Skip to content

Instantly share code, notes, and snippets.

View ZeroDeth's full-sized avatar
🏠
Working from home

Sherif Abdalla ZeroDeth

🏠
Working from home
View GitHub Profile
@ZeroDeth
ZeroDeth / README.md
Created January 9, 2024 21:09 — forked from triangletodd/README.md
k3s in LXC on Proxmox

On the host

Ensure these modules are loaded

cat /proc/sys/net/bridge/bridge-nf-call-iptables

Disable swap

sysctl vm.swappiness=0
swapoff -a

Docker Swarm in LXC Containers

Part of collection: Hyper-converged Homelab with Proxmox

After struggling for some days, and since I really needed this to work (ignoring the it can't be done vibe everywhere), I managed to get Docker to work reliable in privileged Debian 12 LXC Containers on Proxmox 8

(Unfortunately, I couldn't get anything to work in unprivileged LXC Containers)

There are NO modifications required on the Proxmox host or the /etc/pve/lxc/xxx.conf file; everything is done on the Docker Swarm host. So the only obvious candidate who could break this setup, are future Docker Engine updates!

@ZeroDeth
ZeroDeth / pxe_on_opnsense.md
Created December 21, 2023 23:13 — forked from azhang/pxe_on_opnsense.md
PXE on OPNsense

This is a walkthrough of setting up a PXE server to boot Ubuntu server live install .iso over network, all on an OPNsense device. No need for Dnsmasq or http/nfs server! Should be compatible with vanilla FreeBSD and HardenedBSD devices as well.

Guide made with OPNsense 20.7 and Ubuntu 20.04.2, with the assumption that your OPNsense device is at 192.168.1.1.

Thanks to all the other guides out there. 1 2

Notes:

A couple issues I ran into with other guides is that Ubuntu's servers return 404 for older releases. Make sure to check each link used in this guide to make sure they exist! This guide works with BIOS as we use pxelinux.0 but it can be adapted fairly easily for UEFI boot.

Overview:

  1. Download the ISO using the GUI (tested on https://cloud-images.ubuntu.com/lunar/current/lunar-server-cloudimg-amd64-disk-kvm.img)
  2. Create the VM via CLI
VMID=<TEMPLATE ID HERE>
STORAGE=<YOUR STORAGE HERE>

qm create $VMID --memory 2048 --balloon 0 --core 2 --name ubuntu-cloud --net0 virtio,bridge=vmbr0
cd /var/lib/vz/template/iso/
qm importdisk 5000 lunar-server-cloudimg-amd64-disk-kvm.img $STORAGE
qm set $VMID --scsihw virtio-scsi-pci --scsi0 ${STORAGE}:vm-$VMID-disk-0,discard=on,ssd=1
@ZeroDeth
ZeroDeth / proton_opn_wg.md
Created December 17, 2023 17:56 — forked from morningreis/proton_opn_wg.md
OPNsense + ProtonVPN + Wireguard Configuration Guide

OPNsense + ProtonVPN + Wireguard

Published: 16 December 2022

Reference: https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html

Goal: Set up one or more Wireguard connections from ProtonVPN on OPNsense, with policy based routing, and optional Killswitch.

I'm writing this guide first as a reference for my future self for when I inevitably forget how to do this, but also to help others out. I found there were not many guides on this specific configuration, particularly not with multiple concurrent connections, and these were some steps which were not at all obvious. I did begin with the guide in the official OPNsense documentation, but even that was missing info to make ProtonVPN work. If you are a pfSense user, it is very similar to OPNsense, and you should be able to follow along with some success, but I have not tested it myself.

@ZeroDeth
ZeroDeth / nixos-from-ubuntu.md
Created November 13, 2023 12:58 — forked from chris-martin/nixos-from-ubuntu.md
How to install NixOS from an Ubuntu liveCD
@ZeroDeth
ZeroDeth / dhcpd.conf
Created October 25, 2023 15:26 — forked from robinsmidsrod/dhcpd.conf
Trying to chainload iPXE with full feature set from a lesser featured one, whilst still being able to boot non-supported cards with UNDI
ddns-update-style none;
deny bootp; #default
authoritative;
include "/etc/dhcp/ipxe-option-space.conf";
# GREEN (private network)
subnet 10.1.1.0 netmask 255.255.255.0 {
range 10.1.1.100 10.1.1.199;
option subnet-mask 255.255.255.0;
@ZeroDeth
ZeroDeth / noVNCCopyPasteProxmox.user.js
Created October 25, 2023 13:49 — forked from amunchet/noVNCCopyPasteProxmox.user.js
Copy/Paste for noVNC Proxmox
// ==UserScript==
// @name noVNC Paste for Proxmox
// @namespace http://tampermonkey.net/
// @version 0.2a
// @description Pastes text into a noVNC window (for use with Proxmox specifically)
// @author Chester Enright
// @match https://*
// @include /^.*novnc.*/
// @require http://code.jquery.com/jquery-3.3.1.min.js
// @grant none
@ZeroDeth
ZeroDeth / 1-setup.md
Created August 13, 2023 21:24 — forked from troyfontaine/1-setup.md
Signing your Git Commits using GPG on MacOS

Methods of Signing with a GPG Key on MacOS

Last updated September 21, 2022

This Gist explains how to do this using gpg in a step-by-step fashion. Previously, krypt.co was heavily mentioned, but I've only recently learned they were acquired by Akamai and no longer update their previous free products. Those mentions have been removed.

For using a GUI-based GIT tool such as Tower or Github Desktop, follow the steps here for signing your commits with GPG.

There has been a number of comments on this gist regarding some issues around the pinentry-program and M1 Macs. I've finally gotten a chance to try things out on an M1 and I've updated the documentation in 2-using-gpg.md to reflect my findings.

@ZeroDeth
ZeroDeth / starship.nix
Created August 11, 2023 12:00 — forked from s-a-c/starship.nix
Nix file to generate complete, mostly default, starship.toml, including equivalent of <format = "$all">
programs.starship = {
enable = true;
settings = {
# "$schema" = "https://starship.rs/config-schema.json";
add_newline = true;
command_timeout = 500;
continuation_prompt = "[∙](bright-black) ";
format = "[](0x9A348E)$username$hostname$localip$shlvl$singularity$kubernetes[](fg:0x9A348E bg:0xDA627D)$directory$vcsh[](fg:0xDA627D bg:0xFCA17D)$git_branch$git_commit$git_state$git_metrics$git_status$hg_branch[](fg:0x86BBD8 bg:0x06969A)$docker_context$package$buf[](fg:0xFCA17D bg:0x86BBD8)$c$cmake$cobol$container$daml$dart$deno$dotnet$elixir$elm$erlang$golang$haskell$helm$java$julia$kotlin$lua$nim$nodejs$ocaml$perl$php$pulumi$purescript$python$rlang$red$ruby$rust$scala$swift$terraform$vlang$vagrant$zig$nix_shell$conda$spack$memory_usage$aws$gcloud$openstack$azure$env_var$crystal$custom$sudo$cmd_duration$line_break$jobs$battery[](fg:0x06969A bg:0x33658A)$time$status$shell$character";
right_format = "";
scan_timeout = 30;