mode 100644 index 0000000000..fb89fea327 --- /dev/null +++ b/tags/hl15/index.html @@ -0,0 +1 @@ + hl15 | Techno Tim
Tag
diff --git a/tags/home-assistant/index.html b/tags/home-assistant/index.html new file mode 100644 index 0000000000..1c46ce6bb5 --- /dev/null +++ b/tags/home-assistant/index.html @@ -0,0 +1 @@ + home-assistant | Techno Tim
Tag
diff --git a/tags/home-automation/index.html b/tags/home-automation/index.html new file mode 100644 index 0000000000..3e5454c633 --- /dev/null +++ b/tags/home-automation/index.html @@ -0,0 +1 @@ + home-automation | Techno Tim
Tag
diff --git a/tags/home-security/index.html b/tags/home-security/index.html new file mode 100644 index 0000000000..2a094f3b78 --- /dev/null +++ b/tags/home-security/index.html @@ -0,0 +1 @@ + home-security | Techno Tim
Tag
diff --git a/tags/homekit/index.html b/tags/homekit/index.html new file mode 100644 index 0000000000..d5afc02480 --- /dev/null +++ b/tags/homekit/index.html @@ -0,0 +1 @@ + homekit | Techno Tim
Tag
diff --git a/tags/homelab/index.html b/tags/homelab/index.html new file mode 100644 index 0000000000..96625de803 --- /dev/null +++ b/tags/homelab/index.html @@ -0,0 +1 @@ + homelab | Techno Tim
Tag

homelab 125

diff --git a/tags/homepage/index.html b/tags/homepage/index.html new file mode 100644 index 0000000000..3eafb560d4 --- /dev/null +++ b/tags/homepage/index.html @@ -0,0 +1 @@ + homepage | Techno Tim
Tag
diff --git a/tags/image/index.html b/tags/image/index.html new file mode 100644 index 0000000000..0a7ed3fb88 --- /dev/null +++ b/tags/image/index.html @@ -0,0 +1 @@ + image | Techno Tim
Tag
diff --git a/tags/ios/index.html b/tags/ios/index.html new file mode 100644 index 0000000000..f059ffddf7 --- /dev/null +++ b/tags/ios/index.html @@ -0,0 +1 @@ + ios | Techno Tim
Tag
diff --git a/tags/iot/index.html b/tags/iot/index.html new file mode 100644 index 0000000000..81cecb6a86 --- /dev/null +++ b/tags/iot/index.html @@ -0,0 +1 @@ + iot | Techno Tim
Tag
diff --git a/tags/javascript/index.html b/tags/javascript/index.html new file mode 100644 index 0000000000..5d9a90b56c --- /dev/null +++ b/tags/javascript/index.html @@ -0,0 +1 @@ + javascript | Techno Tim
Tag
diff --git a/tags/jekyll/index.html b/tags/jekyll/index.html new file mode 100644 index 0000000000..71f2f42253 --- /dev/null +++ b/tags/jekyll/index.html @@ -0,0 +1 @@ + jekyll | Techno Tim
Tag
diff --git a/tags/k3s/index.html b/tags/k3s/index.html new file mode 100644 index 0000000000..2fe4875ae6 --- /dev/null +++ b/tags/k3s/index.html @@ -0,0 +1 @@ + k3s | Techno Tim
Tag
diff --git a/tags/k8s/index.html b/tags/k8s/index.html new file mode 100644 index 0000000000..53b427c80a --- /dev/null +++ b/tags/k8s/index.html @@ -0,0 +1 @@ + k8s | Techno Tim
Tag
diff --git a/tags/keepalived/index.html b/tags/keepalived/index.html new file mode 100644 index 0000000000..2363acac32 --- /dev/null +++ b/tags/keepalived/index.html @@ -0,0 +1 @@ + keepalived | Techno Tim
Tag
diff --git a/tags/kube-vip/index.html b/tags/kube-vip/index.html new file mode 100644 index 0000000000..b5850f8e16 --- /dev/null +++ b/tags/kube-vip/index.html @@ -0,0 +1 @@ + kube-vip | Techno Tim
Tag
diff --git a/tags/kubernetes/index.html b/tags/kubernetes/index.html new file mode 100644 index 0000000000..de79a18e72 --- /dev/null +++ b/tags/kubernetes/index.html @@ -0,0 +1 @@ + kubernetes | Techno Tim
Tag

kubernetes 53

diff --git a/tags/kvm/index.html b/tags/kvm/index.html new file mode 100644 index 0000000000..e4371c05ee --- /dev/null +++ b/tags/kvm/index.html @@ -0,0 +1 @@ + kvm | Techno Tim
Tag
diff --git a/tags/lawn/index.html b/tags/lawn/index.html new file mode 100644 index 0000000000..7509f7ccd7 --- /dev/null +++ b/tags/lawn/index.html @@ -0,0 +1 @@ + lawn | Techno Tim
Tag
diff --git a/tags/lets-encrypt/index.html b/tags/lets-encrypt/index.html new file mode 100644 index 0000000000..7e574e7c31 --- /dev/null +++ b/tags/lets-encrypt/index.html @@ -0,0 +1 @@ + lets-encrypt | Techno Tim
Tag
diff --git a/tags/letsencrypt/index.html b/tags/letsencrypt/index.html new file mode 100644 index 0000000000..f0666b5753 --- /dev/null +++ b/tags/letsencrypt/index.html @@ -0,0 +1 @@ + letsencrypt | Techno Tim
