Quartz sync: Jan 11, 2026, 4:26 PM

content/homelab/Proxmox hosts.md

@@ -6,6 +6,6 @@ title: My Physical Nodes
 # All my nodes
 
 My main cluster is composed of 3 Physical Nodes :
-- [[hardware/littleboy|Littleboy]] which is a Firebat T8 Pro Plus
-- [[hardware/optiplex|Optiplex]] which is an Optiplex 7070 SFF with an i7-9700 and 64GB of RAM
-- [[hardware/fatman|Fatman]] which is a custom built gaming PC repurposed into a beefy GPU workhorse
+- [[littleboy|Littleboy]] which is a Firebat T8 Pro Plus
+- [[optiplex|Optiplex]] which is an Optiplex 7070 SFF with an i7-9700 and 64GB of RAM
+- [[fatman|Fatman]] which is a custom built gaming PC repurposed into a beefy GPU workhorse

content/homelab/hardware/end-devices/index.md

@@ -0,0 +1,32 @@
+---
+title: My everyday devices
+publish: true
+tags:
+  -
+---
+
+# What are my daily drivers
+
+
+## Why the hell am I running MacOS ?
+
+Here is something quite controversial : I find Mac better than most laptops out there.
+
+I know this is quite a controversial statement but, after having struggled for hours trying to make WSL work along with both mosh and my Yubikey, I basically gave up.
+
+Though I'm still and I will always be a Linux enjoyer, you can't deny that both Mac as a piece of hardware and MacOS as an OS get the job done. 
+
+Here are the key points:
+- It enables you to access the Office Suite (I know, OSS alternatives, have you ever managed to setup a Microsoft Exchange Email Client on any other app than Outlook ? I did not.)
+- It natively takes advantages of it's ARM CPU architecture, offering substantially better battery performance than any x86 machine while remaining light and thin.
+- MacOS as a BSD derivative is actually quite close to Linux in a daily usage. Though you might not have access to some of `ps` obscure flags, the ability to install GNU Core Utils and to use those, only by prefixing your command with `g` (`gls`, `gcat`,`gcp` and even `gchroot`) is actually pretty great.
+- Mac is the only option if you need substantial amounts of RAM for both GPU and CPU usage.
+- `brew` is really convenient, trust me.
+
+
+
+## Ipad is great for maths
+
+
+
+## You know what, 

content/homelab/hardware/proxmox-nodes/gerboise.md

@@ -0,0 +1,36 @@
+---
+title: Gerboise - GmkTec K12
+publish: true
+tags:
+  - homelab
+  - hardware
+  - proxmox
+---
+
+# Littleboy
+
+**Model**: GmkTec K12
+
+## Specifications
+
+- **CPU**: AMD 
+- **RAM**: $1\times 32 \text{Go} + 1\times 16 \text{Go} \, \, \text{DDR5 SO-DIMM}$
+- **Storage**: 1To NVME for Now
+- **Network**: 2\*2.5Gbe Ethernet + 1 Mediatek Wifi + Bluetooth card (It's currently plugged into my [[GLiNet Beryl AX | GLiNet Beryl AX travel router]] and [[Connecting a Travel Router to eduroam with 802.1X on OpenWrt | connected to eduroam]] )
+
+## Role in Cluster
+
+This node has a peculiar role in my cluster as it is the only node away from my parent's place. 
+I carry it along with me at HEC, it serves as a local experimentation test bench and as a secondary source of daily computing power along with my [[Macbook Pro]].
+
+## Services Running
+
+- List services/VMs/containers running on this node
+
+## Notes
+
+Add any additional notes, configuration details, or special considerations for this node.
+
+---
+
+Back to [[Proxmox hosts|Physical Nodes]]

content/homelab/memos/Gitea Webhook and CI CD using Komodo.md

@@ -0,0 +1,27 @@
+---
+title: Gitea Webhook and CI CD using Komodo
+publish: true
+tags:
+  -
+---
+
+# Gitea Webhook and CI CD using Komodo
+
+You need to whitelist the url you're sending a webhook to in the `config/app.ini` file.
+
+The `[webhook]` section might look something like that 
+
+```ini
+[webhook]
+
+ALLOWED_HOST_LIST = loopback,private,*.vorpax.dev
+```
+
+
+To my own dismay Gitea doesn't offer granular configuration for webhook dispatch (for instance, to trigger your webhook only when some actions are completed).
+
+Neither does Komodo enables you to easily verify some basic parameters inside of the webhook's json body.
+
+In the future, I'll probably setup all of that in CI/CD runners like Gitea Actions, though I would likely trade convenience for a much larger potential to extend CI/CD usage in my Homelab.
+
+I'm actually contemplating an eventual deployment of GitLab on Gerboise, I don't really know if it is worth the ressource overhead...

content/homelab/services/Trust a certificate from a private local certificate authority.md

@@ -0,0 +1,116 @@
+---
+title: Trust a certificate from a private local certificate authority
+publish: true
+date: 2026-01-11
+tags:
+  - guide
+  - step-ca
+  - runbook
+description:
+---
+
+# Trust a certificate from a private local certificate authority
+
+## Overview
+
+Make your device trust your private CA for TLS encryption.
+
+## Prerequisites
+
+- A local CA running (in our case step-ca) and reachable at `CA_URL`, for instance `https://local-ca.homelab.internal:443`
+- An end device with access to a normal shell (*eww, Powershell*).
+- very basic understanding of what a PKI is and how certificate trust works.
+
+
+### Initial problem
+
+When doing 
+
+```bash
+curl $CA_URL
+```
+
+you get :  
+
+```
+curl: (60) SSL certificate problem: unable to get local issuer certificate
+More details here: https://curl.se/docs/sslcerts.html
+
+curl failed to verify the legitimacy of the server and therefore could not
+establish a secure connection to it. To learn more about this situation and
+how to fix it, please visit the webpage mentioned above.
+```
+
+Which is normal as your root Certificate authority uses a self-signed certificate.
+
+## Steps
+
+### Step 1: Setup
+
+If not already done, install step cli on your end-device : 
+
+```bash
+brew install step
+```
+
+refer to official documentation https://smallstep.com/docs/step-ca/installation/ for additional installation details for your OS.
+
+### Step 2 : get CA fingerprint
+
+`CA_FINGERPRINT` is the fingerprint of your root certificate.
+
+If you don't have any other device than Step CA with the CA configured, run 
+
+Inside of your host/container running step CA (or any client with step ca already configured)
+
+```bash
+step certificate fingerprint <(step ca root)
+```
+
+### Step 3: Bootstrap cert
+
+You'll need to run :
+
+```bash
+step ca bootstrap --ca-url $CA_URL --fingerprint $CA_FINGERPRINT
+```
+
+
+where `CA_URL` is the address of the CA with protocol
+
+### Step 3 : Install certificate
+
+
+```bash
+step certificate install <(step ca root)
+```
+
+
+### Step 4: Verification
+
+In most modern distributions and *UNIX* derivatives, curl (particularly when installed by default) is configured to run with the system trust store
+
+Now after running
+
+```bash
+curl $CA_URL
+```
+
+you get 
+
+`404 page not found`
+
+Which is completely fine.
+
+### You successfuly installed a certificate.
+
+## References
+
+- https://smallstep.com/docs/step-ca/installation/
+- Related resources
+
+
+
+---
+
+*Created: 2026-01-11*