plex
@@ -170,6 +176,11 @@ Containers have much less overhead in terms of boot time and storage allocation.
PreviousPrevious post: AppGate SDP on Arch Linux
+
Do you manage a .zshrc? .vimrc? tmux.conf? Do you have dozens of configuration files that you manage in a git repo? Or maybe you don’t backup any of your configuration at all? Do you also have a bunch of command line utilities that you forget you installed? Or don’t remember why you installed them?
+
Over the years I have collected a number of dotfiles that I have shared across both Linux and macOS machines. I have tried several different ways to manage them, including bare git repos and utilities such as GNU Stow. These solutions work well enough, but I have since found what I would consider a much better solution for organizing user configuration: home-manager.
+
What is home-manager?
+
Before understanding home-manager, it is worth briefly discussing what nix is. nix is a package manager that original spawned from a PhD thesis. Unlike other package managers, it uses symbolic links to keep track of the currently installed packages, keeping around the old ones in case you may want to rollback.
+
For example, I have used nix to install the package bind which includes dig. You can see that it is available on multiple platforms. The absolute path of dig can be found by running:
+
❯ ls -lh $(which dig)
+lrwxr-xr-x 73 root 31 Dec 1969 /run/current-system/sw/bin/dig -> /nix/store/0r4qdyprljd3dki57jn6c6a8dh2rbg9g-bind-9.16.16-dnsutils/bin/dig
+
Notice that there is a hash included in file path? This is nix store path and is computed by the nix package manager. This nix pill does a good job explaining how this hash is computed. All of the nix pills are worth a read, if you are interested in learning more about nix itself. However, using home-manager does not require extensive knowledge of nix.
+
Part of the nix ecosystem includes nixpkgs. Many popular tools can be found already packaged in this repository. As you can see with these stats, there is a large number of existing packages that are being maintained by the community. Contributing a new package is easy, and anyone can do it!
+
home-manager leverages the nix package manager (and nixpkgs), as well the nix language so that you can declaratively define your system configuration. I store my nix-config in git so that I can keep track of my packages and configurations, and retain a clean and informative git commit history so that I can understand what changed and why.
+
Setting up home-manager
+
+
⚠️ If you run this on your main machine, make sure you backup your configuration files first. home-manager is pretty good about not overwriting existing configuration, but it is better to have a backup! Alternatively, you could test this out on a VM or cloud instance.
It’s not a good idea to curl and execute random files from the internet, so you might want to download the install script first and take a peak before executing it!
+
Open up a new shell in your terminal and running nixshould work. If not, run . ~/.nix-profile/etc/profile.d/nix.sh
You should see a wave of /nix/store/* paths being displayed on your screen.
+
Now, to start off with a basic configuration, open up ~/.config/nixpkgs/home.nix in the editor of your choice and paste this in (you will want to change userName and homeDirectory):
You should see another wave of /nix/store/* paths. The new configuration should now be active.
+
If you run zsh, you should see that you have starship and access to several other utils such as rg, fd, and exa.
+
This basic configuration above is also defining your ~/.config/git/config and .zshrc. If you already have either of these files, home-manager will complain about them already existing.
+
If you take cat ~/.zshrc, you will see the way these configuration files are generated.
+
Wrapping up
+
And that is how you can get started defining your user configuration with home-manager. You can extend this configuration for programs such as (neo)vim, emacs, alacritty, ssh, etc. To see other programs, take a look at home-manager/modules/programs.
diff --git a/index.xml b/index.xml
index 5a3e4cb5..5704f473 100644
--- a/index.xml
+++ b/index.xml
@@ -1,2 +1,2 @@
-davegallant/Recent content on davegallantHugo -- gohugo.ioen-usMon, 06 Sep 2021 01:12:54 -0400About/about/Mon, 01 Jan 0001 00:00:00 +0000/about/I’m a software engineer with a passion for open-source, infrastructure, tooling and security.