Tag
diff --git a/tags/librespeed/index.html b/tags/librespeed/index.html new file mode 100644 index 0000000000..fdac61811f --- /dev/null +++ b/tags/librespeed/index.html @@ -0,0 +1 @@ + librespeed | Techno Tim
Tag
diff --git a/tags/life/index.html b/tags/life/index.html new file mode 100644 index 0000000000..cb98179ecf --- /dev/null +++ b/tags/life/index.html @@ -0,0 +1 @@ + life | Techno Tim
Tag
diff --git a/tags/linux/index.html b/tags/linux/index.html new file mode 100644 index 0000000000..5245332ebf --- /dev/null +++ b/tags/linux/index.html @@ -0,0 +1 @@ + linux | Techno Tim
Tag

linux 23

diff --git a/tags/littlelink-server/index.html b/tags/littlelink-server/index.html new file mode 100644 index 0000000000..40c7e9b0fa --- /dev/null +++ b/tags/littlelink-server/index.html @@ -0,0 +1 @@ + littlelink-server | Techno Tim
Tag
diff --git a/tags/live/index.html b/tags/live/index.html new file mode 100644 index 0000000000..6cfeab0144 --- /dev/null +++ b/tags/live/index.html @@ -0,0 +1 @@ + live | Techno Tim
Tag
diff --git a/tags/llm/index.html b/tags/llm/index.html new file mode 100644 index 0000000000..ece04ba3f1 --- /dev/null +++ b/tags/llm/index.html @@ -0,0 +1 @@ + llm | Techno Tim
Tag
diff --git a/tags/localsend/index.html b/tags/localsend/index.html new file mode 100644 index 0000000000..6871f5579a --- /dev/null +++ b/tags/localsend/index.html @@ -0,0 +1 @@ + localsend | Techno Tim
Tag
diff --git a/tags/logging/index.html b/tags/logging/index.html new file mode 100644 index 0000000000..c4d3dee909 --- /dev/null +++ b/tags/logging/index.html @@ -0,0 +1 @@ + logging | Techno Tim
Tag
diff --git a/tags/loki/index.html b/tags/loki/index.html new file mode 100644 index 0000000000..8b3d8c5604 --- /dev/null +++ b/tags/loki/index.html @@ -0,0 +1 @@ + loki | Techno Tim
Tag
diff --git a/tags/longhorn/index.html b/tags/longhorn/index.html new file mode 100644 index 0000000000..f460781268 --- /dev/null +++ b/tags/longhorn/index.html @@ -0,0 +1 @@ + longhorn | Techno Tim
Tag
diff --git a/tags/lxc/index.html b/tags/lxc/index.html new file mode 100644 index 0000000000..ca67a61975 --- /dev/null +++ b/tags/lxc/index.html @@ -0,0 +1 @@ + lxc | Techno Tim
Tag
diff --git a/tags/maas/index.html b/tags/maas/index.html new file mode 100644 index 0000000000..acf1324a1c --- /dev/null +++ b/tags/maas/index.html @@ -0,0 +1 @@ + maas | Techno Tim
Tag
diff --git a/tags/mac-studio/index.html b/tags/mac-studio/index.html new file mode 100644 index 0000000000..651b8a7922 --- /dev/null +++ b/tags/mac-studio/index.html @@ -0,0 +1 @@ + mac-studio | Techno Tim
Tag
diff --git a/tags/mac/index.html b/tags/mac/index.html new file mode 100644 index 0000000000..55a863a3a8 --- /dev/null +++ b/tags/mac/index.html @@ -0,0 +1 @@ + mac | Techno Tim
Tag
diff --git a/tags/machine-learning/index.html b/tags/machine-learning/index.html new file mode 100644 index 0000000000..8e2325b12d --- /dev/null +++ b/tags/machine-learning/index.html @@ -0,0 +1 @@ + machine-learning | Techno Tim
Tag
diff --git a/tags/macos/index.html b/tags/macos/index.html new file mode 100644 index 0000000000..bf564fbcb0 --- /dev/null +++ b/tags/macos/index.html @@ -0,0 +1 @@ + macos | Techno Tim
Tag
diff --git a/tags/mariabdb/index.html b/tags/mariabdb/index.html new file mode 100644 index 0000000000..ec62889714 --- /dev/null +++ b/tags/mariabdb/index.html @@ -0,0 +1 @@ + mariabdb | Techno Tim
Tag
diff --git a/tags/merch/index.html b/tags/merch/index.html new file mode 100644 index 0000000000..bb1fdadcbc --- /dev/null +++ b/tags/merch/index.html @@ -0,0 +1 @@ + merch | Techno Tim
Tag
diff --git a/tags/metal-lb/index.html b/tags/metal-lb/index.html new file mode 100644 index 0000000000..c7ec31cdb8 --- /dev/null +++ b/tags/metal-lb/index.html @@ -0,0 +1 @@ + metal-lb | Techno Tim
Tag
diff --git a/tags/metallb/index.html b/tags/metallb/index.html new file mode 100644 index 0000000000..84980363f6 --- /dev/null +++ b/tags/metallb/index.html @@ -0,0 +1 @@ + metallb | Techno Tim
Tag
