jerry
/
private-schrijfsels-en-notities
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

vault backup: 2025-01-26 20:03:13

This commit is contained in:
Jerry Jacobs 2025-01-26 20:03:13 +01:00
parent baddbb4d85
commit 8ffe3912e8
3 changed files with 409 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.obsidian/workspace.json vendored
View File

@ -164,9 +164,10 @@
}, },
"active": "316987f51496a482", "active": "316987f51496a482",
"lastOpenFiles": [ "lastOpenFiles": [
"2025/xg-infra-upgrade-2025.sync-conflict-20250126-182027-OZPPIBC.md",
"2025/xg-infra-upgrade-2025.md",
"2025/goede-voornemens-2025.md", "2025/goede-voornemens-2025.md",
"2025/uitnodiging-jerry-maria-verjaardag-dinnerparty-2025.png", "2025/uitnodiging-jerry-maria-verjaardag-dinnerparty-2025.png",
"2025/xg-infra-upgrade-2025.md",
"2024/ggz-poh-mijnpositievegezondheid.net/Mijn Positieve Gezondheid - 2024-11-08.pdf", "2024/ggz-poh-mijnpositievegezondheid.net/Mijn Positieve Gezondheid - 2024-11-08.pdf",
"2024/ggz-poh-mijnpositievegezondheid.net", "2024/ggz-poh-mijnpositievegezondheid.net",
"2024/freebsd/Proxmox vs FreeBSD_ Which Virtualization Host Performs Better_ - IT Notes - https___it-notes.dragas.net_.mhtml", "2024/freebsd/Proxmox vs FreeBSD_ Which Virtualization Host Performs Better_ - IT Notes - https___it-notes.dragas.net_.mhtml",

211
.obsidian/workspace.sync-conflict-20250126-182018-OZPPIBC.json vendored Normal file
View File