-When I’m not in front of a computer, I enjoy traveling, hiking and spending time with my family.What To Do With A Homelab/blog/2021/09/06/what-to-do-with-a-homelab/Mon, 06 Sep 2021 01:12:54 -0400/blog/2021/09/06/what-to-do-with-a-homelab/<p>A homelab can be an inexpensive way to host a multitude of internal/external services and learn <em>a lot</em> in the process.</p>AppGate SDP on Arch Linux/blog/2020/03/16/appgate-sdp-on-arch-linux/Mon, 16 Mar 2020 22:00:15 -0400/blog/2020/03/16/appgate-sdp-on-arch-linux/<p>AppGate SDP provides a Zero Trust network. This post describes how to get AppGate SDP <code>4.3.2</code> working on Arch Linux.</p>/page/search/Mon, 01 Jan 0001 00:00:00 +0000/page/search/test
\ No newline at end of file
+davegallant/Recent content on davegallantHugo -- gohugo.ioen-usWed, 08 Sep 2021 00:42:33 -0400About/about/Mon, 01 Jan 0001 00:00:00 +0000/about/I’m a software engineer with a passion for open-source, infrastructure, tooling and security.
+When I’m not in front of a computer, I enjoy traveling, hiking and spending time with my family.Why I Threw Out My Dotfiles/blog/2021/09/08/why-i-threw-out-my-dotfiles/Wed, 08 Sep 2021 00:42:33 -0400/blog/2021/09/08/why-i-threw-out-my-dotfiles/What To Do With A Homelab/blog/2021/09/06/what-to-do-with-a-homelab/Mon, 06 Sep 2021 01:12:54 -0400/blog/2021/09/06/what-to-do-with-a-homelab/<p>A homelab can be an inexpensive way to host a multitude of internal/external services and learn <em>a lot</em> in the process.</p>AppGate SDP on Arch Linux/blog/2020/03/16/appgate-sdp-on-arch-linux/Mon, 16 Mar 2020 22:00:15 -0400/blog/2020/03/16/appgate-sdp-on-arch-linux/<p>AppGate SDP provides a Zero Trust network. This post describes how to get AppGate SDP <code>4.3.2</code> working on Arch Linux.</p>/page/search/Mon, 01 Jan 0001 00:00:00 +0000/page/search/test
\ No newline at end of file
diff --git a/page/index.html b/page/index.html
index 7ce1a54c..71554d28 100644
--- a/page/index.html
+++ b/page/index.html
@@ -7,7 +7,7 @@
-
+
Pages • davegallant
@@ -45,12 +45,18 @@ tech blog
plex
diff --git a/page/search/index.json b/page/search/index.json
index ca8d636a..e952a00b 100644
--- a/page/search/index.json
+++ b/page/search/index.json
@@ -1 +1 @@
-[{"content":"I\u0026rsquo;m a software engineer with a passion for open-source, infrastructure, tooling and security.\nWhen I\u0026rsquo;m not in front of a computer, I enjoy traveling, hiking and spending time with my family.\n","href":"/about/","title":"About"},{"content":"","href":"/tags/adguard/","title":"adguard"},{"content":"","href":"/","title":"davegallant"},{"content":"","href":"/tags/homelab/","title":"homelab"},{"content":"","href":"/tags/linux/","title":"linux"},{"content":"","href":"/tags/netdata/","title":"netdata"},{"content":"","href":"/tags/pihole/","title":"pihole"},{"content":"","href":"/tags/plex/","title":"plex"},{"content":"","href":"/post/","title":"Posts"},{"content":"","href":"/tags/","title":"Tags"},{"content":"","href":"/tags/tailscale/","title":"tailscale"},{"content":"","href":"/tags/virtualization/","title":"virtualization"},{"content":"A homelab can be an inexpensive way to host a multitude of internal/external services and learn a lot in the process.\nDo you want host your own Media server? Ad blocker? Web server? Are you interested in learning more about Linux? Virtualization? Networking? Security? Building a homelab can be an entertaining playground to enhance your computer skills.\nOne of the best parts about building a homelab is that it doesn\u0026rsquo;t have to be a large investment in terms hardware.\nOne of the simplest ways to build a homelab is out of a refurbished computer. Having multiple machines/nodes provides the advantage of increased redundancy, but starting out with a single node is enough to reap many of the benefits of having a homelab.\nVirtualization Virtualizing your hardware is an organized way of dividing up your machine\u0026rsquo;s resources. This can be done with something such as a Virtual Machine or something lighter like a container using LXC or runC. Containers have much less overhead in terms of boot time and storage allocation. This Stack Overflow answer sums it up nicely.\nA hypervisor such as Proxmox can be installed in minutes on a new machine. It provides a web interface and a straight-forward way to spin up new VMs and containers. You\u0026rsquo;ll want to ensure that VT-d and VT-X are enabled in the BIOS if you decide to install a hypervisor to manage your virtualization.\nServices So what are some useful services to deploy?\n Plex - basically a self-hosted Netflix that can be used to stream from multiple devices, and the best part is that you manage the content! changedetection - is a self-hosted equivalent to something like visualping.io that will notify you when a webpage changes and keep track of the diffs Adguard or Pihole - can block a list of known trackers for all clients on your local network. I\u0026rsquo;ve used pihole for a long time, but have recently switched to Adguard since the UI is more modern and it has the ability to toggle on/off a pre-defined list of services, including Netflix (this is useful if you have stealthy young kids). Either of these will speed up your internet experience, simply because you won\u0026rsquo;t need to download all of the extra tracking bloat. There is a large number of services you can self-host, including your own applications that you might be developing. awesome-self-hosted provides a curated list of services that might be of interest to you.\nVPN You could certainly setup and manage your own VPN by using something like OpenVPN, but there is also something else you can try: tailscale. It is a very quick way to create fully-encrypted connections between clients. And by using its MagicDNS, it is a truly magical solution. If one of your nodes has a hostname of plex, you can simply access it by referring to its hostname (i.e ssh plex@plex). This way you can create a secure tunnel to your homelab from anywhere in the world!\nMonitoring Monitoring can become an important aspect of your homelab after it starts to become something that is relied upon. One of the simplest ways to setup some monitoring is using netdata. It can be installed on individual containers, VMs, and also a hypervisor (such as Proxmox). All of the monitoring works out of the box by detecting disks, memory, network interfaces, etc.\nAdditionally, all of these different agents can be connected to netdata cloud, which can alert you when some of your infrastructure is down or in a degraded state. Adding additional nodes to netdata cloud is as simple as a 1 line shell command.\nGrafana is another popular way of visualizing metrics, although it requires more initial setup.\nIn Summary Building out a homelab can be incredibly rewarding and it doesn\u0026rsquo;t always require buying a rack full of expensive servers to get a significant amount of utility.\n","href":"/blog/2021/09/06/what-to-do-with-a-homelab/","title":"What To Do With A Homelab"},{"content":"AppGate SDP provides a Zero Trust network. This post describes how to get AppGate SDP 4.3.2 working on Arch Linux.\nDepending on the AppGate SDP Server that is running, you may require a client that is more recent than the latest package on AUR. As of right now, the latest AUR is 4.2.2-1.\nThese steps highlight how to get it working with Python3.8 by making a 1 line modification to AppGate source code.\nPackaging We already know the community package is currently out of date, so let\u0026rsquo;s clone it:\ngit clone https://aur.archlinux.org/appgate-sdp.git cd appgate-sdp You\u0026rsquo;ll likely notice that the version is not what we want, so let\u0026rsquo;s modify the PKGBUILD to the following:\n# Maintainer: Pawel Mosakowski \u0026lt;pawel at mosakowski dot net\u0026gt; pkgname=appgate-sdp conflicts=(\u0026#39;appgate-sdp-headless\u0026#39;) pkgver=4.3.2 _download_pkgver=4.3 pkgrel=1 epoch= pkgdesc=\u0026#34;Software Defined Perimeter - GUI client\u0026#34; arch=(\u0026#39;x86_64\u0026#39;) url=\u0026#34;https://www.cyxtera.com/essential-defense/appgate-sdp/support\u0026#34; license=(\u0026#39;custom\u0026#39;) # dependecies calculated by namcap depends=(\u0026#39;gconf\u0026#39; \u0026#39;libsecret\u0026#39; \u0026#39;gtk3\u0026#39; \u0026#39;python\u0026#39; \u0026#39;nss\u0026#39; \u0026#39;libxss\u0026#39; \u0026#39;nodejs\u0026#39; \u0026#39;dnsmasq\u0026#39;) source=(\u0026#34;https://sdpdownloads.cyxtera.com/AppGate-SDP-${_download_pkgver}/clients/${pkgname}_${pkgver}_amd64.deb\u0026#34; \u0026#34;appgatedriver.service\u0026#34;) options=(staticlibs) prepare() { tar -xf data.tar.xz } package() { cp -dpr \u0026#34;${srcdir}\u0026#34;/{etc,lib,opt,usr} \u0026#34;${pkgdir}\u0026#34; mv -v \u0026#34;$pkgdir/lib/systemd/system\u0026#34; \u0026#34;$pkgdir/usr/lib/systemd/\u0026#34; rm -vrf \u0026#34;$pkgdir/lib\u0026#34; cp -v \u0026#34;$srcdir/appgatedriver.service\u0026#34; \u0026#34;$pkgdir/usr/lib/systemd/system/appgatedriver.service\u0026#34; mkdir -vp \u0026#34;$pkgdir/usr/share/licenses/appgate-sdp\u0026#34; cp -v \u0026#34;$pkgdir/usr/share/doc/appgate/copyright\u0026#34; \u0026#34;$pkgdir/usr/share/licenses/appgate-sdp\u0026#34; cp -v \u0026#34;$pkgdir/usr/share/doc/appgate/LICENSE.github\u0026#34; \u0026#34;$pkgdir/usr/share/licenses/appgate-sdp\u0026#34; cp -v \u0026#34;$pkgdir/usr/share/doc/appgate/LICENSES.chromium.html.bz2\u0026#34; \u0026#34;$pkgdir/usr/share/licenses/appgate-sdp\u0026#34; } md5sums=(\u0026#39;17101aac7623c06d5fbb95f50cf3dbdc\u0026#39; \u0026#39;002644116e20b2d79fdb36b7677ab4cf\u0026#39;) Let\u0026rsquo;s first make sure we have some dependencies. If you do not have yay, check it out.\nyay -S dnsmasq gconf Now, let\u0026rsquo;s install it:\nmakepkg -si Running the client Ok, let\u0026rsquo;s run the client by executing appgate.\nIt complains about not being able to connect.\nEasy fix:\nsudo systemctl start appgatedriver.service Now we should be connected\u0026hellip; but DNS is not working?\nFixing the DNS Running resolvectl should display that something is not right.\nWhy is the DNS not being set by appgate?\n$ head -3 /opt/appgate/linux/set_dns #!/usr/bin/env python3 \u0026#39;\u0026#39;\u0026#39; This is used to set and unset the DNS. It seems like python3 is required for the DNS setting to happen. Let\u0026rsquo;s try to run it.\n$ sudo /opt/appgate/linux/set_dns /opt/appgate/linux/set_dns:88: SyntaxWarning: \u0026#34;is\u0026#34; with a literal. Did you mean \u0026#34;==\u0026#34;? servers = [( socket.AF_INET if x.version is 4 else socket.AF_INET6, map(int, x.packed)) for x in servers] Traceback (most recent call last): File \u0026#34;/opt/appgate/linux/set_dns\u0026#34;, line 30, in \u0026lt;module\u0026gt; import dbus ModuleNotFoundError: No module named \u0026#39;dbus\u0026#39; Ok, let\u0026rsquo;s install it:\n$ sudo python3.8 -m pip install dbus-python Will it work now? Not yet. There\u0026rsquo;s another issue:\n$ sudo /opt/appgate/linux/set_dns /opt/appgate/linux/set_dns:88: SyntaxWarning: \u0026#34;is\u0026#34; with a literal. Did you mean \u0026#34;==\u0026#34;? servers = [( socket.AF_INET if x.version is 4 else socket.AF_INET6, map(int, x.packed)) for x in servers] module \u0026#39;platform\u0026#39; has no attribute \u0026#39;linux_distribution\u0026#39; This is a breaking change in Python3.8.\nSo what is calling platform.linux_distribution?\nLet\u0026rsquo;s search for it:\n$ sudo grep -r \u0026#39;linux_distribution\u0026#39; /opt/appgate/linux/ /opt/appgate/linux/nm.py: if platform.linux_distribution()[0] != \u0026#39;Fedora\u0026#39;: Aha! So this is in the local AppGate source code. This should be an easy fix. Let\u0026rsquo;s just replace this line with:\nif True: # Since we are not using Fedora :) Wrapping up It turns out there are breaking changes in Python3.8.\nThe docs say Deprecated since version 3.5, will be removed in version 3.8: See alternative like the distro package.\nI suppose this highlights one of the caveats of relying upon the system\u0026rsquo;s python, rather than having an isolated, dedicated environment for all dependencies.\n","href":"/blog/2020/03/16/appgate-sdp-on-arch-linux/","title":"AppGate SDP on Arch Linux"},{"content":"","href":"/tags/python/","title":"python"},{"content":"","href":"/tags/vpn/","title":"vpn"},{"content":"test\n","href":"/page/search/","title":""},{"content":"","href":"/authors/","title":"Authors"},{"content":"","href":"/page/","title":"Pages"}]
\ No newline at end of file
+[{"content":"I\u0026rsquo;m a software engineer with a passion for open-source, infrastructure, tooling and security.\nWhen I\u0026rsquo;m not in front of a computer, I enjoy traveling, hiking and spending time with my family.\n","href":"/about/","title":"About"},{"content":"","href":"/","title":"davegallant"},{"content":"","href":"/tags/dotfiles/","title":"dotfiles"},{"content":"","href":"/tags/home-manager/","title":"home-manager"},{"content":"","href":"/tags/nix/","title":"nix"},{"content":"","href":"/post/","title":"Posts"},{"content":"","href":"/tags/","title":"Tags"},{"content":"Do you manage a .zshrc? .vimrc? tmux.conf? Do you have dozens of configuration files that you manage in a git repo? Or maybe you don\u0026rsquo;t backup any of your configuration at all? Do you also have a bunch of command line utilities that you forget you installed? Or don\u0026rsquo;t remember why you installed them?\nOver the years I have collected a number of dotfiles that I have shared across both Linux and macOS machines. I have tried several different ways to manage them, including bare git repos and utilities such as GNU Stow. These solutions work well enough, but I have since found what I would consider a much better solution for organizing user configuration: home-manager.\nWhat is home-manager? Before understanding home-manager, it is worth briefly discussing what nix is. nix is a package manager that original spawned from a PhD thesis. Unlike other package managers, it uses symbolic links to keep track of the currently installed packages, keeping around the old ones in case you may want to rollback.\nFor example, I have used nix to install the package bind which includes dig. You can see that it is available on multiple platforms. The absolute path of dig can be found by running:\n❯ ls -lh $(which dig) lrwxr-xr-x 73 root 31 Dec 1969 /run/current-system/sw/bin/dig -\u0026gt; /nix/store/0r4qdyprljd3dki57jn6c6a8dh2rbg9g-bind-9.16.16-dnsutils/bin/dig Notice that there is a hash included in file path? This is nix store path and is computed by the nix package manager. This nix pill does a good job explaining how this hash is computed. All of the nix pills are worth a read, if you are interested in learning more about nix itself. However, using home-manager does not require extensive knowledge of nix.\nPart of the nix ecosystem includes nixpkgs. Many popular tools can be found already packaged in this repository. As you can see with these stats, there is a large number of existing packages that are being maintained by the community. Contributing a new package is easy, and anyone can do it!\nhome-manager leverages the nix package manager (and nixpkgs), as well the nix language so that you can declaratively define your system configuration. I store my nix-config in git so that I can keep track of my packages and configurations, and retain a clean and informative git commit history so that I can understand what changed and why.\nSetting up home-manager ⚠️ If you run this on your main machine, make sure you backup your configuration files first. home-manager is pretty good about not overwriting existing configuration, but it is better to have a backup! Alternatively, you could test this out on a VM or cloud instance.\n The first thing you should do is install nix:\ncurl -L https://nixos.org/nix/install | sh It\u0026rsquo;s not a good idea to curl and execute random files from the internet, so you might want to download the install script first and take a peak before executing it!\nOpen up a new shell in your terminal and running nix should work. If not, run . ~/.nix-profile/etc/profile.d/nix.sh\nNow, install home-manager:\nnix-channel --add https://github.com/nix-community/home-manager/archive/master.tar.gz home-manager nix-channel --update nix-shell \u0026#39;\u0026lt;home-manager\u0026gt;\u0026#39; -A install You should see a wave of /nix/store/* paths being displayed on your screen.\nNow, to start off with a basic configuration, open up ~/.config/nixpkgs/home.nix in the editor of your choice and paste this in (you will want to change userName and homeDirectory):\n{ config, pkgs, ... }: { programs.home-manager.enable = true; home = { username = \u0026#34;dave\u0026#34;; homeDirectory = \u0026#34;/home/dave\u0026#34;; stateVersion = \u0026#34;21.11\u0026#34;; packages = with pkgs; [ bind exa fd ripgrep ]; }; programs = { git = { enable = true; aliases = { \u0026#34;aa\u0026#34; = \u0026#34;add -A .\u0026#34;; \u0026#34;br\u0026#34; = \u0026#34;branch\u0026#34;; \u0026#34;c\u0026#34; = \u0026#34;commit -S\u0026#34;; \u0026#34;ca\u0026#34; = \u0026#34;commit -S --amend\u0026#34;; \u0026#34;cb\u0026#34; = \u0026#34;checkout -b\u0026#34;; \u0026#34;co\u0026#34; = \u0026#34;checkout\u0026#34;; \u0026#34;d\u0026#34; = \u0026#34;diff\u0026#34;; \u0026#34;l\u0026#34; = \u0026#34;log --graph --pretty=format:\u0026#39;%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)\u0026lt;%an\u0026gt;%Creset\u0026#39; --abbrev-commit\u0026#34;; }; delta = { enable = true; options = { features = \u0026#34;line-numbers decorations\u0026#34;; whitespace-error-style = \u0026#34;22 reverse\u0026#34;; plus-style = \u0026#34;green bold ul \u0026#39;#198214\u0026#39;\u0026#34;; decorations = { commit-decoration-style = \u0026#34;bold yellow box ul\u0026#34;; file-style = \u0026#34;bold yellow ul\u0026#34;; file-decoration-style = \u0026#34;none\u0026#34;; }; }; }; extraConfig = { push = { default = \u0026#34;current\u0026#34;; }; pull = { rebase = true; }; }; }; starship = { enable = true; enableZshIntegration = true; settings = { add_newline = false; gcloud = { disabled = true; }; scan_timeout = 10; character = { error_symbol = \u0026#34;[✖](bold red)\u0026#34;; }; }; }; zsh = { enable = true; enableAutosuggestions = true; enableSyntaxHighlighting = true; history.size = 1000000; localVariables = { CASE_SENSITIVE = \u0026#34;true\u0026#34;; DISABLE_UNTRACKED_FILES_DIRTY = \u0026#34;true\u0026#34;; RPROMPT = \u0026#34;\u0026#34;; ZSH_AUTOSUGGEST_HIGHLIGHT_STYLE = \u0026#34;fg=#838383,underline\u0026#34;; ZSH_DISABLE_COMPFIX = \u0026#34;true\u0026#34;; }; initExtra = \u0026#39;\u0026#39; export PAGER=less \u0026#39;\u0026#39;; shellAliases = { \u0026#34;..\u0026#34; = \u0026#34;cd ..\u0026#34;; grep = \u0026#34;rg --smart-case\u0026#34;; ls = \u0026#34;exa -la --git\u0026#34;; }; \u0026#34;oh-my-zsh\u0026#34; = { enable = true; plugins = [ \u0026#34;last-working-dir\u0026#34; ]; }; }; }; } Save the file and run:\nhome-manager switch You should see another wave of /nix/store/* paths. The new configuration should now be active.\nIf you run zsh, you should see that you have starship and access to several other utils such as rg, fd, and exa.