diff --git a/tags/microsd/index.html b/tags/microsd/index.html new file mode 100644 index 0000000000..9db00f375d --- /dev/null +++ b/tags/microsd/index.html @@ -0,0 +1 @@ + microsd | Techno Tim
Tag
diff --git a/tags/microsoft/index.html b/tags/microsoft/index.html new file mode 100644 index 0000000000..cabeaf7170 --- /dev/null +++ b/tags/microsoft/index.html @@ -0,0 +1 @@ + microsoft | Techno Tim
Tag
diff --git a/tags/minecraft/index.html b/tags/minecraft/index.html new file mode 100644 index 0000000000..4e421598ef --- /dev/null +++ b/tags/minecraft/index.html @@ -0,0 +1 @@ + minecraft | Techno Tim
Tag
diff --git a/tags/mini-rack/index.html b/tags/mini-rack/index.html new file mode 100644 index 0000000000..2f60c237e0 --- /dev/null +++ b/tags/mini-rack/index.html @@ -0,0 +1 @@ + mini-rack | Techno Tim
Tag
diff --git a/tags/monitoring/index.html b/tags/monitoring/index.html new file mode 100644 index 0000000000..5286732b43 --- /dev/null +++ b/tags/monitoring/index.html @@ -0,0 +1 @@ + monitoring | Techno Tim
Tag
diff --git a/tags/mozilla/index.html b/tags/mozilla/index.html new file mode 100644 index 0000000000..464a435534 --- /dev/null +++ b/tags/mozilla/index.html @@ -0,0 +1 @@ + mozilla | Techno Tim
Tag
diff --git a/tags/multus/index.html b/tags/multus/index.html new file mode 100644 index 0000000000..fe16273aac --- /dev/null +++ b/tags/multus/index.html @@ -0,0 +1 @@ + multus | Techno Tim
Tag
diff --git a/tags/mysql/index.html b/tags/mysql/index.html new file mode 100644 index 0000000000..4b1183c4ef --- /dev/null +++ b/tags/mysql/index.html @@ -0,0 +1 @@ + mysql | Techno Tim
Tag
diff --git a/tags/nas/index.html b/tags/nas/index.html new file mode 100644 index 0000000000..1fb03f2a01 --- /dev/null +++ b/tags/nas/index.html @@ -0,0 +1 @@ + nas | Techno Tim
Tag
diff --git a/tags/netbootxyz/index.html b/tags/netbootxyz/index.html new file mode 100644 index 0000000000..db2662c11a --- /dev/null +++ b/tags/netbootxyz/index.html @@ -0,0 +1 @@ + netbootxyz | Techno Tim
Tag
diff --git a/tags/network/index.html b/tags/network/index.html new file mode 100644 index 0000000000..dc739a2da8 --- /dev/null +++ b/tags/network/index.html @@ -0,0 +1 @@ + network | Techno Tim
Tag
diff --git a/tags/networking/index.html b/tags/networking/index.html new file mode 100644 index 0000000000..f0f664f3a5 --- /dev/null +++ b/tags/networking/index.html @@ -0,0 +1 @@ + networking | Techno Tim
Tag
diff --git a/tags/nextcloud/index.html b/tags/nextcloud/index.html new file mode 100644 index 0000000000..700daeebb5 --- /dev/null +++ b/tags/nextcloud/index.html @@ -0,0 +1 @@ + nextcloud | Techno Tim
Tag
diff --git a/tags/nginx/index.html b/tags/nginx/index.html new file mode 100644 index 0000000000..08f33a60ed --- /dev/null +++ b/tags/nginx/index.html @@ -0,0 +1 @@ + nginx | Techno Tim
Tag
diff --git a/tags/node/index.html b/tags/node/index.html new file mode 100644 index 0000000000..feb46a3c8b --- /dev/null +++ b/tags/node/index.html @@ -0,0 +1 @@ + node | Techno Tim
Tag
diff --git a/tags/nut/index.html b/tags/nut/index.html new file mode 100644 index 0000000000..e065299f0e --- /dev/null +++ b/tags/nut/index.html @@ -0,0 +1 @@ + nut | Techno Tim
Tag
diff --git a/tags/nvidia/index.html b/tags/nvidia/index.html new file mode 100644 index 0000000000..a6167dee0a --- /dev/null +++ b/tags/nvidia/index.html @@ -0,0 +1 @@ + nvidia | Techno Tim
Tag
diff --git a/tags/nvm/index.html b/tags/nvm/index.html new file mode 100644 index 0000000000..d4ffb62981 --- /dev/null +++ b/tags/nvm/index.html @@ -0,0 +1 @@ + nvm | Techno Tim
Tag
diff --git a/tags/nvme/index.html b/tags/nvme/index.html new file mode 100644 index 0000000000..c834ae5f7f --- /dev/null +++ b/tags/nvme/index.html @@ -0,0 +1 @@ + nvme | Techno Tim
Tag
diff --git a/tags/obs/index.html b/tags/obs/index.html new file mode 100644 index 0000000000..42bd3c8a38 --- /dev/null +++ b/tags/obs/index.html @@ -0,0 +1 @@ + obs | Techno Tim
Tag
diff --git a/tags/office/index.html b/tags/office/index.html new file mode 100644 index 0000000000..598bd1e953 --- /dev/null +++ b/tags/office/index.html @@ -0,0 +1 @@ + office | Techno Tim
