rename vscode README to vscode.md

hardware/graduated/yubikey/yubikey.md

@@ -0,0 +1,7 @@
+# Yubikey
+
+## Configuration
+
+1. You will likely need the [udev
+   rules](https://support.yubico.com/hc/en-us/articles/360013708900-Using-Your-YubiKey-with-Linux)
+   to use the AppImage configuration tool on linux even if your udev version is above 244.

hardware/incubating/mm2/mm2.md

@@ -0,0 +1,89 @@
+# Magic Mirror 2
+
+## Install
+
+1. Install raspbian desktop
+2. <https://github.com/sdetweil/MagicMirror_scripts>
+
+```bash
+# Install
+bash -c  "$(curl -sL https://raw.githubusercontent.com/sdetweil/MagicMirror_scripts/master/raspberry.sh)"
+
+# Turn off Screen Saver
+bash -c "$(curl -sL https://raw.githubusercontent.com/sdetweil/MagicMirror_scripts/master/screensaveroff.sh)"
+
+# Autostart
+bash -c "$(curl -sL https://raw.githubusercontent.com/sdetweil/MagicMirror_scripts/master/fixuppm2.sh)"
+```
+
+The server will be available on localhost:8080. SSH port forward for local development.
+
+## Upgrade
+
+```bash
+bash -c  "$(curl -sL https://raw.githubusercontent.com/sdetweil/MagicMirror_scripts/master/upgrade-script.sh)" apply
+```
+
+## Modules
+
+Unofficial Pretty Module List:
+
+<https://kristjanesperanto.github.io/MagicMirror-3rd-Party-Modules/>
+
+Official Module List:
+
+<https://github.com/MagicMirrorOrg/MagicMirror/wiki/3rd-Party-Modules#module-list>
+
+### MMM-iCal-ToDo
+
+Syncs Nextcloud ToDo tasks (or any caldav link)
+
+<https://github.com/nixnuex/MMM-iCal-ToDo>
+
+```json
+{
+  module: "MMM-iCal-ToDo",
+  position: "bottom_left",  // This can be any of the regions. Best results in left or right regions.
+  config: {
+    header: 'Groceries',
+    colored: true,
+    coloredSymbolOnly: false,
+    todos: [
+      {
+        name: "Home Improvement",
+        url: 'https://nextcloud.reeseapps.com/remote.php/dav/public-calendars/SdEDc4tS5z2YoNEP?export',
+        symbol: 'check',
+      },
+    ],
+  }
+}
+```
+
+### MMM-CalendarExt2
+
+<https://github.com/MMM-CalendarExt2/MMM-CalendarExt2?tab=readme-ov-file>
+
+```json
+{
+  module: 'MMM-CalendarExt2',
+  config: {
+    calendars : [
+      {
+        url: "https://nextcloud.reeseapps.com/remote.php/dav/public-calendars/NGgfdRq4aaJGmtzT?export",
+      },
+    ],
+    views: [
+      {
+        name: "Reese's Calendar",
+        mode: "month",
+        position: "bottom_bar",
+      },
+    ],
+    scenes: [
+      {
+        name: "DEFAULT",
+      },
+    ],
+  },
+},
+```

