Skip to content

Instantly share code, notes, and snippets.

View p7cq's full-sized avatar

p7cq

4 followers · 0 following
View GitHub Profile
@p7cq
p7cq / Create_Arch_Linux_ISO_with_ZFS_builtin.md
Last active November 5, 2024 10:37
Create Arch Linux ISO with ZFS builtin

Create an Arch Linux ISO with ZFS builtin

The following will create an Arch Linux installation ISO with LTS kernel and ZFS builtin. Based on the ZFS on Arch Linux project.

Create a working directory

sudo mkdir -p /local/zfs
sudo chown user:group /local/zfs
@p7cq
p7cq / VyOS_Router_Firewall_IPsec_Site_To_Site_BGP_IPsec_RA.md
Created October 16, 2024 17:23
VyOS - Router, Firewall, IPsec Site-To-Site, BGP, IPsec Remote Access

Configuration steps for a router and firewall based on VyOS replacing my pfSense box in a home environment.

Basic Configuration

This configuration was performed using a serial connection, with the old router still active. All infrastructure is bare metal.

Disclaimer: I have no networking background and no prior experience with VyOS.

Description IP/Subnet Interface Domain
WAN 172.16.172.16/22 eth0 example.net
@p7cq
p7cq / OpenWrt_on_Raspberry_Pi_5.md
Last active August 24, 2024 16:43
OpenWrt on Raspberry Pi 5

A portable router to use on the go, based on OpenWrt and Raspberry Pi 5.

Network adapters:

  • Dell USB-C to RJ45 DBQBCBC064 Gigabit Ethernet Adapter
  • Netgear Nighthawk AXE3000 USB 3.0 WiFi Adapter (A8000)

Preparations

Change Wireless country code and update EEPROM from inside Raspberry Pi OS (see this).

@p7cq
p7cq / EJBCA_CE_Nitrokey_HSM_PKI.md
Last active March 20, 2024 08:20
EJBCA CE & Nitrokey HSM - A lab PKI

EJBCA CE & Nitrokey HSM - A lab PKI

Configuration steps for a lab CA, created using EJBCA CE and Nitrokey HSM.

Installation details

Hardware: Raspberry Pi 4 Model B

Crypto token: Nitrokey HSM 2

@p7cq
p7cq / GH60.md
Created December 12, 2022 18:12
GH60
@p7cq
p7cq / i3_Remap_Right_Win_to_Right_Hyper.md
Last active October 13, 2022 11:30
i3 WM: Remap Right Win key to Right Hyper

i3 WM: Remap Right Win key to Right Hyper

As sometimes I use a TKL keyboard without multimedia keys, I wanted Right Win and some other key combination to control audio volume.

My keyboard layout is us and I am using Left Win key assigned to mod4 as the modifier key. The spacebar row on my keyboard looks like this:

[Ctrl] [Left Win] [Alt] [Space] [Alt] [Right Win] [Menu] [Ctrl]

Using X

@p7cq
p7cq / SSH_Authentication_TPM2_PKCS11_Arch_Linux.md
Last active January 17, 2024 03:30
SSH Authentication with TPM 2.0 and PKCS#11 on Arch Linux

SSH Authentication with TPM 2.0 and PKCS#11 on Arch Linux

Hardware: a TPM 2.0 module based on Infineon SLB9665 cryptographic processor available in the system as /dev/tpmrm0.

Installation

Required software:

# pacman -S tpm2-tools tpm2-pkcs11
@p7cq
p7cq / Arch_Linux_Root_On_ZFS.md
Last active January 18, 2025 18:49
Install Arch Linux with Root on ZFS

Arch Linux Root on ZFS

Installation steps for running Arch Linux with root on ZFS using UEFI and systemd-boot. All steps are run as root.

Requires an Arch Linux image with ZFS built-in (see References).

In live environment

If using KVM, add a Serial number for each virtual disk and reboot the VM. The disks should now be available in /dev/disk/by-id as virtio-<Serial>.

@p7cq
p7cq / Arch_Linux_Root_on_Btrfs.md
Last active October 10, 2020 22:40
Install Arch Linux with Root on Btrfs

Arch Linux Root on Btrfs

Prepare disks

Keeping about 15% unallocated space on both disks.

sgdisk --zap-all /dev/disk/by-id/ata-CT240BX500SSD1_A
sgdisk -n1:0:+550M -t1:ef00 /dev/disk/by-id/ata-CT240BX500SSD1_A
sgdisk -n2:0:+190G -t2:8300 /dev/disk/by-id/ata-CT240BX500SSD1_A
@p7cq
p7cq / vm1-start.sh
Last active January 19, 2024 14:27
Dynamic CPU isolation in QEMU/KVM
#!/usr/bin/env bash
#
# CPU isolation in QEMU/KVM
#
# As the cset scripts no longer work (systemd switched to cgroups v2), this is my
# attempt at emulating its functionality. It may be incorrect and/or it may break
# stuff. Blind copy-pasting with some reasoning follows.
#
# Host: