From b8df59899de1e871509de0731be008b06709c704 Mon Sep 17 00:00:00 2001 From: vorpax Date: Tue, 3 Mar 2026 22:47:39 +0100 Subject: [PATCH] Quartz sync: Mar 3, 2026, 10:47 PM --- .gitea/workflows/build-deploy.yml | 4 + compose.yaml | 2 +- content/Untitled.md | 0 .../guides/Create a TrueNAS test vm.md | 99 ++++++++ content/homelab/guides/GPU PASSTHROUGH.md | 110 +++++++++ content/homelab/guides/Step CA.md | 85 +++++++ content/homelab/guides/Terraform provider.md | 29 +++ ...m a private local certificate authority.md | 0 content/homelab/memos/index.md | 4 + content/homelab/memos/some useful tools.md | 28 +++ .../My personal Git Forge using Gitea.md | 12 + ...op Cheatsheet — Deploy your own ChatGPT.md | 133 ++++++++++ .../Workshop — Deploy your own ChatGPT.md | 228 ++++++++++++++++++ 13 files changed, 733 insertions(+), 1 deletion(-) create mode 100644 content/Untitled.md create mode 100644 content/homelab/guides/Create a TrueNAS test vm.md create mode 100644 content/homelab/guides/GPU PASSTHROUGH.md create mode 100644 content/homelab/guides/Step CA.md create mode 100644 content/homelab/guides/Terraform provider.md rename content/homelab/{services => guides}/Trust a certificate from a private local certificate authority.md (100%) create mode 100644 content/homelab/memos/index.md create mode 100644 content/homelab/memos/some useful tools.md create mode 100644 content/homelab/services/My personal Git Forge using Gitea.md create mode 100644 content/homelab/workshops/Workshop Cheatsheet — Deploy your own ChatGPT.md create mode 100644 content/homelab/workshops/Workshop — Deploy your own ChatGPT.md diff --git a/.gitea/workflows/build-deploy.yml b/.gitea/workflows/build-deploy.yml index 11954d5..a27306b 100644 --- a/.gitea/workflows/build-deploy.yml +++ b/.gitea/workflows/build-deploy.yml @@ -17,6 +17,9 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 @@ -42,6 +45,7 @@ jobs: with: context: . file: ./Dockerfile.prod + platforms: linux/amd64,linux/arm64 push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} diff --git a/compose.yaml b/compose.yaml index de1cc4c..37c6b89 100644 --- a/compose.yaml +++ b/compose.yaml @@ -2,7 +2,7 @@ services: quartz: # Option 1: Pull from Gitea Container Registry (recommended for production) image: gitea.vorpax.dev/vorpax/wiki:latest - + pull_policy: always # Option 2: Build locally (uncomment for local development) # build: # context: . diff --git a/content/Untitled.md b/content/Untitled.md new file mode 100644 index 0000000..e69de29 diff --git a/content/homelab/guides/Create a TrueNAS test vm.md b/content/homelab/guides/Create a TrueNAS test vm.md new file mode 100644 index 0000000..456646b --- /dev/null +++ b/content/homelab/guides/Create a TrueNAS test vm.md @@ -0,0 +1,99 @@ +--- +title: Create a TrueNAS test vm +publish: true +date: 2026-01-14 +tags: + - guide +description: +--- +# TrueNAS Scale VM: Configuring Virtual Disk Serials + +## Overview + +This guide explains how to assign custom serial numbers to Proxmox virtual disks. + +This is required for TrueNAS Scale to correctly identify disks and form ZFS pools in a virtualized environment. + +> [!WARNING] **Test Labs Only** +> Never use virtual disks for production TrueNAS deployments. It prevents ZFS from accessing SMART data and increases data loss risk. + +## Prerequisites + +* A running PVE node. +* A created TrueNAS Scale VM on your PVE node. +* Basic shell knowledge. + +--- + +## Steps + +### Step 1: Locate VM Config + +Open an SSH connection to your Proxmox node and identify your TrueNAS VM ID (e.g., `100`). + +### Step 2: Add Serial Numbers + +Edit the QEMU server configuration file for your VM: + +```bash +vi /etc/pve/qemu-server/${TRUENAS_VMID}.conf + +``` + +Locate the lines defining your hard disks (usually starting with `scsi`). Append a unique serial parameter `,serial=XXXX` to the end of each disk line. + +**Example Configuration:** + +```ini +# Before +scsi1: local-lvm:vm-100-disk-1,discard=on,iothread=1,size=16G,ssd=1 +scsi2: local-lvm:vm-100-disk-2,discard=on,iothread=1,size=16G,ssd=1 + +# After (Ensure every serial string is unique) +scsi1: local-lvm:vm-100-disk-1,discard=on,iothread=1,size=16G,ssd=1,serial=TRUENAS-01 +scsi2: local-lvm:vm-100-disk-2,discard=on,iothread=1,size=16G,ssd=1,serial=TRUENAS-02 + +``` + +### Step 3: Apply Changes + +For these hardware changes to register, you must fully stop and start the VM (a reboot is not sufficient). + +```bash +qm stop ${TRUENAS_VMID} +qm start ${TRUENAS_VMID} + +``` + +--- + +## Verification + +Open the Shell inside your running TrueNAS VM and run: + +```bash +lsblk -o NAME,SERIAL,SIZE + +``` + +**Expected Output:** + +```text +NAME SERIAL SIZE +sda TRUENAS-01 16G +sdb TRUENAS-02 16G + +``` + +--- + +## Troubleshooting + +### "Disk Serial" or Multipath Errors + +**Problem:** TrueNAS complains about duplicate disks or fails to create the pool. +**Solution:** You likely pasted the same serial number for multiple disks. Re-open the `.conf` file and ensure every `serial=...