virsh edit Windows10<video> section and change it to the following one: <video>
<model type='qxl' ram='131072' vram='131072' vgamem='32768' heads='1' primary='yes'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
</video>
This two scripts install & configure Wireguard on a CentOS8 "server" (peer) and on a Ubuntu 18.04 "client" peer. Of course, if you replace the # Installation script parts, these instructions can also be used on other distributions like Debian, CentOS 7, Fedora, etc..
Possible pitfall: When you change something in the /etc/wireguard/wg0.conf configuration file on the server, ensure to disable the wg-quick@wg0 service in advance:
sudo systemctl stop wg-quick@wg0
sudo systemctl disable wg-quick@wg0
sudo vim /etc/wireguard/wg0.conf # edit what ever you like
sudo systemctl enable --now wg-quick@wg0
Quick and dirty guide how to get Apache Guacamole in combination with VNC up and running.
sudo add-apt-repository -y ppa:remmina-ppa-team/freerdp-daily
sudo apt update
env DEBIAN_FRONTEND=noninteractive sudo apt install -y freerdp2-dev freerdp2-x11
Save the file nic-isolation.service to /etc/systemd/system/nic-isolation.service.
Afterwards reload the systemd daemon and enable & start the "service":
sudo systemctl daemon-reload
sudo systemctl enable nic-isolation.service
sudo systemctl start nic-isolation.service
By default Linux ignores Broadcast and Multicast ICMP messages. That's why you need to enable it first:
sysctl -w net.ipv4.icmp_echo_ignore_broadcasts=0To join any mutlicast address (e.g. 224.10.10.10/24) just add it to your active interface (e.g. eth0) and append the keyword autojoin at the end:
Ranchers official documentation about how to configure the Rancher <> KeyCloak setup is fine but definitely not sufficient to successfully configure it (https://rancher.com/docs/rancher/v2.x/en/admin-settings/authentication/keycloak/). That's the reason why here every single required step is documented down here.
I simply use the default master realm for the Rancher client. Nevertheless, it would sometimes absolutely make sense to use a custom KeyCloak realm.
admin on https://keycloak.example.com/. Important: It's crucial that in KeyCloak the same username exists as you use as admin user on Rancher. Since I just use the admin account in this guide, this prerequisite is already achieved.Client ID: https://rancher.example.com/v1-saml/keycloak/saml/metadata
Use the following commands to add a security device module to Firefox. Ensure Firefox is closed while running these commands! modutil comes with the installation of libnss3-tools.
securityModuleDeviceName="My Awesome Module"
securityModulePath="/usr/lib/libBlaBla.so"
# We use cert9.db and "sql:..." since cert8.db is in the legacy format
for devicedDB in $(find ~/.mozilla* -name "cert9.db")
do
certDir=$(dirname ${devicedDB});
Use the following commands to add CA certificates to the Firefox truststore via command line. Ensure Firefox is closed while running these commands! certutil comes with the installation of libnss3-tools.
certificateFileRoot="root.crt"
certificateNameRoot="Root CA"
certificateFileInter="intermediate.crt"
certificateNameInter="Intermediate CA"
# We use cert9.db and "sql:..." since cert8.db is in the legacy format
for certDB in $(find ~/.mozilla* -name "cert9.db")