add scrubbing time to important dates and times

add example json aws route53 record for minecraft
add section on decrypting and scrubbing pools
2025-07-25 20:42:31 -04:00 · 2025-07-25 20:42:18 -04:00 · 2025-07-25 20:42:04 -04:00 · 2025-07-25 20:41:51 -04:00
5 changed files with 98 additions and 48 deletions
--- a/README.md
+++ b/README.md
@@ -98,6 +98,7 @@ ssh $SSH_HOST
 | 05:00 | Saturday | Server VM Updates              |
 | 05:00 | All      | Unifi Protect Firmware Updates |
 | 06:00 | All      | Unifi Network Firmware Updates |
 | 06:00 | Saturday | Truenas Disk Scrub             |
 ## Project Lifecycle
--- a/active/os_fedora/fedora-server.md
+++ b/active/os_fedora/fedora-server.md
@@ -29,9 +29,6 @@
    - [Quick Backup](#quick-backup)
    - [Regular Backups with Borg](#regular-backups-with-borg)
  - [Optional Steps](#optional-steps)
    - [Docker with Podman as Runtime](#docker-with-podman-as-runtime)
    - [Vanilla Docker](#vanilla-docker)
    - [Extra Software](#extra-software)
    - [Disable Swap](#disable-swap)
    - [Disable Selinux](#disable-selinux)
    - [Downgrading Kernel](#downgrading-kernel)
@@ -426,7 +423,7 @@ iscsiadm -m node \
 systemctl restart iscsid
 # Discover targets
-iscsiadm -m discovery -t st -p driveripper.reeselink.com
+iscsiadm -m discovery -t st -p drivework.reeselink.com
 # Login to all nodes
 iscsiadm -m node -l
@@ -488,44 +485,6 @@ See [borg.md](/active/systemd_borg/borg.md)
 ## Optional Steps
 ### Docker with Podman as Runtime
 Note, you'll need to ssh into the server as the user in order to start the user's systemd session.
 ```bash
 sudo dnf install podman docker docker-compose
 sudo loginctl enable-linger 1000 # Or whatever user
 systemctl --user enable --now podman.socket
 docker context create podman --docker host=unix://$XDG_RUNTIME_DIR/podman/podman.sock
 docker context use podman
 ```
 ### Vanilla Docker
 <https://docs.docker.com/engine/install/fedora/>
 ```bash
 dnf -y install dnf-plugins-core
 dnf-3 config-manager --add-repo https://download.docker.com/linux/fedora/docker-ce.repo
 dnf install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
 systemctl enable --now docker
 ```
 ### Extra Software
 ```bash
 # Set vim as the default editor
 dnf install -y vim-default-editor  --allowerasing
 # Install glances for system monitoring
 dnf install -y glances
 # ZSH
 dnf install -y zsh
 chsh -s $(which zsh) && chsh -s $(which zsh) ducoterra
 ```
 ### Disable Swap
 ```bash
--- a/active/os_fedora/fedora-software.md
+++ b/active/os_fedora/fedora-software.md
@@ -1,7 +1,8 @@
-# Apps
+# Fedora Software
- [Apps](#apps)
+- [Fedora Software](#fedora-software)
  - [Common CLI Apps](#common-cli-apps)
  - [Podman](#podman)
  - [Gear Lever](#gear-lever)
  - [VSCode](#vscode)
    - [DNF](#dnf)
@@ -53,6 +54,8 @@
  - [Ollama](#ollama)
  - [UV](#uv)
  - [Pipenv](#pipenv)
  - [Docker](#docker)
  - [Boxes](#boxes)
 Flatpak installs are from Flathub unless otherwise noted.
@@ -124,6 +127,12 @@ sudo dnf install \
  gcc
 ```
 ## Podman
 ```bash
 dns install -y podman
 ```
 ## Gear Lever
 I would recommend you install Gear Lever to manage App Images:
@@ -587,6 +596,8 @@ flatpak install org.gnome.Evolution
 ```bash
 # Virtualization
 sudo dnf group install --with-optional virtualization
 sudo systemctl start libvirtd
 ```
 ## NVM
@@ -613,3 +624,22 @@ For starting ollama as a service, follow the link below:
 ## Pipenv
 <https://pipenv.pypa.io/en/latest/installation.html#installing-pipenv>
 ## Docker
 <https://docs.docker.com/engine/install/fedora/>
 ```bash
 dnf -y install dnf-plugins-core
 dnf-3 config-manager --add-repo https://download.docker.com/linux/fedora/docker-ce.repo
 dnf install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
 systemctl enable --now docker
 ```
 ## Boxes
 Virtualization at its boxiest.
