Quartz sync: Mar 3, 2026, 10:47 PM

content/homelab/guides/Create a TrueNAS test vm.md

@@ -0,0 +1,99 @@
+---
+title: Create a TrueNAS test vm
+publish: true
+date: 2026-01-14
+tags:
+  - guide
+description:
+---
+# TrueNAS Scale VM: Configuring Virtual Disk Serials
+
+## Overview
+
+This guide explains how to assign custom serial numbers to Proxmox virtual disks. 
+
+This is required for TrueNAS Scale to correctly identify disks and form ZFS pools in a virtualized environment.
+
+> [!WARNING] **Test Labs Only**
+> Never use virtual disks for production TrueNAS deployments. It prevents ZFS from accessing SMART data and increases data loss risk.
+
+## Prerequisites
+
+* A running PVE node.
+* A created TrueNAS Scale VM on your PVE node.
+* Basic shell knowledge.
+
+---
+
+## Steps
+
+### Step 1: Locate VM Config
+
+Open an SSH connection to your Proxmox node and identify your TrueNAS VM ID (e.g., `100`).
+
+### Step 2: Add Serial Numbers
+
+Edit the QEMU server configuration file for your VM:
+
+```bash
+vi /etc/pve/qemu-server/${TRUENAS_VMID}.conf
+
+```
+
+Locate the lines defining your hard disks (usually starting with `scsi`). Append a unique serial parameter `,serial=XXXX` to the end of each disk line.
+
+**Example Configuration:**
+
+```ini
+# Before
+scsi1: local-lvm:vm-100-disk-1,discard=on,iothread=1,size=16G,ssd=1
+scsi2: local-lvm:vm-100-disk-2,discard=on,iothread=1,size=16G,ssd=1
+
+# After (Ensure every serial string is unique)
+scsi1: local-lvm:vm-100-disk-1,discard=on,iothread=1,size=16G,ssd=1,serial=TRUENAS-01
+scsi2: local-lvm:vm-100-disk-2,discard=on,iothread=1,size=16G,ssd=1,serial=TRUENAS-02
+
+```
+
+### Step 3: Apply Changes
+
+For these hardware changes to register, you must fully stop and start the VM (a reboot is not sufficient).
+
+```bash
+qm stop ${TRUENAS_VMID}
+qm start ${TRUENAS_VMID}
+
+```
+
+---
+
+## Verification
+
+Open the Shell inside your running TrueNAS VM and run:
+
+```bash
+lsblk -o NAME,SERIAL,SIZE
+
+```
+
+**Expected Output:**
+
+```text
+NAME   SERIAL      SIZE
+sda    TRUENAS-01  16G
+sdb    TRUENAS-02  16G
+
+```
+
+---
+
+## Troubleshooting
+
+### "Disk Serial" or Multipath Errors
+
+**Problem:** TrueNAS complains about duplicate disks or fails to create the pool.
+**Solution:** You likely pasted the same serial number for multiple disks. Re-open the `.conf` file and ensure every `serial=...` string is unique.
+
+---
+
+**Created:** 2026-01-14

content/homelab/guides/GPU PASSTHROUGH.md

@@ -0,0 +1,110 @@
+---
+title: GPU PASSTHROUGH
+publish: true
+date: 2026-02-18
+tags:
+  - guide
+description:
+---
+
+# GPU PASSTHROUGH
+
+## Overview
+
+What this guide covers and what you'll accomplish.
+
+## Prerequisites
+
+- Requirement 1
+- Requirement 2
+- Required knowledge
+
+## What You'll Need
+
+- Hardware/software requirements
+- Tools
+- Access requirements
+
+## Steps
+
+### Step 1: Setup
+
+
+
+```bash
+echo "blacklist nouveau" >> /etc/modprobe.d/blacklist.conf 
+echo "blacklist nvidia*" >> /etc/modprobe.d/blacklist.conf 
+```
+
+
+```bash
+lspci -v
+```
+
+You should find the id of your device, in my case it is 01:00 which is pretty common.
+
+Then look out for the specific code of your device.
+
+```bash
+lspci -n -s 01:00
+```
+
+Then you just have to add it to vfio.
+
+```bash
+echo "options vfio-pci ids=10de:1b81,10de:10f0 disable_vga=1" > /etc/modprobe.d/vfio.conf
+```
+
+
+```bash
+update-initramfs -u
+```
+
+```bash
+reboot now
+```
+
+### Step 2: Configuration
+
+Continue with configuration steps.
+
+```bash
+# More commands
+```
+
+### Step 3: Verification
+
+How to verify everything is working.
+
+```bash
+# Verification commands
+```
+
+## Troubleshooting
+
+### Issue 1
+
+						**Problem**: Description of the problem
+
+**Solution**: How to fix it
+
+### Issue 2
+
+**Problem**: Description
+
+**Solution**: Fix
+
+## Next Steps
+
+- What to do after completing this guide
+- Related guides
+- Advanced configurations
+
+## References
+
+- Links to documentation
+- Related resources
+
+---
+
+*Created: 2026-02-18*

