arc/notes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

vault backup: 2023-08-26 11:33:11

Browse Source
This commit is contained in:
zleyyij
2023-08-26 11:33:11 -06:00
parent 74c6ca8c53
commit 3b8bf3f490
9 changed files with 0 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
IT/Deploying PiVPN to a debian instance.md Normal file
View File

@ -0,0 +1,23 @@
## Preperation
The system was fully updated:
```
sudo apt update
sudo apt upgrade
```
A user was created as a designated PiVPN user. This is not strictly necessary, but I feel it is best. The home dir is set as `/opt/pivpn` because this server's schema designates a directory in `/opt` for each service
```
sudo adduser pivpn --home=/opt/pivpn
```
## Deployment
The installation command was copied from the [PiVPN website](https://pivpn.io/):
```
curl -L https://install.pivpn.io | bash
```
- `eth0` was selected for the IPv4 and IPv6 interface
- Yes was selected for the DHCP reservation(set via router's web interface)
- The user previously created is selected as the designated PiVPN user, this is not strictly necessary, any user will do.
- Wireguard is selected as the VPN, although the process is very similar for OpenVPN
- The default port is likely fine, remember to open the port. Wireguard is strictly UDP, with OpenVPN using both TCP and UDP
- The DNS server selection is personal preference, this is where I selected my Pihole
- The access method was set as the network's WAN IP, I have never used the other options
- Unattended security patches were enabled

68
IT/Deploying pihole-docker to a brand new Debian instance.md Normal file
View File

@ -0,0 +1,68 @@
#documentation #homelab
Official docs can be found on the [github page](https://github.com/pi-hole/docker-pi-hole) and the [home page](https://docs.pi-hole.net/)
## Preperation
- The system was entirely updated with `sudo apt update` and `sudo apt upgrade`.
- `docker` and `docker-compose` were installed via `apt`
- It was noted that `docker.service` was not running, with an error similar to
```
Error starting daemon: Error initializing network controller: error obtaining controller instance: failed to create NAT chain DOCKER: iptables failed: iptables -t nat -N DOCKER: iptables v1.8.2 (nf_tables): CHAIN_ADD failed
```
- This was resolved by running the commands below as detailed [here](https://forums.docker.com/t/failing-to-start-dockerd-failed-to-create-nat-chain-docker/78269)
```
sudo update-alternatives --set iptables /usr/sbin/iptables-legacy
sudo update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
```
## Deployment
- A `docker-compose.yml` file was created with the contents:
```
version: "3"
# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
services:
pihole:
# start on boot and when crashed
restart: unless-stopped
container_name: pihole
image: pihole/pihole:latest
# For DHCP it is recommended to remove these ports and instead add: network_mode: "host"
ports:
- "53:53/tcp"
- "53:53/udp"
- "67:67/udp" # Only required if you are using Pi-hole as your DHCP server
- "80:80/tcp"
environment:
TZ: 'America/Chicago'
# set the web dashboard to have no passwd
WEBPASSWORD: ''
# Volumes store your data between container upgrades
volumes:
- './etc-pihole:/etc/pihole'
- './etc-dnsmasq.d:/etc/dnsmasq.d'
# https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
cap_add:
- NET_ADMIN # Required if you are using Pi-hole as your DHCP server, else not needed
restart: unless-stopped
```
The time zone was updated to the correct timezone, a configuration option added to make the container start automatically, and the docker container started with (Note: If you are not using a `docker` user, you will need to add your user to the docker group. This can be done with `sudo usermod -aG docker [user]`):
```
docker-compose -f docker-compose.yml up -d
```
You can check the status of all docker containers with `docker ps`, and get detailed logs for the pihole container with `docker logs pihole`
Test and see if the pihole is running by changing a system's DNS server to the pihole's IP, then going to `http://[ip]/admin/` or `http://pi.hole`
## Troubleshooting
- Restart the server:
```
sudo reboot -h now
```
- Check if the container is running:
```
docker ps
```
- Check the logs:
```
docker logs pihole
```
- See if the container is listening(grep can be omitted to check all services):
```
sudo ss -tulpn | grep 53
```