` string is unique. + +--- + +**Created:** 2026-01-14 diff --git a/content/homelab/guides/GPU PASSTHROUGH.md b/content/homelab/guides/GPU PASSTHROUGH.md new file mode 100644 index 0000000..87bddd9 --- /dev/null +++ b/content/homelab/guides/GPU PASSTHROUGH.md @@ -0,0 +1,110 @@ +--- +title: GPU PASSTHROUGH +publish: true +date: 2026-02-18 +tags: + - guide +description: +--- + +# GPU PASSTHROUGH + +## Overview + +What this guide covers and what you'll accomplish. + +## Prerequisites + +- Requirement 1 +- Requirement 2 +- Required knowledge + +## What You'll Need + +- Hardware/software requirements +- Tools +- Access requirements + +## Steps + +### Step 1: Setup + + + +```bash +echo "blacklist nouveau" >> /etc/modprobe.d/blacklist.conf +echo "blacklist nvidia*" >> /etc/modprobe.d/blacklist.conf +``` + + +```bash +lspci -v +``` + +You should find the id of your device, in my case it is 01:00 which is pretty common. + +Then look out for the specific code of your device. + +```bash +lspci -n -s 01:00 +``` + +Then you just have to add it to vfio. + +```bash +echo "options vfio-pci ids=10de:1b81,10de:10f0 disable_vga=1" > /etc/modprobe.d/vfio.conf +``` + + +```bash +update-initramfs -u +``` + +```bash +reboot now +``` + +### Step 2: Configuration + +Continue with configuration steps. + +```bash +# More commands +``` + +### Step 3: Verification + +How to verify everything is working. + +```bash +# Verification commands +``` + +## Troubleshooting + +### Issue 1 + + **Problem**: Description of the problem + +**Solution**: How to fix it + +### Issue 2 + +**Problem**: Description + +**Solution**: Fix + +## Next Steps + +- What to do after completing this guide +- Related guides +- Advanced configurations + +## References + +- Links to documentation +- Related resources + +--- + +*Created: 2026-02-18* diff --git a/content/homelab/guides/Step CA.md b/content/homelab/guides/Step CA.md new file mode 100644 index 0000000..d0e0275 --- /dev/null +++ b/content/homelab/guides/Step CA.md @@ -0,0 +1,85 @@ +--- +title: Step CA +publish: true +date: 2026-01-20 +tags: + - guide + - network + - security + - CA + - PKI +description: +--- + +# Step CA + +## Overview + +A guide to setting up *step-ca* + +## Prerequisites + +- Requirement 1 +- Requirement 2 +- Required knowledge + +## What You'll Need + +- Hardware/software requirements +- Tools +- Access requirements + +## Steps + +### Step 1: Setup + +Detailed instructions for the first step. + +```bash +# Example commands +``` + +### Step 2: Configuration + +Continue with configuration steps. + +```bash +# More commands +``` + +### Step 3: Verification + +How to verify everything is working. + +```bash +# Verification commands +``` + +## Troubleshooting + +### Issue 1 + +**Problem**: Description of the problem + +**Solution**: How to fix it + +### Issue 2 + +**Problem**: Description + +**Solution**: Fix + +## Next Steps + +- What to do after completing this guide +- Related guides +- Advanced configurations + +## References + +- Links to documentation +- Related resources + +--- + +*Created: 2026-01-20* diff --git a/content/homelab/guides/Terraform provider.md b/content/homelab/guides/Terraform provider.md new file mode 100644 index 0000000..6aac4f1 --- /dev/null +++ b/content/homelab/guides/Terraform provider.md @@ -0,0 +1,29 @@ +--- +title: Terraform provider +publish: true +tags: + - +--- + +# Terraform provider + +Create the Terraform role. + +```bash +pveum role add TerraformProv -privs "Datastore.Allocate Datastore.AllocateSpace Datastore.Audit Pool.Allocate Sys.Audit Sys.Console Sys.Modify VM.Allocate VM.Audit VM.Clone VM.Config.CDROM VM.Config.Cloudinit VM.Config.CPU VM.Config.Disk VM.Config.HWType VM.Config.Memory VM.Config.Network VM.Config.Options VM.Console VM.Migrate VM.Monitor VM.PowerMgmt SDN.Use" +``` + + +```bash +pveum user add terraform-prov@pve +``` + +```bash +pveum aclmod / -user terraform-prov@pve -role TerraformProv +``` + + +```bash +pveum user token add terraform-prov@pve terraform -expire 0 -privsep 0 -comment "Terraform token" +``` + diff --git a/content/homelab/services/Trust a certificate from a private local certificate authority.md b/content/homelab/guides/Trust a certificate