content/homelab/guides/Step CA.md

@@ -0,0 +1,85 @@
+---
+title: Step CA
+publish: true
+date: 2026-01-20
+tags:
+  - guide
+  - network
+  - security
+  - CA
+  - PKI
+description:
+---
+
+# Step CA
+
+## Overview
+
+A guide to setting up *step-ca*
+
+## Prerequisites
+
+- Requirement 1
+- Requirement 2
+- Required knowledge
+
+## What You'll Need
+
+- Hardware/software requirements
+- Tools
+- Access requirements
+
+## Steps
+
+### Step 1: Setup
+
+Detailed instructions for the first step.
+
+```bash
+# Example commands
+```
+
+### Step 2: Configuration
+
+Continue with configuration steps.
+
+```bash
+# More commands
+```
+
+### Step 3: Verification
+
+How to verify everything is working.
+
+```bash
+# Verification commands
+```
+
+## Troubleshooting
+
+### Issue 1
+
+**Problem**: Description of the problem
+
+**Solution**: How to fix it
+
+### Issue 2
+
+**Problem**: Description
+
+**Solution**: Fix
+
+## Next Steps
+
+- What to do after completing this guide
+- Related guides
+- Advanced configurations
+
+## References
+
+- Links to documentation
+- Related resources
+
+---
+
+*Created: 2026-01-20*

content/homelab/guides/Terraform provider.md

@@ -0,0 +1,29 @@
+---
+title: Terraform provider
+publish: true
+tags:
+  -
+---
+
+# Terraform provider
+
+Create the Terraform role.
+
+```bash
+pveum role add TerraformProv -privs "Datastore.Allocate Datastore.AllocateSpace Datastore.Audit Pool.Allocate Sys.Audit Sys.Console Sys.Modify VM.Allocate VM.Audit VM.Clone VM.Config.CDROM VM.Config.Cloudinit VM.Config.CPU VM.Config.Disk VM.Config.HWType VM.Config.Memory VM.Config.Network VM.Config.Options VM.Console VM.Migrate VM.Monitor VM.PowerMgmt SDN.Use"
+```
+
+
+```bash
+pveum user add terraform-prov@pve
+```
+
+```bash
+pveum aclmod / -user terraform-prov@pve -role TerraformProv
+```
+
+
+```bash
+pveum user token add terraform-prov@pve terraform -expire 0 -privsep 0 -comment "Terraform token"
+```
+

content/homelab/guides/Trust a certificate from a private local certificate authority.md

@@ -0,0 +1,116 @@
+---
+title: Trust a certificate from a private local certificate authority
+publish: true
+date: 2026-01-11
+tags:
+  - guide
+  - step-ca
+  - runbook
+description:
+---
+
+# Trust a certificate from a private local certificate authority
+
+## Overview
+
+Make your device trust your private CA for TLS encryption.
+
+## Prerequisites
+
+- A local CA running (in our case step-ca) and reachable at `CA_URL`, for instance `https://local-ca.homelab.internal:443`
+- An end device with access to a normal shell (*eww, Powershell*).
+- very basic understanding of what a PKI is and how certificate trust works.
+
+
+### Initial problem
+
+When doing 
+
+```bash
+curl $CA_URL
+```
+
+you get :  
+
+```
+curl: (60) SSL certificate problem: unable to get local issuer certificate
+More details here: https://curl.se/docs/sslcerts.html
+
+curl failed to verify the legitimacy of the server and therefore could not
+establish a secure connection to it. To learn more about this situation and
+how to fix it, please visit the webpage mentioned above.
+```
+
+Which is normal as your root Certificate authority uses a self-signed certificate.
+
+## Steps
+
+### Step 1: Setup
+
+If not already done, install step cli on your end-device : 
+
+```bash
+brew install step
+```
+
+refer to official documentation https://smallstep.com/docs/step-ca/installation/ for additional installation details for your OS.
+
+### Step 2 : get CA fingerprint
+
+`CA_FINGERPRINT` is the fingerprint of your root certificate.
+
+If you don't have any other device than Step CA with the CA configured, run 
+
+Inside of your host/container running step CA (or any client with step ca already configured)
+
+```bash
+step certificate fingerprint <(step ca root)
+```
+
+### Step 3: Bootstrap cert
+
+You'll need to run :
+
+```bash
+step ca bootstrap --ca-url $CA_URL --fingerprint $CA_FINGERPRINT
+```
+
+
+where `CA_URL` is the address of the CA with protocol
+
+### Step 3 : Install certificate
+
+
+```bash
+step certificate install <(step ca root)
+```
+
+
+### Step 4: Verification
+
+In most modern distributions and *UNIX* derivatives, curl (particularly when installed by default) is configured to run with the system trust store
+
+Now after running
+
+```bash
+curl $CA_URL
+```
+
+you get 
+
+`404 page not found`
+
+Which is completely fine.
+
+### You successfuly installed a certificate.
+
+## References
+
+- https://smallstep.com/docs/step-ca/installation/
+- Related resources
+
+
+
+---
+
+*Created: 2026-01-11*