infrastructure/graduated/arch/arch-workstation.md

@@ -23,10 +23,6 @@
     - [Arch Guests](#arch-guests)
   - [Kubernetes](#kubernetes)
   - [VSCode](#vscode)
-    - [Shell](#shell)
-    - [Fonts](#fonts)
-    - [Navigation](#navigation)
-    - [Extensions](#extensions)
   - [Wireguard](#wireguard)
   - [Remote Desktop](#remote-desktop)
   - [Transmission](#transmission)
@@ -471,73 +467,6 @@ cd visual-studio-code-bin
 makepkg -si
 ```
 
-### Shell
-
-Edit settings.json
-
-```json
-{
-    "terminal.integrated.defaultProfile.linux": "zsh",
-}
-```
-
-### Fonts
-
-Intel One Mono is designed to be easily readable for developers.
-
-<https://github.com/intel/intel-one-mono>
-
-Download and extract the ttf.zip
-
-```bash
-mkdir ~/.local/share/fonts
-rsync -av /path/to/download/*.ttf ~/.local/share/fonts/
-```
-
-Edit settings.json
-
-```json
-{
-    "editor.fontFamily": "Intel One Mono",
-    "editor.fontLigatures": true,
-    "terminal.integrated.fontFamily": "Intel One Mono",
-}
-```
-
-### Navigation
-
-The best navigation shortcut ever is alt+left and alt+right to move the cursor to it's
-previous positions.
-
-```json
-[
-    {
-        "key": "alt+left",
-        "command": "workbench.action.navigateBack",
-        "when": ""
-    },
-    {
-        "key": "alt+right",
-        "command": "workbench.action.navigateForward",
-        "when": ""
-    }
-]
-```
-
-### Extensions
-
-To save a list of installed extensions run:
-
-```bash
-code --list-extensions >> vscode_extensions.txt
-```
-
-To install that list of extensions run:
-
-```bash
-cat vscode_extensions.txt | xargs -L 1 code --install-extension
-```
-
 ## Wireguard
 
 Wireguard requires `linux-headers`. If that isn't installed or is misconfigured your

infrastructure/graduated/debian/debian.md

@@ -4,6 +4,7 @@
   - [Setup SSH](#setup-ssh)
   - [Fail2Ban](#fail2ban)
   - [Automatic Updates](#automatic-updates)
+  - [Docker](#docker)
   - [Extras](#extras)
 
 Note these instructions differentiate between an `operator` and a `server`. The operator can be
@@ -97,6 +98,10 @@ apt install -y unattended-upgrades
 systemctl enable --now unattended-upgrades.service
 ```
 
+## Docker
+
+<https://docs.docker.com/engine/install/debian/#installation-methods>
+
 ## Extras
 
 On the server:

infrastructure/graduated/distoolbox/arch-toolbox.containerfile

@@ -90,7 +90,9 @@ RUN pacman -S --noconfirm \
   # libmemcachd for python projects
   libmemcached-awesome \
   # For distrobox
-  systemd
+  systemd \
+  # Code build \
+  make gcc
 
 ########################
 #####  Extra Apps  #####

infrastructure/graduated/fedora/fedora-apps.md

@@ -37,6 +37,7 @@
   - [Ungoogled Chromium](#ungoogled-chromium)
   - [Signal](#signal)
   - [Remmina](#remmina)
+  - [Mission Center](#mission-center)
 
 Flatpak installs are from Flathub unless otherwise noted.
 
@@ -417,4 +418,12 @@ REMote desktop IN An app
 
 ```bash
 flatpak install org.remmina.Remmina
-```
+```
+
+## Mission Center
+
+It looks like Windows Task Manager but it plays like "Change Graph to Logical Processors"
+
+```bash
+flatpak install io.missioncenter.MissionCenter
+```

infrastructure/graduated/fedora/fedora-framework16.md

@@ -12,20 +12,22 @@ prevent wake from sleep.
 `/etc/udev/rules.d/69-suspend.rules`
 
 ```conf
+# Disables all devices except the power button
 ACTION=="add", SUBSYSTEM=="acpi", DRIVERS=="button", ATTRS{hid}=="PNP0C0D", ATTR{power/wakeup}="disabled"
 ACTION=="add", SUBSYSTEM=="serio", DRIVERS=="atkbd", ATTR{power/wakeup}="disabled"
 ACTION=="add", SUBSYSTEM=="i2c", DRIVERS=="i2c_hid_acpi", ATTRS{name}=="PIXA3854:00", ATTR{power/wakeup}="disabled"
+ACTION=="add", SUBSYSTEM=="usb", DRIVERS=="usb", ATTR{power/wakeup}="disabled"
+```
 
+Reboot
+
+If you want to specifically disable the framework keyboard you can use this:
+
+```conf
 # https://askubuntu.com/questions/848698/wake-up-from-suspend-using-usb-device
 ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="32ac", ATTRS{idProduct}=="0012", RUN+="/bin/sh -c 'echo disabled > /sys$env{DEVPATH}/power/wakeup'"
 ```
 
-Reload
-
-```bash
-sudo udevadm control --reload-rules && sudo udevadm trigger
-```
-
 ## Wrong keys pressed in the browser, keyboard occasionally freezes after clicking a field.
 
-This was caused by a Keychron M3 mini mouse.
+This was caused by a Keychron M3 mini mouse.

infrastructure/graduated/fedora/fedora.md

@@ -8,6 +8,7 @@
     - [Autostarting services with quadlets](#autostarting-services-with-quadlets)
   - [Network](#network)
     - [VLAN Setup with nmcli](#vlan-setup-with-nmcli)
+  - [ZRAM](#zram)
 
 ## Framework 16 Fixes
 
@@ -86,3 +87,19 @@ nmcli conn
 export NMCLI_DEVICE=enp195s0f4u1u3
 nmcli connection add type VLAN con-name $NMCLI_DEVICE.2 dev $NMCLI_DEVICE id 2
 ```
+
+## ZRAM
+
+Increasing zram size
+
+```bash
+# Show existing configuration
+zramctl
+# 
+swapoff /dev/zram0
+# Reset swap
+zramctl -r /dev/zram0
+
+# Set a new size
+zramctl --size 4G /dev/zram0
+```