from a private local certificate authority.md similarity index 100% rename from content/homelab/services/Trust a certificate from a private local certificate authority.md rename to content/homelab/guides/Trust a certificate from a private local certificate authority.md diff --git a/content/homelab/memos/index.md b/content/homelab/memos/index.md new file mode 100644 index 0000000..90f7dd5 --- /dev/null +++ b/content/homelab/memos/index.md @@ -0,0 +1,4 @@ +# Here are my memos + +>[!caution] These notes are for personal usage only as they were made in a hurry + diff --git a/content/homelab/memos/some useful tools.md b/content/homelab/memos/some useful tools.md new file mode 100644 index 0000000..354c6c7 --- /dev/null +++ b/content/homelab/memos/some useful tools.md @@ -0,0 +1,28 @@ +--- +title: some useful tools +publish: true +tags: + - +--- + +# some useful tools + +## pet + +https://github.com/knqyf263/pet + +## justfile + + + +## croc + + + +## mamba + + + +## mise + + diff --git a/content/homelab/services/My personal Git Forge using Gitea.md b/content/homelab/services/My personal Git Forge using Gitea.md new file mode 100644 index 0000000..5956d86 --- /dev/null +++ b/content/homelab/services/My personal Git Forge using Gitea.md @@ -0,0 +1,12 @@ +--- +title: My personal Git Forge using Gitea +publish: true +tags: + - homelab + - service +--- + +# My personal Git Forge using Gitea + +https://gitea.vorpax.dev + diff --git a/content/homelab/workshops/Workshop Cheatsheet — Deploy your own ChatGPT.md b/content/homelab/workshops/Workshop Cheatsheet — Deploy your own ChatGPT.md new file mode 100644 index 0000000..8669ca9 --- /dev/null +++ b/content/homelab/workshops/Workshop Cheatsheet — Deploy your own ChatGPT.md @@ -0,0 +1,133 @@ +--- +title: Workshop Cheatsheet — Deploy your own ChatGPT +publish: true +date: 2026-03-03 +tags: + - workshop + - Cheatsheet + - HECIA + - containerization + - docker + - openwebui +description: A cheatsheet for the "Deploy your own ChatGPT" workshop +--- +# Workshop Cheatsheet — Deploy your own ChatGPT + +> Commands only. Full explanations in the reference document shared at the end. + +--- + +## 1 · Install Docker + +**Register Docker's repository** + +```bash +sudo apt update +sudo apt install ca-certificates curl + +sudo install -m 0755 -d /etc/apt/keyrings +sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc +sudo chmod a+r /etc/apt/keyrings/docker.asc + +sudo tee /etc/apt/sources.list.d/docker.sources < Type `Y` when prompted. + +**Verify** + +```bash +docker --version +docker compose version +``` + +✅ Both should print a version number. + +--- + +## 2 · Deploy OpenWebUI + +**Create the project folder** + +```bash +mkdir -p ~/projects/openwebui +cd ~/projects/openwebui +``` + +**Create `compose.yaml`** — paste this exactly: + +```yaml +services: + openwebui: + image: ghcr.io/open-webui/open-webui:main-slim + ports: + - "3000:8080" + volumes: + - open-webui:/app/backend/data + restart: unless-stopped + +volumes: + open-webui: +``` + +**Start the container** + +```bash +docker compose up -d +``` + +> First run downloads the image — wait 1–2 min. + +**Watch startup logs** _(optional)_ + +```bash +docker compose logs -f +``` + +> Press `Ctrl+C` to stop watching. The container keeps running. + +**Open in your browser** + +``` +https://openwebui..workshop.hec-ia.com +``` + +Your shortname = first initial + last name, lowercase. e.g. John Smith → `jsmith` + +> First launch: create an account — you automatically become admin. + +--- + +## 3 · Configure an API key + +**Settings → Admin Panel → Connections** + + + +--- + +## Useful commands + +|Command|Effect| +|---|---| +|`docker compose up -d`|Start the app| +|`docker compose down`|Stop the app| +|`docker compose logs -f`|Watch live logs| +|`docker compose pull`|Update the image| +|`docker ps`|List running containers| + +> Always run these from `~/projects/openwebui` \ No newline at end of file diff --git a/content/homelab/workshops/Workshop — Deploy your own ChatGPT.md b/content/homelab/workshops/Workshop — Deploy your own ChatGPT.md new file mode 100644 index 0000000..cb5f3ca --- /dev/null +++ b/content/homelab/workshops/Workshop — Deploy your own ChatGPT.md @@ -0,0 +1,228 @@ +--- +title: Workshop — Deploy your own ChatGPT +publish: false +date: 2026-03-03 +tags: + - workshop + - HECIA + - containerization + - docker + - openwebui +description: A detailed guide for the "Deploy your own ChatGPT" workshop +--- + +# Workshop — Deploy your own ChatGPT +> By the end of this workshop, you will have a private AI assistant running on your own