Skip to content

Instantly share code, notes, and snippets.

View p7cq's full-sized avatar

p7cq

3 followers · 0 following
View GitHub Profile
@p7cq
p7cq / Arch_Linux_Root_On_ZFS.md
Last active January 5, 2024 14:58
Install Arch Linux with Root on ZFS

Arch Linux Root on ZFS

Installation steps for running Arch Linux with root on ZFS using UEFI and systemd-boot. All steps are run as root.

Requires an Arch Linux image with ZFS built-in (see References).

In live environment

If using KVM, add a Serial number for each virtual disk and reboot the VM. The disks should now be available in /dev/disk/by-id as virtio-<Serial>.

@p7cq
p7cq / SSH_Authentication_TPM2_PKCS11_Arch_Linux.md
Last active January 17, 2024 03:30
SSH Authentication with TPM 2.0 and PKCS#11 on Arch Linux

SSH Authentication with TPM 2.0 and PKCS#11 on Arch Linux

Hardware: a TPM 2.0 module based on Infineon SLB9665 cryptographic processor available in the system as /dev/tpmrm0.

Installation

Required software:

# pacman -S tpm2-tools tpm2-pkcs11
@p7cq
p7cq / vm1-start.sh
Last active January 19, 2024 14:27
Dynamic CPU isolation in QEMU/KVM
#!/usr/bin/env bash
#
# CPU isolation in QEMU/KVM
#
# As the cset scripts no longer work (systemd switched to cgroups v2), this is my
# attempt at emulating its functionality. It may be incorrect and/or it may break
# stuff. Blind copy-pasting with some reasoning follows.
#
# Host:
@p7cq
p7cq / kvm-add-disk.json
Created December 22, 2015 16:29
SmartOS - Add a disk to an existing VM
{
"add_disks": [
{
"media": "disk",
"model": "virtio",
"nocreate": true,
"boot": false,
"path": "/dev/zvol/rdsk/tank0/s1node1",
"size": 20480
}
@p7cq
p7cq / EJBCA_CE_Nitrokey_HSM_PKI.md
Last active March 20, 2024 08:20
EJBCA CE & Nitrokey HSM - A lab PKI

EJBCA CE & Nitrokey HSM - A lab PKI

Configuration steps for a lab CA, created using EJBCA CE and Nitrokey HSM.

Installation details

Hardware: Raspberry Pi 4 Model B

Crypto token: Nitrokey HSM 2