7
IT/Enabling fingerprint authentication on Zephyrus G15.md Normal file
View File

@ -0,0 +1,7 @@
****#linux
#laptop
[Documentation](https://github.com/knauth/goodix-521d-explanation)
From the usbreset directory run `gcc usbreset.c -o usbreset.out` to compile the reset bin, then `sudo ./usbreset.out /dev/bus/usb/<bus>/<device>` to reset it, for this device it's ``sudo ./usbreset.out /dev/bus/usb/003/002``
from goodix-fp-dump run `sudo python run_521d.py` to reflash the firmware

141
IT/Fixing a non booting linux install.md Normal file
View File

@ -0,0 +1,141 @@
# Fixing a non-booting linux install
Because of the length and variety of troubleshooting methods, the following article will be segmented by each step of the boot process.
## UEFI/BIOS
When the system is first powered on, the UEFI/BIOS preforms basic integrity checks of your disk, then checks the MBR for a valid bootloader, and if it's a GPT system, it will check the ESP(EFI System Partition) for a valid bootloader. If it is not found, you may get an error stating boot failure, the system may load into the UEFI/BIOS, or it may reboot.
### Troubleshooting
Try a live environment.
##### If the live environment boots successfully:
It indicates the bootloader is not functioning correctly. You can attempt to fix the bootloader by `chroot`ing in:
**On non Arch based distributions:**
Mount the root filesystem, where `sdXY` is your root partition, or `/`. You can find it by running `lsblk`, and looking at the size, or using `sudo fdisk -l`, and looking at the partition size and type.
```
mount /dev/sdXY /mnt
```
Mount the API filesystems:
```
cd /mnt
```
```
mount -t proc /proc proc/
```
```
mount /t sysfs /sys sys/
```
```
mount --rbind /dev dev/
```
```
mount --rbind /sys/firmware/efi/efivars sys/firmware/efi/efivars/
```
Mount the `efi` partition if the system is UEFI/GPT:
use `sudo fdisk -l` to list disks, look for a partition of ~200-500M, labeled `EFI System`, again, where `/dev/sdXY` is the EFI system partition
```
mount /dev/sdXY /mnt/boot/efi
```
If you require an internet connection:
```
cp /etc/resolv.conf etc/resolv.conf
```
Chroot into `/mnt` using a bash shell:
```
chroot /mnt /bin/bash
```
**On Arch based distributions:**
Chroot into the system using arch's `arch-chroot` script:
```
arch-chroot /dev/sdXY
```
Mount the `efi` partition if the system is UEFI/GPT:
Use `sudo fdisk -l` to list disks, look for a partition of ~200-500M, labeled `EFI System`, again, where `/dev/sdXY` is the EFI system partition
```
mount /dev/sdXY /boot/efi
```
To reinstall grub:
```
grub-mkconfig -o /boot/grub/grub.cfg
```
If the system is EFI, you do not need any arguments for `grub-install`:
```
grub-install
```
If the system is MBR:
```
grub-install --target=i386-pc /dev/sdXY
```
##### If the live environment does *not* boot successfully:
See if Secure Boot is enabled:
Check your UEFI/BIOS and ensure Secure Boot is disabled, or enabled if you are using a linux distro that supports secure boot.
Try Ventoy, if it boots to the Ventoy menu without issue, try redownloading/burning your Linux ISO. You can ensure the checksum matches:
From Linux(this utility is included in most distros):
```
sha256sum [file]
```