Tag
diff --git a/tags/ollama/index.html b/tags/ollama/index.html new file mode 100644 index 0000000000..a5be701663 --- /dev/null +++ b/tags/ollama/index.html @@ -0,0 +1 @@ + ollama | Techno Tim
Tag
diff --git a/tags/open-source/index.html b/tags/open-source/index.html new file mode 100644 index 0000000000..5486b2ebf8 --- /dev/null +++ b/tags/open-source/index.html @@ -0,0 +1 @@ + open-source | Techno Tim
Tag
diff --git a/tags/opensource/index.html b/tags/opensource/index.html new file mode 100644 index 0000000000..bbf9fa1c83 --- /dev/null +++ b/tags/opensource/index.html @@ -0,0 +1 @@ + opensource | Techno Tim
Tag
diff --git a/tags/openwrt/index.html b/tags/openwrt/index.html new file mode 100644 index 0000000000..b5383332d2 --- /dev/null +++ b/tags/openwrt/index.html @@ -0,0 +1 @@ + openwrt | Techno Tim
Tag
diff --git a/tags/ota/index.html b/tags/ota/index.html new file mode 100644 index 0000000000..6904bf6ebf --- /dev/null +++ b/tags/ota/index.html @@ -0,0 +1 @@ + ota | Techno Tim
Tag
diff --git a/tags/packer/index.html b/tags/packer/index.html new file mode 100644 index 0000000000..54019e1996 --- /dev/null +++ b/tags/packer/index.html @@ -0,0 +1 @@ + packer | Techno Tim
Tag
diff --git a/tags/pc/index.html b/tags/pc/index.html new file mode 100644 index 0000000000..0d0f9b11a9 --- /dev/null +++ b/tags/pc/index.html @@ -0,0 +1 @@ + pc | Techno Tim
Tag
diff --git a/tags/pdu/index.html b/tags/pdu/index.html new file mode 100644 index 0000000000..480a339a92 --- /dev/null +++ b/tags/pdu/index.html @@ -0,0 +1 @@ + pdu | Techno Tim
Tag
diff --git a/tags/pfsense/index.html b/tags/pfsense/index.html new file mode 100644 index 0000000000..fd11cc360d --- /dev/null +++ b/tags/pfsense/index.html @@ -0,0 +1 @@ + pfsense | Techno Tim
Tag
diff --git a/tags/pi-hole/index.html b/tags/pi-hole/index.html new file mode 100644 index 0000000000..124bd72f40 --- /dev/null +++ b/tags/pi-hole/index.html @@ -0,0 +1 @@ + pi-hole | Techno Tim
Tag
diff --git a/tags/pi/index.html b/tags/pi/index.html new file mode 100644 index 0000000000..6c06dc0fbc --- /dev/null +++ b/tags/pi/index.html @@ -0,0 +1 @@ + pi | Techno Tim
Tag
diff --git a/tags/pihole/index.html b/tags/pihole/index.html new file mode 100644 index 0000000000..f252453225 --- /dev/null +++ b/tags/pihole/index.html @@ -0,0 +1 @@ + pihole | Techno Tim
Tag
diff --git a/tags/pikvm/index.html b/tags/pikvm/index.html new file mode 100644 index 0000000000..323d9b52e9 --- /dev/null +++ b/tags/pikvm/index.html @@ -0,0 +1 @@ + pikvm | Techno Tim
Tag
diff --git a/tags/plex/index.html b/tags/plex/index.html new file mode 100644 index 0000000000..83027a0e8c --- /dev/null +++ b/tags/plex/index.html @@ -0,0 +1 @@ + plex | Techno Tim
Tag
diff --git a/tags/poe/index.html b/tags/poe/index.html new file mode 100644 index 0000000000..65aebd6e83 --- /dev/null +++ b/tags/poe/index.html @@ -0,0 +1 @@ + poe | Techno Tim
Tag
diff --git a/tags/portainer/index.html b/tags/portainer/index.html new file mode 100644 index 0000000000..f336561611 --- /dev/null +++ b/tags/portainer/index.html @@ -0,0 +1 @@ + portainer | Techno Tim
Tag

portainer 25

diff --git a/tags/powertoys/index.html b/tags/powertoys/index.html new file mode 100644 index 0000000000..5f875f6453 --- /dev/null +++ b/tags/powertoys/index.html @@ -0,0 +1 @@ + powertoys | Techno Tim
Tag
diff --git a/tags/productivity/index.html b/tags/productivity/index.html new file mode 100644 index 0000000000..8730612aa4 --- /dev/null +++ b/tags/productivity/index.html @@ -0,0 +1 @@ + productivity | Techno Tim
Tag
diff --git a/tags/prometheus/index.html b/tags/prometheus/index.html new file mode 100644 index 0000000000..cb9d51b543 --- /dev/null +++ b/tags/prometheus/index.html @@ -0,0 +1 @@ + prometheus | Techno Tim
Tag
diff --git a/tags/promtail/index.html b/tags/promtail/index.html new file mode 100644 index 0000000000..4feafed832 --- /dev/null +++ b/tags/promtail/index.html @@ -0,0 +1 @@ + promtail | Techno Tim
Tag
diff --git a/tags/protect/index.html b/tags/protect/index.html new file mode 100644 index 0000000000..cb9f0bee33 --- /dev/null +++ b/tags/protect/index.html @@ -0,0 +1 @@ + protect | Techno Tim