@ -0,0 +1,211 @@
{
"main": {
"id": "80dfc042c640b15d",
"type": "split",
"children": [
{
"id": "0ad06b0c6fda37c6",
"type": "tabs",
"children": [
{
"id": "a56ea6335de7aaa4",
"type": "leaf",
"state": {
"type": "empty",
"state": {},
"icon": "lucide-file",
"title": "New tab"
}
}
]
}
],
"direction": "vertical"
},
"left": {
"id": "590610b14e29519d",
"type": "split",
"children": [
{
"id": "af92d155439dd2e9",
"type": "tabs",
"children": [
{
"id": "a6af6521d0a87290",
"type": "leaf",
"state": {
"type": "file-explorer",
"state": {
"sortOrder": "alphabetical"
},
"icon": "lucide-folder-closed",
"title": "Files"
}
},
{
"id": "783320241c5007e2",
"type": "leaf",
"state": {
"type": "search",
"state": {
"query": "infra",
"matchingCase": false,
"explainSearch": false,
"collapseAll": false,
"extraContext": false,
"sortOrder": "alphabetical"
},
"icon": "lucide-search",
"title": "Search"
}
},
{
"id": "9fd1befacbc60855",
"type": "leaf",
"state": {
"type": "bookmarks",
"state": {},
"icon": "lucide-bookmark",
"title": "Bookmarks"
}
}
],
"currentTab": 1
}
],
"direction": "horizontal",
"width": 300
},
"right": {
"id": "a604f67a04e15115",
"type": "split",
"children": [
{
"id": "5aa370a223f7373d",
"type": "tabs",
"children": [
{
"id": "e898fba6fc2202a4",
"type": "leaf",
"state": {
"type": "backlink",
"state": {
"file": "2025/xg-infra-upgrade-2025.md",
"collapseAll": false,
"extraContext": false,
"sortOrder": "alphabetical",
"showSearch": false,
"searchQuery": "",
"backlinkCollapsed": false,
"unlinkedCollapsed": true
},
"icon": "links-coming-in",
"title": "Backlinks for xg-infra-upgrade-2025"
}
},
{
"id": "59e072f96f7cae77",
"type": "leaf",
"state": {
"type": "outgoing-link",
"state": {
"file": "2025/xg-infra-upgrade-2025.md",
"linksCollapsed": false,
"unlinkedCollapsed": true
},
"icon": "links-going-out",
"title": "Outgoing links from xg-infra-upgrade-2025"
}
},
{
"id": "332de545256273fd",
"type": "leaf",
"state": {
"type": "tag",
"state": {
"sortOrder": "frequency",
"useHierarchy": true
},
"icon": "lucide-tags",
"title": "Tags"
}
},
{
"id": "e4063ef042af97c0",
"type": "leaf",
"state": {
"type": "outline",
"state": {
"file": "2025/xg-infra-upgrade-2025.md"
},
"icon": "lucide-list",
"title": "Outline of xg-infra-upgrade-2025"
}
}
]
}
],
"direction": "horizontal",
"width": 300,
"collapsed": true
},
"left-ribbon": {
"hiddenItems": {
"switcher:Open quick switcher": false,
"graph:Open graph view": false,
"canvas:Create new canvas": false,
"daily-notes:Open today's daily note": false,
"templates:Insert template": false,
"command-palette:Open command palette": false
}
},
"active": "a56ea6335de7aaa4",
"lastOpenFiles": [
"2025/xg-infra-upgrade-2025.md",
"2024/freebsd/Proxmox vs FreeBSD_ Which Virtualization Host Performs Better_ - IT Notes - https___it-notes.dragas.net_.mhtml",
"2024/freebsd/nginx remove header from upstream - Server Fault - https___serverfault.com_.mhtml",
"2024/freebsd/Solved - Howto save freebsd-update, portsnap, and pkg files to a fresh installation_ _ The FreeBSD Forums - https___forums.freebsd.org_.mhtml",
"2024/freebsd/Setting Up a Package Mirror on FreeBSD _ lastsummer.de - https___lastsummer.de_.mhtml",
"2024/freebsd/Nginx pkg cache help _ The FreeBSD Forums - https___forums.freebsd.org_.mhtml",
"2024/freebsd/FreeBSD Jail Creation - Personal Site - https___omussell.github.io_.mhtml",
"2024/freebsd/Caching freebsd-update and pkg files - Personal Site - https___omussell.github.io_.mhtml",
"2024/freebsd/Bhyve VM Creation - Personal Site - https___omussell.github.io_.mhtml",
"2024/freebsd",
"2024/ggz-poh-mijnpositievegezondheid.net/Mijn Positieve Gezondheid - 2024-11-08.pdf",
"2024/Brouwsels 2024.md",
"2024/So you wanna do FreeBSD 14.1 and native Home Assistant?.md",
"2024/Screenshot 2024-04-10 at 11.17.04 - courage - FRVO.png",
"2025/goede-voornemens-2025.md",
"2024/doelen-2024.md",
"2024/photoprism.md",
"2024/git-svn mirror.md",
"2024/Gezonde routines boek review & notes.md",
"2024/freebsd-notes.md",
"2024/1gabba.pw-links.md",
"2024/happy-holidays-nye-2024-kaart/jerry-nero-cutout-cosy-holidays-2024-center-round.png",
"2024/Github multiple users and keys.md",
"2021/zfs-snapshots.md",
"2024/freebsd-jail-vanilla.md",
"2024/april-training-mental-physical-goede-voornemens.md",
"2022/Adimec R D Software Quality Working Group.md",
"2022/apc-forum-donate-copyleft-symbool-dat-is-gek.png",
"2022/chilli-hot-sauce-ingredients.png",
"2022/Ouderwetse limburgse koud schotel.md",
"2022/github-archievement.png",
"2022/computers-and-machines.md",
"2022/christmas-card-jerry-nero-2023.png",
"2022/euro-dollar-koers-20220908_04_45-manic-hypomanie.png",
"2024/Gitea build on FreeBSD 14.2.md",
"2021/A tale about open-source software experience.md",
"2024/Postgres Backups and ZFS snapshots.md",
"2024/verjaardag-uitnodiging-jerry-35j-23-mrt-2024.png",
"2024/verjaardags-feest-35-jaar-in-breugel.md",
"2024/happy-holidays-nye-2024-kaart/wishes-jerry-nero-2025.png",
"2024/nye-party-2025-at-breugel.png",
"2024/Why I am tasting colors?.md",
"2024/chlorate-cell.md",
"2024/piet-hein-state-gebouwbeheer.md",
"2024/Batterij apparaten voor opladen.md",
"Untitled.canvas"
]
}