From Windows(from Powershell):
```
Get-FileHash
```
If the checksum doesn't match with the one provided by the original source, than something went wrong during the download process, and the ISO needs to be downloaded again.
If the checksum matches and the ISO *still* isn't booting:
- Try a different iso utility(Rufus, Ventoy, `dd`(unix only), BalenaEtcher)
- Try a different "base" of distro(RHEL, Debian/Ubuntu, Arch, and OpenSUSE are all common alternatives)
- Try a different USB drive
- See if the drive works on a different computer
*If the ISO is STILL not booting:*
- Pray to Tux for mercy
- Ensure it's not a PEBKAC
- Update your UEFI/BIOS
## GRUB/Bootloader
*Note: this section assumes you use GRUB*
At this point, your UEFI/BIOS has passed control over to GRUB, by default, it presents a menu similar to the one shown below, although the appearence may vary.
![[Pasted image 20220907095504.png]]
### Recovery shell
With the standard boot option selected in GRUB:
- Hit `e` to temporarily edit the boot config
- Find the line that says `linux`, and go to the end of the line and put `systemd.unit=rescue.target`
- Then hit ctrl + x or F10 to boot with the modified config.
- If the recovery shell doesn't work, you can try an emergency shell(a more minimalistic recovery interface) by replacing `systemd.unit=rescue.target` with `systemd.unit=emergency.target`
### Init shell
In Linux, the init process is the very first process launched by the system, identified with a PID of 1. This can be changed with a GRUB variable.
- Hit `e` over the correct entry to temporarily edit the boot config
- Append `init=/bin/bash` to the line that starts with `linux`. You can experiement with having it earlier in the line to see if it makes a difference.
### Troubleshooting from a shell
- Update everything
- Reinstall GPU drivers
- Reinstall the display manager and desktop environment
- Try manually starting display manager/desktop environment
## System Boot
Once GRUB passes booting over to Linux, it will start booting in VGA text mode under tty1. Troubles here can show symptoms including:
- Appears unresponsive during boot
- Screen goes black as it leaves VGA text mode, then crashes or hangs
- Begins shutting down after a partial boot
### Different TTY
During the boot process, you can try switching to a different TTY to bypass the TTY used at boot. You can use ctrl + alt + f2-f9 to drop to a different interface.
#### Troubleshooting from a recovery shell
If the shell loads successfully, than the system not booting might be prevented by a bad config loaded at startup, a nonfunctional display manager or desktop environment.
**If X11:**
Try starting your desktop environment using [xinit](https://wiki.archlinux.org/title/Xinit):
You can also try skipping xinit by specifying the start environment as a `startx` argument:
(example uses KDE plasma)
`startx startplasma-x11`
if that fails, you can check `dmesg` logs if stdout is inconclusive.
Try starting your display manager with `systemctl`:
(`sddm` used in example)
`sudo systemctl start sddm`
If you don't know what the systemd service is named, you can try to find it with `systemctl list-units | grep possiblename` where `possiblename` is the or part of it.