Tag
diff --git a/tags/proxmox/index.html b/tags/proxmox/index.html new file mode 100644 index 0000000000..8b66d958ad --- /dev/null +++ b/tags/proxmox/index.html @@ -0,0 +1 @@ + proxmox | Techno Tim
Tag

proxmox 26

diff --git a/tags/pterodactyl/index.html b/tags/pterodactyl/index.html new file mode 100644 index 0000000000..07cfe2206d --- /dev/null +++ b/tags/pterodactyl/index.html @@ -0,0 +1 @@ + pterodactyl | Techno Tim
Tag
diff --git a/tags/pxe/index.html b/tags/pxe/index.html new file mode 100644 index 0000000000..fc8e436ff7 --- /dev/null +++ b/tags/pxe/index.html @@ -0,0 +1 @@ + pxe | Techno Tim
Tag
diff --git a/tags/rackstuds/index.html b/tags/rackstuds/index.html new file mode 100644 index 0000000000..81d2937db7 --- /dev/null +++ b/tags/rackstuds/index.html @@ -0,0 +1 @@ + rackstuds | Techno Tim
Tag
diff --git a/tags/rancher/index.html b/tags/rancher/index.html new file mode 100644 index 0000000000..19517ee087 --- /dev/null +++ b/tags/rancher/index.html @@ -0,0 +1 @@ + rancher | Techno Tim
Tag

rancher 40

diff --git a/tags/raspberry-pi/index.html b/tags/raspberry-pi/index.html new file mode 100644 index 0000000000..81cda44faf --- /dev/null +++ b/tags/raspberry-pi/index.html @@ -0,0 +1 @@ + raspberry-pi | Techno Tim
Tag
diff --git a/tags/rdp/index.html b/tags/rdp/index.html new file mode 100644 index 0000000000..31dc7e4d81 --- /dev/null +++ b/tags/rdp/index.html @@ -0,0 +1 @@ + rdp | Techno Tim
Tag
diff --git a/tags/redis/index.html b/tags/redis/index.html new file mode 100644 index 0000000000..cd14c5e542 --- /dev/null +++ b/tags/redis/index.html @@ -0,0 +1 @@ + redis | Techno Tim
Tag
diff --git a/tags/reflector/index.html b/tags/reflector/index.html new file mode 100644 index 0000000000..bd12754b1e --- /dev/null +++ b/tags/reflector/index.html @@ -0,0 +1 @@ + reflector | Techno Tim
Tag
diff --git a/tags/renovate/index.html b/tags/renovate/index.html new file mode 100644 index 0000000000..79019e0d35 --- /dev/null +++ b/tags/renovate/index.html @@ -0,0 +1 @@ + renovate | Techno Tim
Tag
diff --git a/tags/rgb/index.html b/tags/rgb/index.html new file mode 100644 index 0000000000..63b2e759a8 --- /dev/null +++ b/tags/rgb/index.html @@ -0,0 +1 @@ + rgb | Techno Tim
Tag
diff --git a/tags/rke2/index.html b/tags/rke2/index.html new file mode 100644 index 0000000000..827fc889fd --- /dev/null +++ b/tags/rke2/index.html @@ -0,0 +1 @@ + rke2 | Techno Tim
Tag
diff --git a/tags/scrypted/index.html b/tags/scrypted/index.html new file mode 100644 index 0000000000..9a1e7f771e --- /dev/null +++ b/tags/scrypted/index.html @@ -0,0 +1 @@ + scrypted | Techno Tim
Tag
diff --git a/tags/secops/index.html b/tags/secops/index.html new file mode 100644 index 0000000000..26c32e1081 --- /dev/null +++ b/tags/secops/index.html @@ -0,0 +1 @@ + secops | Techno Tim
Tag
diff --git a/tags/secrets/index.html b/tags/secrets/index.html new file mode 100644 index 0000000000..35418423b2 --- /dev/null +++ b/tags/secrets/index.html @@ -0,0 +1 @@ + secrets | Techno Tim
Tag
diff --git a/tags/security/index.html b/tags/security/index.html new file mode 100644 index 0000000000..8f7f44c5db --- /dev/null +++ b/tags/security/index.html @@ -0,0 +1 @@ + security | Techno Tim
Tag
diff --git a/tags/self-hosted/index.html b/tags/self-hosted/index.html new file mode 100644 index 0000000000..8d8d2faa25 --- /dev/null +++ b/tags/self-hosted/index.html @@ -0,0 +1 @@ + self-hosted | Techno Tim
Tag

self-hosted 31

diff --git a/tags/server-rack/index.html b/tags/server-rack/index.html new file mode 100644 index 0000000000..c32d9c06a7 --- /dev/null +++ b/tags/server-rack/index.html @@ -0,0 +1 @@ + server-rack | Techno Tim
Tag
diff --git a/tags/server/index.html b/tags/server/index.html new file mode 100644 index 0000000000..3dc0921d88 --- /dev/null +++ b/tags/server/index.html @@ -0,0 +1 @@ + server | Techno Tim
Tag
diff --git a/tags/shlink/index.html b/tags/shlink/index.html new file mode 100644 index 0000000000..ce675f15f2 --- /dev/null +++ b/tags/shlink/index.html @@ -0,0 +1 @@ + shlink | Techno Tim
