vladak / freebsd-ktls-build.md

Last active February 4, 2022 10:17

FreeBSD KTLS build

FreeBSD-current KTLS setup

The goal is to use FreeBSD as a KTLS client.

ref: https://docs.freebsd.org/en/books/handbook/cutting-edge/

Notes:

GENERIC kernel configuration has the KERN_TLS option set by default
rpc.tls* daemons are built by default

vladak / openssl-1.x-FIPS.md

Last active October 19, 2021 12:25

OpenSSL 1.x FIPS signature

OpenSSL 1.x FIPS embedded signature test

This gist contains my notes about how the FIPS selftest signature check works in OpenSSL 1.x. Assumes basic awareness of the OpenSSL FOM (FIPS Object Module). My focus for this case is Solaris on SPARC.

The goal is to examine some of the inner workings of FIPS signature verification.

The FOM is built as fipscanister.o using designated code and linked into common OpenSSL build. When the libcrypto.so library is loaded, the FOM will perform self test. If the self test fails, the running program is abort()ed.

vladak / openbsd-octeon.md

Last active June 9, 2025 11:41

OpenBSD octeon

OpenBSD octeon notes

These are my personal notes on how to run/use OpenBSD on Ubiquiti Edgerouter, specifically for Edgerouter 4. I installed OpenBSD bunch of releases back and keep upgrading. Perhaps some of the issues highlighted below would not happen on fresher install.

Upgrade

The upgrade should be done one release at a time, i.e. from x.y to x.(y+1).

Note: has to be done using serial console (in order to access U-boot)

vladak / freebsd-vbox.md

Last active January 3, 2022 17:26

FreeBSD on VirtualBox

# pre-flight check
VBoxManage list ostypes | grep FreeBSD

# new VM
VM=FreeBSD
zfs create tank/vm/vkotal/$VM
VBoxManage createvm --basefolder /tank/vm/vkotal --name $VM --ostype FreeBSD_64 --register

# CPU

vladak / freebsd-ktls.md

Last active April 5, 2022 14:13

FreeBSD in kernel TLS implementation notes

This is a collection of random notes about FreeBSD's in kernel TLS implementation based on reading the source code (so far). The focus is TLS for NFS/RPC.

FreeBSD in kernel TLS

supports TLSv1.0 to TLSv1.3
development time frames:
- first FreeBSD commit (b2e60773) 27-Aug-2019, this might be just the "upstreaming" work
- development on going (March 2021)
TCP only
no rekeying so far (as of April 2021)

vladak / lucene-luke.md

Last active April 28, 2025 22:26

How to run Luke

Lucene has Luke built in however I cannot start it directly via lucene/luke/bin/luke.sh on Ubuntu 20.04 with OpenJDK 11.

git clone https://github.com/apache/lucene.git Lucene
cd Lucene
./gradlew assemble
java -cp './lucene/luke/build/lucene-luke-9.0.0-SNAPSHOT/*' \
    -Xmx1024m -Xms512m -XX:MaxMetaspaceSize=256m org.apache.lucene.luke.app.desktop.LukeMain

vladak / solaris-layered-debugging.md

Last active July 3, 2023 13:22

debugging a problem in Solaris from the top layer (userland) to the bottom layer (hardware)

Debugging a problem in Solaris through several OS layers

Background

This is a story about an operating system problem that occupied me at work in 2015 for couple of days. The goal is to give you an overview of debugging techniques and associated tools. I'd like to use this opportunity (writing this article for my students of the Unix programming class at the Mathematical-physical faculty of the Charles university in Prague in 2021) to provide some historical points, some background and some details about operating system work (I feel old writing this). As a bit of a spoiler, the cause of the problem turned out to be completely different than what it seemed initially and involved traversing multiple layers in the operating system. I love this kind of problems because it is fun and great learning experience. I vaguely remember a job advertisement in Netfix bunch of years back that demanded that the applicants posses intimate knowledge of the operating system internals down to (

vladak / varmilo keyboard.md

Last active March 9, 2026 00:16

Varmilo keyboard details

Mechanical keyboards

nice infographics on https://www.reddit.com/r/MechanicalKeyboards/comments/jihbhi/custom_mechanical_keyboard_infographic_v30_is_now/

My Varmilo VA87M

Cherry MX Brown - to make it similar to the Sun Type 7 keyboard I was using previously (excellent keyboard however too wide).

Fn key - the "house/home" key

vladak / freenas.md

Last active October 10, 2025 10:53

TrueNAS notes

my build: https://pcpartpicker.com/b/8hgJ7P#cx4069854

LSI cards

To assist ZFS in discovering controller errors, each drive from a given mirror zvol is connected to different controller. There are 2 controllers in use: one on-board (AHCI) and one in the form of PCIe card from LSI. Each has 4 ports, so ample for the 6 drives installed.

current: LSI SAS 3008 based

SAS 3008 models: https://forums.servethehome.com/index.php?threads/lsi-raid-controller-and-hba-complete-listing-plus-oem-models.599/

vladak / docker-notes.md

Last active March 3, 2022 09:54

Docker behind proxy

https://stackoverflow.com/questions/23111631/cannot-download-docker-images-behind-a-proxy

mkdir /etc/systemd/system/docker.service.d
cat << EOF > /etc/systemd/system/docker.service.d/http-proxy.conf
[Service]
Environment="HTTP_PROXY=http://proxy.example.com:80/"

Vladimir Kotal vladak