1
IT/Fixing supergfxctl black screen on dedicated mode.md Normal file
View File

@ -0,0 +1 @@
https://asus-linux.org/faq/#why-did-nvidia-mode-give-me-black-screen-with-xorg

10
IT/Homelabbity.md Normal file
View File

@ -0,0 +1,10 @@
#home #documentation #homelab
|hostname | username | IP address | SSH Port | Notes|
|---|---|---|---| ---|
| Atlas | arc | 192.168.0.2 | 22 | Uptime raspi: VPN, PiHole|
| Ubuntu | ubuntu | 192.168.0.3 | 42069 | active development raspi |
| 47c-in | ubuntu | 158.101.9.152 | 22 | Free oracle VPS for website, Git, apache2 |
| xoa | arc | 192.168.0.5 | 22 | xen orchestra |
| hydra | root | 192.168.0.4 | 22 | R730 hypervisor |

156
IT/Installing Arch.md Normal file
View File

@ -0,0 +1,156 @@
#linux
#documentation
See offical documentation [here](https://wiki.archlinux.org/title/installation_guide).
### Preperation
**Prerequisites**
Check if system is in UEFI mode with:
`ls /sys/firmware/efi/efivars`
If it lists the directory without issue then it's in EFI mode, if `no directory exists` is returned than EFI is disabled.
**Partitioning Disks**
List disks with:
`fdisk -l`
Select disk to modify with:
`fdisk /dev/sdx` (where x is the selected disk)
In the *fdisk* environment, use:
- `n` to create a new partition
- `p` or `e` to select primary or extended, primary is fine for all partitions on this install.
- `+[size][scale]` EG: `+512M` or `+1g` create a partition of that size.
- `w` to write changes to the disk.
Arch requires:
- 1 *EFi system partition* of at least **300MiB** mounted to **/mnt/boot** (Only for UEFI systems)
- 1 *root partition* using **all leftover space** mounted at **/mnt**
- Optionally a *swap partition* **more than 512MiB**, but ideally equal to the total ram.(Note: the swap partition is not mounted, but is instead initialized with `mkswap /dev/swap_partition`)
**Formatting Partitions**
- Format the root partition as ext4
```bash
mkfs.ext4 /dev/root_partition
```
- Format the EFI system partition as Fat32
```bash
mkfs.fat -F 32 /dev/efi_system_partition
```
- Initialize the swap partition
```bash
swapon /dev/_swap_partition_
```
**Mounting Partitions**
Mount these partitions with `mount /dev/sdxI /mounting_location`, for this purpose `/mnt`.
You will need to:
- Mount root partition(/)
```bash
mount /dev/[root_partition] /mnt
```
- Mount EFI System Partiton
(boot may need to be made with `mkdir`)
```bash
mount /dev/[efi_system_partition] /mnt/boot
```
- If a swap partition was made, initialize it with:
```bash
swapon /dev/[swap_partition]
```
**Update Mirrors**
Use `reflector` to update mirrors to the optimal servers.
### Installation
Use `pacstrap` to install necessary packages into `/mnt`
```bash
pacstrap /mnt base linux linux-firmware dhcpcd nano
```
Note: if you wish to configure a static IP you can remove `dhcpcd`from the package list and use `ip address add [IP]/[subnet] broadcast + dev [interface]`, where subnet is usually `/24` and the interface can be found with `ip link`. You will need to add a route, which can be done with `ip route add default via [gateway address]`.
**Configuring the system**
Generate an `fstab` file(shows how partitions should translate into disk space)
```bash
genfstab -U /mnt >> /mnt/etc/fstab
```
**Chroot into the new system** with `arch-chroot`
```bash
arch-chroot /mnt
```
Optionally set time zone(See installation wiki)
Edit `/etc/locale.gen` to set locales. For English uncomment `en_US.UTF-8 UTF-8`.
If needed, generate locales with `locale-gen`.
Start and enable internet
```bash
systemctl start dhcpcd
systemctl enable dhcpcd
```
**User Account Management**
Set a root password with `passwd`.
Install `sudo`
```bash
pacman -S sudo
```
Add a user
```bash
useradd -m [user]
```
Give the user a password:
```bash
passwd [user]
```
Add the user to the sudoers group(you will need to uncomment a line from /etc/sudoers)
```bash
usermod -aG wheel [user]
```
Reboot, unmount the .iso, and login to the user just created.
Install either `amd-ucode` or `intel-ucode` depending on the system processor
```bash
sudo pacman -S [needed package]
```
**Beyond the install**
Install `grub` and`efibootmgr` with pacman
```bash
pacman -S grub
pacman -S efibootmgr
```
Create the directory for grub
```bash
mkdir /boot/EFI/GRUB
```
Install `grub` to the efi partition.
```bash
grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id=grub
```
Generate the grub config
```bash
grub-mkconfig -o /boot/grub/grub.cfg
```
Install `xorg-server`
```bash
sudo pacman -S xorg-server
```
Install `plasma`
```bash
sudo pacman -S plasma
```
Install `sddm`
```bash
sudo pacman -S plasma
```
Start sddm
```bash
sudo systemctl start sddm.service
```
If the desktop works as intended, enable sddm to launch at boot
```bash
sudo systemctl enable sddm.service
```