Tag
diff --git a/tags/slack/index.html b/tags/slack/index.html new file mode 100644 index 0000000000..078d9977f0 --- /dev/null +++ b/tags/slack/index.html @@ -0,0 +1 @@ + slack | Techno Tim
Tag
diff --git a/tags/smart-home/index.html b/tags/smart-home/index.html new file mode 100644 index 0000000000..1eef61e105 --- /dev/null +++ b/tags/smart-home/index.html @@ -0,0 +1 @@ + smart-home | Techno Tim
Tag
diff --git a/tags/software/index.html b/tags/software/index.html new file mode 100644 index 0000000000..4502743869 --- /dev/null +++ b/tags/software/index.html @@ -0,0 +1 @@ + software | Techno Tim
Tag
diff --git a/tags/sonnet/index.html b/tags/sonnet/index.html new file mode 100644 index 0000000000..22b2b19e7a --- /dev/null +++ b/tags/sonnet/index.html @@ -0,0 +1 @@ + sonnet | Techno Tim
Tag
diff --git a/tags/sops/index.html b/tags/sops/index.html new file mode 100644 index 0000000000..5f7a1d37a4 --- /dev/null +++ b/tags/sops/index.html @@ -0,0 +1 @@ + sops | Techno Tim
Tag
diff --git a/tags/ssd/index.html b/tags/ssd/index.html new file mode 100644 index 0000000000..5c025029fa --- /dev/null +++ b/tags/ssd/index.html @@ -0,0 +1 @@ + ssd | Techno Tim
Tag
diff --git a/tags/ssh/index.html b/tags/ssh/index.html new file mode 100644 index 0000000000..d08aefd867 --- /dev/null +++ b/tags/ssh/index.html @@ -0,0 +1 @@ + ssh | Techno Tim
Tag
diff --git a/tags/ssl/index.html b/tags/ssl/index.html new file mode 100644 index 0000000000..5521f93ee3 --- /dev/null +++ b/tags/ssl/index.html @@ -0,0 +1 @@ + ssl | Techno Tim
Tag
diff --git a/tags/storage/index.html b/tags/storage/index.html new file mode 100644 index 0000000000..f9671e4934 --- /dev/null +++ b/tags/storage/index.html @@ -0,0 +1 @@ + storage | Techno Tim
Tag
diff --git a/tags/storinator/index.html b/tags/storinator/index.html new file mode 100644 index 0000000000..8eaa19fe8e --- /dev/null +++ b/tags/storinator/index.html @@ -0,0 +1 @@ + storinator | Techno Tim
Tag
diff --git a/tags/stream-deck/index.html b/tags/stream-deck/index.html new file mode 100644 index 0000000000..58890d1d9c --- /dev/null +++ b/tags/stream-deck/index.html @@ -0,0 +1 @@ + stream-deck | Techno Tim
Tag
diff --git a/tags/streaming/index.html b/tags/streaming/index.html new file mode 100644 index 0000000000..4de91f8383 --- /dev/null +++ b/tags/streaming/index.html @@ -0,0 +1 @@ + streaming | Techno Tim
Tag
diff --git a/tags/streamlabs/index.html b/tags/streamlabs/index.html new file mode 100644 index 0000000000..a893dfc909 --- /dev/null +++ b/tags/streamlabs/index.html @@ -0,0 +1 @@ + streamlabs | Techno Tim
Tag
diff --git a/tags/studio/index.html b/tags/studio/index.html new file mode 100644 index 0000000000..c538ce32bf --- /dev/null +++ b/tags/studio/index.html @@ -0,0 +1 @@ + studio | Techno Tim
Tag
diff --git a/tags/sysracks/index.html b/tags/sysracks/index.html new file mode 100644 index 0000000000..e6c2087824 --- /dev/null +++ b/tags/sysracks/index.html @@ -0,0 +1 @@ + sysracks | Techno Tim
Tag
diff --git a/tags/tdarr/index.html b/tags/tdarr/index.html new file mode 100644 index 0000000000..b7b5a34932 --- /dev/null +++ b/tags/tdarr/index.html @@ -0,0 +1 @@ + tdarr | Techno Tim
Tag
diff --git a/tags/terminal/index.html b/tags/terminal/index.html new file mode 100644 index 0000000000..c3b5f636ab --- /dev/null +++ b/tags/terminal/index.html @@ -0,0 +1 @@ + terminal | Techno Tim
Tag
diff --git a/tags/terraform/index.html b/tags/terraform/index.html new file mode 100644 index 0000000000..5a1a099dd1 --- /dev/null +++ b/tags/terraform/index.html @@ -0,0 +1 @@ + terraform | Techno Tim
Tag
diff --git a/tags/tesmart/index.html b/tags/tesmart/index.html new file mode 100644 index 0000000000..8393579252 --- /dev/null +++ b/tags/tesmart/index.html @@ -0,0 +1 @@ + tesmart | Techno Tim
Tag
diff --git a/tags/thunderbolt/index.html b/tags/thunderbolt/index.html new file mode 100644 index 0000000000..294ba51fc8 --- /dev/null +++ b/tags/thunderbolt/index.html @@ -0,0 +1 @@ + thunderbolt | Techno Tim
Tag
diff --git a/tags/tools/index.html b/tags/tools/index.html new file mode 100644 index 0000000000..ee32ebd59e --- /dev/null +++ b/tags/tools/index.html @@ -0,0 +1 @@ + tools | Techno Tim