196
2025/xg-infra-upgrade-2025.sync-conflict-20250126-182027-OZPPIBC.md Normal file
View File

@ -0,0 +1,196 @@
---
tags:
- freebsd
- homelab
---
# NAS
* clean install newest FreeBSD 14.2
* move OS /home into /data/home zpool/home
* mount ISO over IPMI
* Manage old zpool:
* (old OS) zpool export zpool
* (new OS) zpool import -N zpool
* zpool status
* zpool upgrade
* zpool upgrade zpool
* https://docs.freebsd.org/en/books/handbook/zfs/#zfs-zpool-upgrade
* Syncthing shares on separated ZFS subvolumes
* zfs autosnapshot retetion policies
* pyrotechnics & private data zfs copies=2?
* Applications in VMs
* Photoprism
* Homeassistant? or in jail?
* Applications in seperate freebsd jails
* Syncthing
* Transmission
* (existing -> upgrade) Gitea
* Template FreeBSD 14.2
* Samba
* VTVBB sync + go tooling
* Cache: pkg + freebsd update (for jails)
* Reverse caddy HTTP + SSL proxy
* Bastion SSH host
* Simple DNS server
* Wireguard VPN
* https://genneko.github.io/playing-with-bsd/networking/freebsd-wireguard-jail/
* Data partitioning
* zroot (ssd OS only)
* zpool (14TB hdd mirror)
* /data/home
Host OS services:
* SSH
* sshguard
* pf firewall
Improvements & things to not forget:
* ZFS disable atime https://www.unixtutorial.org/zfs-performance-basics-disable-atime/
* backup settings from /etc and /usr/local/etc before SSD OS disk wipe
* private keychains daily snapshots (separate Syncthing share + copies=2?)
* Syncthing
* per-share zfs subvolume
* per-share needs .zfs ignore or else snapshots are propagated
* crontab(s) backup
* samba config
* gitea backup
* sshguard
* jails settings backup
* vanilla jails management with templates
* Migrate from zfstools auto-snapshot and prune to Python zfs-autobackup?
* See blog https://it-notes.dragas.net/2024/08/21/automating-zfs-snapshots-for-peace-of-mind/
* URLs for (web)services with nanodash for homelab + quick access
* Upgrade gitea and migrate sqlite to postgres
* https://forum.gitea.com/t/migrate-from-sqlite-to-postgresql/2269/
* https://tutorialinux.com/today-learned-migrating-sqlite-postgres-easy-sequel/
* Migrate all automations Hue -> Home Assistant
* Samba network share
* AVAHI/Bonjour autodiscovery
* Automount network shares on macOS
* ZFS zpool scrub monthly cron
* Homeassistant in FreeBSD jail rc.d service file for auto-start on boot
* ZFS volumes are seen as block devices `zfs create -V` for use with VMs for better performance
* ZFS scrub & status report e-mail
* FreeBSD pkg cache for jails
* https://omussell.github.io/fbsd-update-cache/
* https://forums.freebsd.org/threads/nginx-pkg-cache-help.85699/ + https://serverfault.com/a/1026574
* VMs managed with https://github.com/churchers/vm-bhyve
* zvol (vdev) vm instead of file: https://github.com/churchers/vm-bhyve?tab=readme-ov-file#adding-custom-disks
* https://forum.level1techs.com/t/zvol-vs-file-as-vm-backing-huge-performance-difference-on-nvme-based-zpool/182074/15
# Syncthing share enrol on ZFS subvolume
1. Create zfs subvolume: `zfs create ...`
2. Set zfs-auto-snapshot property (for zfstools) : `zfs set ..`
3. Create share in Syncthing web GUI
4. Ignore .zfs folder (to not propagate to connected peers): filter `.zfs`
# Syncthing migrate to zfs subvolume
```