 ```bash
 flatpak install org.gnome.Boxes
 ```
--- a/active/os_truenas/truenas.md
+++ b/active/os_truenas/truenas.md
@@ -17,6 +17,8 @@
    - [Cleaning up old snapshots](#cleaning-up-old-snapshots)
    - [Creating and restoring snapshots](#creating-and-restoring-snapshots)
    - [Filesystem ACLs](#filesystem-acls)
    - [Decrypting Pools](#decrypting-pools)
    - [ZPool Scrubbing](#zpool-scrubbing)
  - [ISCSI](#iscsi)
    - [Create ZVOL](#create-zvol)
    - [Create ISCSI Target](#create-iscsi-target)
@@ -247,6 +249,42 @@ Dataset -> Dataset details (edit) -> Advanced Options -> ACL Type (inherit)
 setfacl -b -R /mnt/enc0/smb/media
 ```
 ### Decrypting Pools
 Unlocking through the UI.
 We'll need to recreate the key manifest json. This is a little tedious, but
 your keys will be correct after this process.
 ```bash
 # List all datasets and format them for json keys
 export LIST_DATASET=pool0/dcsi
 echo "{" && \
 for DATASET_PATH in $(sudo zfs list -r $LIST_DATASET -H -o name); do echo "    \"$DATASET_PATH\": \"key_here\","; done && \
 echo "}"
 # If the dataset's children have all the encryption keys
 # Note this generates the cat EOF commands to create the json files needed to unlock.
 export TL_DATASET=pool0
 for TL_DATASET_PATH in $(zfs list -r $TL_DATASET -H -o name -d 1); do \
 echo "cat <<EOF > dataset_${TL_DATASET_PATH}_key.json" && \
 echo "{" && \
 for DATASET_PATH in $(zfs list -r $TL_DATASET_PATH -H -o name); do echo "    \"$DATASET_PATH\": \"key_here\","; done && \
 echo "}" && \
 echo "EOF";
 done
 ```
 ### ZPool Scrubbing
 ```bash
 # Start a scrub
 zpool scrub pool0
 # Check status
 zpool status pool0
 ```
 ## ISCSI
 ### Create ZVOL
--- a/active/podman_minecraft/minecraft.md
+++ b/active/podman_minecraft/minecraft.md
@@ -100,10 +100,32 @@ ssh minecraft systemctl --user restart minecraft
 1. Create your minecraft ddns record first [following these docs](/active/podman_ddns/ddns.md#)
 2. Create a SRV record in your DNS provider like the following:
-    | Field       | Value                                  |
+    active/podman_minecraft/secrets/reeseapps_records.json:
-    | ----------- | -------------------------------------- |
+
-    | Record name | _minecraft._tcp.testcraft.reeseapps.com |
+    ```json
-    | Value       | 0 5 25566 minecraft.reeseapps.com      |
+    {
        "Comment": "CREATE/UPSERT/DELETE a record ",
        "Changes": [
            {
                "Action": "UPSERT",
                "ResourceRecordSet": {
                    "Name": "_minecraft._tcp.testcraft.reeseapps.com",
                    "Type": "SRV",
                    "TTL": 300,
                    "ResourceRecords": [
                        {
                            "Value": "0 5 25566 minecraft.reeseapps.com"
                        }
                    ]
                }
            }
        ]
    }
    ```
    ```bash
    aws route53 change-resource-record-sets --hosted-zone-id $(cat active/aws_route53/secrets/reeseapps-zoneid) --change-batch file://active/podman_minecraft/secrets/reeseapps_records.json
    ```
 3. Test your record with `nslookup`
Author	SHA1	Message	Date
ducoterra	f2d684fa7c	add scrubbing time to important dates and times	2025-07-25 20:42:31 -04:00
ducoterra	7980bfb381	add example json aws route53 record for minecraft	2025-07-25 20:42:18 -04:00
ducoterra	20690c48e5	add section on decrypting and scrubbing pools	2025-07-25 20:42:04 -04:00
ducoterra	ca582333f1	move some fedora software from server to software md	2025-07-25 20:41:51 -04:00