server, accessible from anywhere, connected to a real AI model via API. + +--- + +## 0. Some context before we start + +### What is a VPS? + +A **VPS** (Virtual Private Server) is a computer that lives in a data centre somewhere and runs 24/7, connected to the internet. You don't physically touch it — you control it remotely from your own laptop by typing commands into a **terminal**. + +Think of it like renting a studio flat: the building (the physical server) belongs to someone else, but you get your own private, locked space inside it to do whatever you want. + +### What is a terminal? + +A **terminal** is a text-based way to talk to a computer. Instead of clicking on icons, you type instructions and the computer responds with text. + +It might look intimidating, but the principle is always the same: you type a command, you press Enter, and the computer does what you asked. + +> 💡 **Throughout this workshop, every time you see a grey box with text in it, it's a command to type into the terminal — then press Enter.** + +### What is Docker? + +Normally, installing software on a server is painful: every application needs specific versions of specific dependencies, and they often conflict with each other. A year later, nobody remembers what was installed or why, and the system is a mess. + +**Docker** solves this by wrapping each application inside a **container**: a completely isolated box that contains the application _and_ everything it needs to run. The rest of the server doesn't know it exists, and it doesn't know about the rest of the server. + +Two concepts you need to know: + +|Concept|What it is|Real-world analogy| +|---|---|---| +|**Image**|A precise recipe describing how to build the application and all its ingredients|A cake recipe written on paper| +|**Container**|A live, running instance created from that recipe|The actual cake you baked from the recipe| + +You can bake many cakes from the same recipe. You can run many containers from the same image. The recipe doesn't change when you eat the cake. + +**Docker Compose** lets you describe your containers in a simple configuration file rather than memorising long commands. It's like a checklist: you write down what you want once, and Docker takes care of making it happen. + +--- + +## 1. Install Docker + +We'll install Docker from its official repository. + +### What is a repository? + +When you install apps on your phone, you get them from the App Store or Google Play — a trusted place that verifies what you're downloading is legitimate. On Linux servers, software is installed from **repositories**: official, trusted sources that also handle updates automatically. + +Before we can install Docker, we need to tell Ubuntu _where_ to find it and that it can trust it. + +### 1.1 — Add Docker's repository and GPG key + +A **GPG key** is a cryptographic signature. Ubuntu uses it to verify that the software you're downloading actually comes from Docker, and hasn't been tampered with in transit — like a wax seal on a letter. + +Run these commands one block at a time: + +```bash +sudo apt update +sudo apt install ca-certificates curl +``` + +> `sudo` means "run this as administrator". `apt` is Ubuntu's package manager — the tool that installs software. `update` refreshes the list of available software. + +```bash +sudo install -m 0755 -d /etc/apt/keyrings +sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc +sudo chmod a+r /etc/apt/keyrings/docker.asc +``` + +> This creates a folder to store trusted keys, downloads Docker's GPG key, and makes it readable by the system. + +```bash +sudo tee /etc/apt/sources.list.d/docker.sources < This registers Docker's repository as a trusted source for Ubuntu. From now on, Ubuntu knows where to find Docker packages and that they're legitimate. + +```bash +sudo apt update +``` + +> Refresh the package list again — this time it includes Docker's repository. + +### 1.2 — Install Docker + +```bash +sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin +``` + +> This installs Docker Engine (the core), its command-line tool, and the Compose plugin. When Ubuntu asks `Do you want to continue? [Y/n]`, type `Y` and press Enter. + +### 1.3 — Verify the installation + +```bash +docker --version +docker compose version +``` + +Both commands should print a version number. If you see one, Docker is correctly installed. + +--- + +## 2. Deploy OpenWebUI + +**OpenWebUI** is an open-source application that gives you a ChatGPT-like web interface, running entirely on your own server. Your conversations stay private, you choose which AI model powers it, and