From c11e3f4a7aea2076b6eb9b2a53e8dbfb9c57eb00 Mon Sep 17 00:00:00 2001 From: vorpax Date: Sun, 11 Jan 2026 16:26:42 +0100 Subject: [PATCH] Quartz sync: Jan 11, 2026, 4:26 PM --- content/GLiNet Beryl AX.md | 0 content/homelab/Proxmox hosts.md | 6 +- content/homelab/hardware/end-devices/index.md | 32 +++++ .../hardware/{ => proxmox-nodes}/fatman.md | 0 .../hardware/proxmox-nodes/gerboise.md | 36 ++++++ .../hardware/{ => proxmox-nodes}/littleboy.md | 0 .../hardware/{ => proxmox-nodes}/optiplex.md | 0 .../Gitea Webhook and CI CD using Komodo.md | 27 ++++ .../{index.md => macos, ssh and Yubikey.md} | 0 ...m a private local certificate authority.md | 116 ++++++++++++++++++ 10 files changed, 214 insertions(+), 3 deletions(-) create mode 100644 content/GLiNet Beryl AX.md create mode 100644 content/homelab/hardware/end-devices/index.md rename content/homelab/hardware/{ => proxmox-nodes}/fatman.md (100%) create mode 100644 content/homelab/hardware/proxmox-nodes/gerboise.md rename content/homelab/hardware/{ => proxmox-nodes}/littleboy.md (100%) rename content/homelab/hardware/{ => proxmox-nodes}/optiplex.md (100%) create mode 100644 content/homelab/memos/Gitea Webhook and CI CD using Komodo.md rename content/homelab/memos/{index.md => macos, ssh and Yubikey.md} (100%) create mode 100644 content/homelab/services/Trust a certificate from a private local certificate authority.md diff --git a/content/GLiNet Beryl AX.md b/content/GLiNet Beryl AX.md new file mode 100644 index 0000000..e69de29 diff --git a/content/homelab/Proxmox hosts.md b/content/homelab/Proxmox hosts.md index b019bb8..c375064 100644 --- a/content/homelab/Proxmox hosts.md +++ b/content/homelab/Proxmox hosts.md @@ -6,6 +6,6 @@ title: My Physical Nodes # All my nodes My main cluster is composed of 3 Physical Nodes : -- [[hardware/littleboy|Littleboy]] which is a Firebat T8 Pro Plus -- [[hardware/optiplex|Optiplex]] which is an Optiplex 7070 SFF with an i7-9700 and 64GB of RAM -- [[hardware/fatman|Fatman]] which is a custom built gaming PC repurposed into a beefy GPU workhorse \ No newline at end of file +- [[littleboy|Littleboy]] which is a Firebat T8 Pro Plus +- [[optiplex|Optiplex]] which is an Optiplex 7070 SFF with an i7-9700 and 64GB of RAM +- [[fatman|Fatman]] which is a custom built gaming PC repurposed into a beefy GPU workhorse \ No newline at end of file diff --git a/content/homelab/hardware/end-devices/index.md b/content/homelab/hardware/end-devices/index.md new file mode 100644 index 0000000..e5f1fdd --- /dev/null +++ b/content/homelab/hardware/end-devices/index.md @@ -0,0 +1,32 @@ +--- +title: My everyday devices +publish: true +tags: + - +--- + +# What are my daily drivers + + +## Why the hell am I running MacOS ? + +Here is something quite controversial : I find Mac better than most laptops out there. + +I know this is quite a controversial statement but, after having struggled for hours trying to make WSL work along with both mosh and my Yubikey, I basically gave up. + +Though I'm still and I will always be a Linux enjoyer, you can't deny that both Mac as a piece of hardware and MacOS as an OS get the job done. + +Here are the key points: +- It enables you to access the Office Suite (I know, OSS alternatives, have you ever managed to setup a Microsoft Exchange Email Client on any other app than Outlook ? I did not.) +- It natively takes advantages of it's ARM CPU architecture, offering substantially better battery performance than any x86 machine while remaining light and thin. +- MacOS as a BSD derivative is actually quite close to Linux in a daily usage. Though you might not have access to some of `ps` obscure flags, the ability to install GNU Core Utils and to use those, only by prefixing your command with `g` (`gls`, `gcat`,`gcp` and even `gchroot`) is actually pretty great. +- Mac is the only option if you need substantial amounts of RAM for both GPU and CPU usage. +- `brew` is really convenient, trust me. + + + +## Ipad is great for maths + + + +## You know what, diff --git a/content/homelab/hardware/fatman.md b/content/homelab/hardware/proxmox-nodes/fatman.md similarity index 100% rename from content/homelab/hardware/fatman.md rename to content/homelab/hardware/proxmox-nodes/fatman.md diff --git a/content/homelab/hardware/proxmox-nodes/gerboise.md b/content/homelab/hardware/proxmox-nodes/gerboise.md new file mode 100644 index 0000000..0240ebd --- /dev/null +++ b/content/homelab/hardware/proxmox-nodes/gerboise.md @@ -0,0 +1,36 @@ +--- +title: Gerboise - GmkTec K12 +publish: true +tags: + - homelab + - hardware + - proxmox +--- + +# Littleboy + +**Model**: GmkTec K12 + +## Specifications + +- **CPU**: AMD +- **RAM**: $1\times 32 \text{Go} + 1\times 16 \text{Go} \, \, \text{DDR5 SO-DIMM}$ +- **Storage**: 1To NVME for Now +- **Network**: 2\*2.5Gbe Ethernet + 1 Mediatek Wifi + Bluetooth card (It's currently plugged into my [[GLiNet Beryl AX | GLiNet Beryl AX travel router]] and [[Connecting a Travel Router to eduroam with 802.1X on OpenWrt | connected to eduroam]] ) + +## Role in Cluster + +This node has a peculiar role in my cluster as it is the only node away from my parent's place. +I carry it along with me at HEC, it