infrastructure/graduated/truenas/truenas.md

@@ -32,17 +32,12 @@
 
 ## Bios settings
 
-These are my recommended settings that seem stable and allow GPU passthrough
+You can check the bios version with `dmidecode -t bios -q`
 
-1. Memory 3200mhz, fabric 1600mhz
-2. AC Power - On
-3. SVM - On
-4. IOMMU - On (Do not touch rebar or other pci encoding stuff)
-5. Fans 100%
-6. Initial video output: pci 3
-7. PCIE slot 1 bifurcation: 4x4x4x4
-8. Disable CSM
-9. Fast Boot Enabled
+1. Turn off all C-State or power saving features. These definitely cause instability
+   like random freezes.
+2. Turn off boosting
+3. Enable XMP
 
 ## Archiving
 
@@ -281,10 +276,11 @@ Nic options: "mtu 9000 rxcsum txcsum tso4 lro"
 Create an Init/Shutdown Script of type `Command` with the following:
 
 ```bash
-echo 34359738368 >> /sys/module/zfs/parameters/zfs_arc_max
+# Limit to 8 GiB
+echo 8589934592 >> /sys/module/zfs/parameters/zfs_arc_max
 ```
 
-Set `When` to `Pre Init`.
+Set `When` to `Post Init`.
 
 ## Certs
 
@@ -385,8 +381,14 @@ zpool status -v
 
 ```bash
 virsh -c "qemu+unix:///system?socket=/run/truenas_libvirt/libvirt-sock" list
-virsh -c "qemu+unix:///system?socket=/run/truenas_libvirt/libvirt-sock" resume <vm_name>
-virsh -c "qemu+unix:///system?socket=/run/truenas_libvirt/libvirt-sock" start <vm_i>
+export VM_NAME=
+
+# Try this first
+virsh -c "qemu+unix:///system?socket=/run/truenas_libvirt/libvirt-sock" resume $VM_NAME
+
+# Or just destroy and start it again
+virsh -c "qemu+unix:///system?socket=/run/truenas_libvirt/libvirt-sock" destroy $VM_NAME
+virsh -c "qemu+unix:///system?socket=/run/truenas_libvirt/libvirt-sock" start $VM_NAME
 ```
 
 ## Mounting ZVOLS

systemd/graduated/k3s/upgrade-plan.yaml

@@ -14,6 +14,29 @@ spec:
       values:
       - "true"
   serviceAccountName: system-upgrade
+  upgrade:
+    image: rancher/k3s-upgrade
+  channel: https://update.k3s.io/v1-release/channels/stable
+---
+# Agent plan
+apiVersion: upgrade.cattle.io/v1
+kind: Plan
+metadata:
+  name: agent-plan
+  namespace: system-upgrade
+spec:
+  concurrency: 1
+  cordon: true
+  nodeSelector:
+    matchExpressions:
+    - key: node-role.kubernetes.io/control-plane
+      operator: DoesNotExist
+  prepare:
+    args:
+    - prepare
+    - server-plan
+    image: rancher/k3s-upgrade
+  serviceAccountName: system-upgrade
   upgrade:
     image: rancher/k3s-upgrade
   channel: https://update.k3s.io/v1-release/channels/stable

systemd/incubating/freeipa/freeipa.md

@@ -300,6 +300,15 @@ openssl x509 -in reese-crt.pem -text -noout
 openssl x509 -outform der -in reese-crt.pem -out reese-crt-der.cer
 ```
 
+OCSP Server
+
+<https://bhashineen.medium.com/create-your-own-ocsp-server-ffb212df8e63>
+
+```bash
+openssl req -new -nodes -out ocspSigning.csr -keyout ocspSigning.key
+openssl ca -keyfile rootCA.key -cert rootCA.crt -in ocspSigning.csr -out ocspSigning.crt -config validation.conf
+```
+
 ### PIV Smart Card (Taglio) WIP
 
 <https://github.com/OpenSC/OpenSC/wiki/Using-pkcs11-tool-and-OpenSSL>