you control everything. + +### 2.1 — Create the project directory + +On a Linux system, files are organised in folders, just like on your computer. We'll create a dedicated folder for this project. + +```bash +mkdir -p ~/projects/openwebui +cd ~/projects/openwebui +``` + +> `mkdir` creates a folder (`make directory`). The `~` is a shorthand for your home folder — the equivalent of "Documents" on your laptop. `cd` moves you into that folder (`change directory`). Everything you do next will happen inside it. + +### 2.2 — Write the Compose file + +Now we'll create the file that tells Docker what to run and how. + +Create a file named `compose.yaml` with the following content (your instructor will show you how to open a text editor in the terminal): + +```yaml +services: + openwebui: + image: ghcr.io/open-webui/open-webui:main-slim + ports: + - "3000:8080" + volumes: + - open-webui:/app/backend/data + restart: unless-stopped + +volumes: + open-webui: +``` + +Here's what each line means: + +- **`services`** — the list of containers we want to run. Here we have one, called `openwebui`. +- **`image`** — the Docker image (the "recipe") to use. Docker will download it automatically from the internet on first run. +- **`ports`** — containers are isolated, so by default nothing from the outside can reach them. This line opens a door: it says _"connect port 3000 on the server to port 8080 inside the container"_. Think of it like a call forwarding rule: calls arriving on 3000 get redirected to 8080 inside the box. +- **`volumes`** — containers are ephemeral: if you restart one, it starts fresh and everything inside is gone, like closing an incognito window. Volumes are a way to store data _outside_ the container so it survives restarts. Here, your conversations and settings will be saved permanently. +- **`restart: unless-stopped`** — if the container crashes, or if the server reboots, Docker will automatically restart it. It only stays off if you explicitly stop it yourself. +- **`volumes` (bottom)** — this is where we actually tell Docker to create the storage space named `open-webui`. The mention above just says "use it"; this line is where it gets created. + +### 2.3 — Start the container + +```bash +docker compose up -d +``` + +> `up` means "start everything described in the Compose file". `-d` means "in the background" (detached) — so the application keeps running even after you close the terminal, like a server that doesn't stop when you log off. + +On first run, Docker needs to download the image from the internet. This takes a minute or two. You can watch what's happening with: + +```bash +docker compose logs -f +``` + +> This shows the container's live output — like looking through a window into the box as it starts up. Press `Ctrl+C` when you want to stop watching. The container keeps running. + +When you see a line mentioning that the server is ready, you're good to go. + +### 2.4 — Access your instance + +Open your browser and go to: + +``` +https://openwebui..workshop.hec-ia.com +``` + +Replace `` with your shortname: first initial + last name, all lowercase. For example, **John Smith** → `jsmith`, so the URL is `https://jsmith.workshop.hec-ia.com`. + +> **First launch:** OpenWebUI will ask you to create an account. The first account created automatically becomes the administrator — that's you. + +--- + +## 3. Configure an API key + +OpenWebUI is just the interface — the visual layer. On its own, it can't generate any text. It needs to be connected to an AI model to do anything useful. + +Think of it like a television set with no signal: the screen is there and works perfectly, but you need to plug it into a source to actually watch anything. + +We'll connect it to an AI provider via an **API key**. An API key is a unique secret token — similar to a password — that identifies you to the AI provider and lets OpenWebUI send requests on your behalf. + +### 3.1 — Open the admin settings + +In OpenWebUI, go to: **Settings → Admin Panel → Connections** + +### 3.2 — Add your API key + + + +--- + +## Useful commands + +Once the workshop is over, here are the commands you'll need to manage your instance: + +|Command|What it does| +|---|---| +|`docker compose up -d`|Start the application| +|`docker compose down`|Stop the application (your data is preserved)| +|`docker compose logs -f`|Watch live logs| +|`docker compose pull`|Download the latest version of the image| +|`docker ps`|List all running containers| + +> To run these commands, you need to be in the project folder first: `cd ~/projects/openwebui` \ No newline at end of file