serves as a local experimentation test bench and as a secondary source of daily computing power along with my [[Macbook Pro]]. + +## Services Running + +- List services/VMs/containers running on this node + +## Notes + +Add any additional notes, configuration details, or special considerations for this node. + +--- + +Back to [[Proxmox hosts|Physical Nodes]] diff --git a/content/homelab/hardware/littleboy.md b/content/homelab/hardware/proxmox-nodes/littleboy.md similarity index 100% rename from content/homelab/hardware/littleboy.md rename to content/homelab/hardware/proxmox-nodes/littleboy.md diff --git a/content/homelab/hardware/optiplex.md b/content/homelab/hardware/proxmox-nodes/optiplex.md similarity index 100% rename from content/homelab/hardware/optiplex.md rename to content/homelab/hardware/proxmox-nodes/optiplex.md diff --git a/content/homelab/memos/Gitea Webhook and CI CD using Komodo.md b/content/homelab/memos/Gitea Webhook and CI CD using Komodo.md new file mode 100644 index 0000000..e39e067 --- /dev/null +++ b/content/homelab/memos/Gitea Webhook and CI CD using Komodo.md @@ -0,0 +1,27 @@ +--- +title: Gitea Webhook and CI CD using Komodo +publish: true +tags: + - +--- + +# Gitea Webhook and CI CD using Komodo + +You need to whitelist the url you're sending a webhook to in the `config/app.ini` file. + +The `[webhook]` section might look something like that + +```ini +[webhook] + +ALLOWED_HOST_LIST = loopback,private,*.vorpax.dev +``` + + +To my own dismay Gitea doesn't offer granular configuration for webhook dispatch (for instance, to trigger your webhook only when some actions are completed). + +Neither does Komodo enables you to easily verify some basic parameters inside of the webhook's json body. + +In the future, I'll probably setup all of that in CI/CD runners like Gitea Actions, though I would likely trade convenience for a much larger potential to extend CI/CD usage in my Homelab. + +I'm actually contemplating an eventual deployment of GitLab on Gerboise, I don't really know if it is worth the ressource overhead... \ No newline at end of file diff --git a/content/homelab/memos/index.md b/content/homelab/memos/macos, ssh and Yubikey.md similarity index 100% rename from content/homelab/memos/index.md rename to content/homelab/memos/macos, ssh and Yubikey.md diff --git a/content/homelab/services/Trust a certificate from a private local certificate authority.md b/content/homelab/services/Trust a certificate from a private local certificate authority.md new file mode 100644 index 0000000..6220b99 --- /dev/null +++ b/content/homelab/services/Trust a certificate from a private local certificate authority.md @@ -0,0 +1,116 @@ +--- +title: Trust a certificate from a private local certificate authority +publish: true +date: 2026-01-11 +tags: + - guide + - step-ca + - runbook +description: +--- + +# Trust a certificate from a private local certificate authority + +## Overview + +Make your device trust your private CA for TLS encryption. + +## Prerequisites + +- A local CA running (in our case step-ca) and reachable at `CA_URL`, for instance `https://local-ca.homelab.internal:443` +- An end device with access to a normal shell (*eww, Powershell*). +- very basic understanding of what a PKI is and how certificate trust works. + + +### Initial problem + +When doing + +```bash +curl $CA_URL +``` + +you get : + +``` +curl: (60) SSL certificate problem: unable to get local issuer certificate +More details here: https://curl.se/docs/sslcerts.html + +curl failed to verify the legitimacy of the server and therefore could not +establish a secure connection to it. To learn more about this situation and +how to fix it, please visit the webpage mentioned above. +``` + +Which is normal as your root Certificate authority uses a self-signed certificate. + +## Steps + +### Step 1: Setup + +If not already done, install step cli on your end-device : + +```bash +brew install step +``` + +refer to official documentation https://smallstep.com/docs/step-ca/installation/ for additional installation details for your OS. + +### Step 2 : get CA fingerprint + +`CA_FINGERPRINT` is the fingerprint of your root certificate. + +If you don't have any other device than Step CA with the CA configured, run + +Inside of your host/container running step CA (or any client with step ca already configured) + +```bash +step certificate fingerprint <(step ca root) +``` + +### Step 3: Bootstrap cert + +You'll need to run : + +```bash +step ca bootstrap --ca-url $CA_URL --fingerprint $CA_FINGERPRINT +``` + + +where `CA_URL` is the address of the CA with protocol + +### Step 3 : Install certificate + + +```bash +step certificate install <(step ca root) +``` + + +### Step 4: Verification + +In most modern distributions and *UNIX* derivatives, curl (particularly when installed by default) is configured to run with the system trust store + +Now after running + +```bash +curl $CA_URL +``` + +you get + +`404 page not found` + +Which is completely fine. + +### You successfuly installed a certificate. + +## References + +- https://smallstep.com/docs/step-ca/installation/ +- Related resources + + + +--- + +*Created: 2026-01-11*