Tag
diff --git a/tags/touch-portal/index.html b/tags/touch-portal/index.html new file mode 100644 index 0000000000..d08769e3e2 --- /dev/null +++ b/tags/touch-portal/index.html @@ -0,0 +1 @@ + touch-portal | Techno Tim
Tag
diff --git a/tags/tour/index.html b/tags/tour/index.html new file mode 100644 index 0000000000..4afca54573 --- /dev/null +++ b/tags/tour/index.html @@ -0,0 +1 @@ + tour | Techno Tim
Tag
diff --git a/tags/traefik/index.html b/tags/traefik/index.html new file mode 100644 index 0000000000..4ee8e76651 --- /dev/null +++ b/tags/traefik/index.html @@ -0,0 +1 @@ + traefik | Techno Tim
Tag
diff --git a/tags/travel/index.html b/tags/travel/index.html new file mode 100644 index 0000000000..d6abecf751 --- /dev/null +++ b/tags/travel/index.html @@ -0,0 +1 @@ + travel | Techno Tim
Tag
diff --git a/tags/tripp-lite/index.html b/tags/tripp-lite/index.html new file mode 100644 index 0000000000..6fd4290280 --- /dev/null +++ b/tags/tripp-lite/index.html @@ -0,0 +1 @@ + tripp-lite | Techno Tim
Tag
diff --git a/tags/truenas/index.html b/tags/truenas/index.html new file mode 100644 index 0000000000..ce9f867fdf --- /dev/null +++ b/tags/truenas/index.html @@ -0,0 +1 @@ + truenas | Techno Tim
Tag
diff --git a/tags/turing-pi/index.html b/tags/turing-pi/index.html new file mode 100644 index 0000000000..6c32f87bf2 --- /dev/null +++ b/tags/turing-pi/index.html @@ -0,0 +1 @@ + turing-pi | Techno Tim
Tag
diff --git a/tags/tv/index.html b/tags/tv/index.html new file mode 100644 index 0000000000..5957ea2335 --- /dev/null +++ b/tags/tv/index.html @@ -0,0 +1 @@ + tv | Techno Tim
Tag
diff --git a/tags/twitch/index.html b/tags/twitch/index.html new file mode 100644 index 0000000000..64c73571a3 --- /dev/null +++ b/tags/twitch/index.html @@ -0,0 +1 @@ + twitch | Techno Tim
Tag
diff --git a/tags/ubiquiti/index.html b/tags/ubiquiti/index.html new file mode 100644 index 0000000000..23abafd7ad --- /dev/null +++ b/tags/ubiquiti/index.html @@ -0,0 +1 @@ + ubiquiti | Techno Tim
Tag
diff --git a/tags/ubuntu/index.html b/tags/ubuntu/index.html new file mode 100644 index 0000000000..ef1bf9b152 --- /dev/null +++ b/tags/ubuntu/index.html @@ -0,0 +1 @@ + ubuntu | Techno Tim
Tag
diff --git a/tags/udm/index.html b/tags/udm/index.html new file mode 100644 index 0000000000..44e4ee0c0e --- /dev/null +++ b/tags/udm/index.html @@ -0,0 +1 @@ + udm | Techno Tim
Tag
diff --git a/tags/ultrawide/index.html b/tags/ultrawide/index.html new file mode 100644 index 0000000000..36762446eb --- /dev/null +++ b/tags/ultrawide/index.html @@ -0,0 +1 @@ + ultrawide | Techno Tim
Tag
diff --git a/tags/unboxing/index.html b/tags/unboxing/index.html new file mode 100644 index 0000000000..f4dff4ea4f --- /dev/null +++ b/tags/unboxing/index.html @@ -0,0 +1 @@ + unboxing | Techno Tim
Tag
diff --git a/tags/unifi/index.html b/tags/unifi/index.html new file mode 100644 index 0000000000..1f5d8a993d --- /dev/null +++ b/tags/unifi/index.html @@ -0,0 +1 @@ + unifi | Techno Tim
Tag
diff --git a/tags/unraid/index.html b/tags/unraid/index.html new file mode 100644 index 0000000000..e9d9973740 --- /dev/null +++ b/tags/unraid/index.html @@ -0,0 +1 @@ + unraid | Techno Tim
Tag
diff --git a/tags/ups/index.html b/tags/ups/index.html new file mode 100644 index 0000000000..a4558444fd --- /dev/null +++ b/tags/ups/index.html @@ -0,0 +1 @@ + ups | Techno Tim
Tag
diff --git a/tags/uptime-kuma/index.html b/tags/uptime-kuma/index.html new file mode 100644 index 0000000000..112f0b862d --- /dev/null +++ b/tags/uptime-kuma/index.html @@ -0,0 +1 @@ + uptime-kuma | Techno Tim
Tag
diff --git a/tags/ventoy/index.html b/tags/ventoy/index.html new file mode 100644 index 0000000000..09c50fdf0d --- /dev/null +++ b/tags/ventoy/index.html @@ -0,0 +1 @@ + ventoy | Techno Tim
Tag
diff --git a/tags/virtualization/index.html b/tags/virtualization/index.html new file mode 100644 index 0000000000..e5a018402e --- /dev/null +++ b/tags/virtualization/index.html @@ -0,0 +1 @@ + virtualization | Techno Tim
Tag