# zfs create zpool/data/syncthing/shared/...
# zfs set snapdir=hidden zpool/data/syncthing/shared/...
(optional) # zfs set copies=2 zpool/data/syncthing/shared/...
# rsync --perms --archive --progress /data/syncthing/shares/... /data/syncthing/shared/...
# echo ".zfs" > /data/syncthing/shares/.../.stignore
# zfs set com.sun:auto-snapshot=true zpool/data/syncthing/shared/...
# zfs list -t snap zpool/data/syncthing/shared/...
```
# ZFS dataset datablock copies
For extra redundancy amount of datablock copies can be set and tested:
```
# zfs create data/test-dataset/dataset-1
# zfs list
# zfs set copies=2 data/test-dataset/dataset-1
# zfs get copies data/test-dataset/dataset-1
root@mango:/data/test-dataset/dataset-1 # dd if=/dev/random of=testfile bs=64K count=1024
1024+0 records in
1024+0 records out
67108864 bytes transferred in 0.609759 secs (110058049 bytes/sec)
root@mango:/data/test-dataset/dataset-1 # ls -lah
total 131146
drwxr-xr-x 2 root wheel 3B Dec 19 19:56 .
drwxr-xr-x 3 root wheel 3B Dec 19 19:55 ..
-rw-r--r-- 1 root wheel 64M Dec 19 19:57 testfile
root@mango:/data/test-dataset/dataset-1 # zfs list | grep dataset-1
data/test-dataset/dataset-1 128M 410G 128M /data/test-dataset/dataset-1
```
## Automatic USB backup with devd
* https://man.freebsd.org/cgi/man.cgi?devd.conf
# OpenZFS VM performance and database block size
https://klarasystems.com/articles/openzfs-storage-best-practices-and-use-cases-part-3-databases-and-vms/
https://github.com/openzfs/zfs/issues/7631
## Syncthing per-share zfs subvolume
For important shares data we set copies=2 and checksum=sha256
```
# zfs create zpool/syncthing/shares/myshare
# zfs set copies=2 zpool/syncthing/shares/myshare
# zfs set checksum=sha256 zpool/syncthing/shares/myshare
```
Which shares:
* jerry/pyrotechnics
* jerry/private
## ZFS snapshot visibility
Hide the `.zfs/snapshot` directory in the dataset so Syncthing doesn't sync it by accident when not ignored via `.stignore`:
```
# zfs list -t snapshot zpool/data/syncthing/shared/jerry/private
# zfs get snapdir zpool/data/syncthing/shared/jerry/private
# zfs set snapdir=hidden zpool/data/syncthing/shared/jerry/private
# ls /data/syncthing/shared/jerry/private/.zfs/snapshot
```
To make it visible again
```
# zfs set snapdir=visible
```
See https://docs.oracle.com/cd/E78901_01/html/E78912/gprhq.html
## Internal DNS server
* https://blog.marcg.pizza/marcg/a-quick-and-dirty-dns-server-using-freebsd-100daystooffload-day-28
* https://etherarp.net/dnsmasq/index.html
* https://vlads.me/post/setting-up-dns-adblocker-freebsd-jail/
# See also
* [[freebsd-notes]]
* [[freebsd-jail-vanilla]]
* [[zfs-snapshots]]
* [[So you wanna do FreeBSD 14.1 and native Home Assistant?]]
* [[computers-and-machines]]
# External docs
* https://klarasystems.com/articles/openzfs-understanding-zfs-vdev-types/
* https://jrs-s.net/2018/03/13/zvol-vs-qcow2-with-kvm/
* https://serverfault.com/questions/1075846/config-for-using-git-via-ssh-on-jump-host
* https://arstechnica.com/gadgets/2021/06/a-quick-start-guide-to-openzfs-native-encryption/
## Domains
### Public services
DNS at Transip
* git.xor-gate.org
* homeassistant.xor-gate.org
### Internal services
Internal services use split-brain DNS
* homelab.xor-gate.org
* git.xor-gate.org
* homeassistant.xor-gate.org