diff --git a/tags/vlan/index.html b/tags/vlan/index.html new file mode 100644 index 0000000000..b288847d3f --- /dev/null +++ b/tags/vlan/index.html @@ -0,0 +1 @@ + vlan | Techno Tim
Tag
diff --git a/tags/vnc/index.html b/tags/vnc/index.html new file mode 100644 index 0000000000..7eb47fbe72 --- /dev/null +++ b/tags/vnc/index.html @@ -0,0 +1 @@ + vnc | Techno Tim
Tag
diff --git a/tags/vpn/index.html b/tags/vpn/index.html new file mode 100644 index 0000000000..45a76c44f7 --- /dev/null +++ b/tags/vpn/index.html @@ -0,0 +1 @@ + vpn | Techno Tim
Tag
diff --git a/tags/vscode/index.html b/tags/vscode/index.html new file mode 100644 index 0000000000..2fec18d485 --- /dev/null +++ b/tags/vscode/index.html @@ -0,0 +1 @@ + vscode | Techno Tim
Tag
diff --git a/tags/wake-on-lan/index.html b/tags/wake-on-lan/index.html new file mode 100644 index 0000000000..72d04d211a --- /dev/null +++ b/tags/wake-on-lan/index.html @@ -0,0 +1 @@ + wake-on-lan | Techno Tim
Tag
diff --git a/tags/weather/index.html b/tags/weather/index.html new file mode 100644 index 0000000000..a0bccd7297 --- /dev/null +++ b/tags/weather/index.html @@ -0,0 +1 @@ + weather | Techno Tim
Tag
diff --git a/tags/website/index.html b/tags/website/index.html new file mode 100644 index 0000000000..ffd47fc3a1 --- /dev/null +++ b/tags/website/index.html @@ -0,0 +1 @@ + website | Techno Tim
Tag
diff --git a/tags/webtop/index.html b/tags/webtop/index.html new file mode 100644 index 0000000000..ea0cee19c9 --- /dev/null +++ b/tags/webtop/index.html @@ -0,0 +1 @@ + webtop | Techno Tim
Tag
diff --git a/tags/whisper/index.html b/tags/whisper/index.html new file mode 100644 index 0000000000..a2a0712bcb --- /dev/null +++ b/tags/whisper/index.html @@ -0,0 +1 @@ + whisper | Techno Tim
Tag
diff --git a/tags/windows-11/index.html b/tags/windows-11/index.html new file mode 100644 index 0000000000..32a29e36fe --- /dev/null +++ b/tags/windows-11/index.html @@ -0,0 +1 @@ + windows-11 | Techno Tim
Tag
diff --git a/tags/windows/index.html b/tags/windows/index.html new file mode 100644 index 0000000000..4857ec00f2 --- /dev/null +++ b/tags/windows/index.html @@ -0,0 +1 @@ + windows | Techno Tim
Tag
diff --git a/tags/wireguard/index.html b/tags/wireguard/index.html new file mode 100644 index 0000000000..c1b379fda2 --- /dev/null +++ b/tags/wireguard/index.html @@ -0,0 +1 @@ + wireguard | Techno Tim
Tag
diff --git a/tags/wol/index.html b/tags/wol/index.html new file mode 100644 index 0000000000..c8ed6bdb2b --- /dev/null +++ b/tags/wol/index.html @@ -0,0 +1 @@ + wol | Techno Tim
Tag
diff --git a/tags/wsl/index.html b/tags/wsl/index.html new file mode 100644 index 0000000000..730742cba7 --- /dev/null +++ b/tags/wsl/index.html @@ -0,0 +1 @@ + wsl | Techno Tim
Tag
diff --git a/tags/xmac-studio/index.html b/tags/xmac-studio/index.html new file mode 100644 index 0000000000..ba307bd819 --- /dev/null +++ b/tags/xmac-studio/index.html @@ -0,0 +1 @@ + xmac-studio | Techno Tim
Tag
diff --git a/tags/youtube/index.html b/tags/youtube/index.html new file mode 100644 index 0000000000..ae0edd4276 --- /dev/null +++ b/tags/youtube/index.html @@ -0,0 +1 @@ + youtube | Techno Tim
Tag
diff --git a/tags/zfs/index.html b/tags/zfs/index.html new file mode 100644 index 0000000000..f448ef5bb2 --- /dev/null +++ b/tags/zfs/index.html @@ -0,0 +1 @@ + zfs | Techno Tim
Tag
diff --git a/tags/zigbee/index.html b/tags/zigbee/index.html new file mode 100644 index 0000000000..d462b6d4b7 --- /dev/null +++ b/tags/zigbee/index.html @@ -0,0 +1 @@ + zigbee | Techno Tim
Tag
diff --git a/tags/zimablade/index.html b/tags/zimablade/index.html new file mode 100644 index 0000000000..4ce3761f27 --- /dev/null +++ b/tags/zimablade/index.html @@ -0,0 +1 @@ + zimablade | Techno Tim
Tag
diff --git a/tags/zimaboard/index.html b/tags/zimaboard/index.html new file mode 100644 index 0000000000..e10cbf1809 --- /dev/null +++ b/tags/zimaboard/index.html @@ -0,0 +1 @@ + zimaboard | Techno Tim
Tag
diff --git a/tags/zsh/index.html b/tags/zsh/index.html new file mode 100644 index 0000000000..96d8319c95 --- /dev/null +++ b/tags/zsh/index.html @@ -0,0 +1 @@ + zsh | Techno Tim
Tag