\nThis basic configuration above is also defining your ~/.config/git/config and .zshrc. If you already have either of these files, home-manager will complain about them already existing.\nIf you take cat ~/.zshrc, you will see the way these configuration files are generated.\nWrapping up And that is how you can get started defining your user configuration with home-manager. You can extend this configuration for programs such as (neo)vim, emacs, alacritty, ssh, etc. To see other programs, take a look at home-manager/modules/programs.\n","href":"/blog/2021/09/08/why-i-threw-out-my-dotfiles/","title":"Why I Threw Out My Dotfiles"},{"content":"","href":"/tags/adguard/","title":"adguard"},{"content":"","href":"/tags/homelab/","title":"homelab"},{"content":"","href":"/tags/linux/","title":"linux"},{"content":"","href":"/tags/netdata/","title":"netdata"},{"content":"","href":"/tags/pihole/","title":"pihole"},{"content":"","href":"/tags/plex/","title":"plex"},{"content":"","href":"/tags/tailscale/","title":"tailscale"},{"content":"","href":"/tags/virtualization/","title":"virtualization"},{"content":"A homelab can be an inexpensive way to host a multitude of internal/external services and learn a lot in the process.\nDo you want host your own Media server? Ad blocker? Web server? Are you interested in learning more about Linux? Virtualization? Networking? Security? Building a homelab can be an entertaining playground to enhance your computer skills.\nOne of the best parts about building a homelab is that it doesn\u0026rsquo;t have to be a large investment in terms hardware.\nOne of the simplest ways to build a homelab is out of a refurbished computer. Having multiple machines/nodes provides the advantage of increased redundancy, but starting out with a single node is enough to reap many of the benefits of having a homelab.\nVirtualization Virtualizing your hardware is an organized way of dividing up your machine\u0026rsquo;s resources. This can be done with something such as a Virtual Machine or something lighter like a container using LXC or runC. Containers have much less overhead in terms of boot time and storage allocation. This Stack Overflow answer sums it up nicely.\nA hypervisor such as Proxmox can be installed in minutes on a new machine. It provides a web interface and a straight-forward way to spin up new VMs and containers. You\u0026rsquo;ll want to ensure that VT-d and VT-X are enabled in the BIOS if you decide to install a hypervisor to manage your virtualization.\nServices So what are some useful services to deploy?\n Plex - basically a self-hosted Netflix that can be used to stream from multiple devices, and the best part is that you manage the content! changedetection - is a self-hosted equivalent to something like visualping.io that will notify you when a webpage changes and keep track of the diffs Adguard or Pihole - can block a list of known trackers for all clients on your local network. I\u0026rsquo;ve used pihole for a long time, but have recently switched to Adguard since the UI is more modern and it has the ability to toggle on/off a pre-defined list of services, including Netflix (this is useful if you have stealthy young kids). Either of these will speed up your internet experience, simply because you won\u0026rsquo;t need to download all of the extra tracking bloat. There is a large number of services you can self-host, including your own applications that you might be developing. awesome-self-hosted provides a curated list of services that might be of interest to you.\nVPN You could certainly setup and manage your own VPN by using something like OpenVPN, but there is also something else you can try: tailscale. It is a very quick way to create fully-encrypted connections between clients. And by using its MagicDNS, it is a truly magical solution. If one of your nodes has a hostname of plex, you can simply access it by referring to its hostname (i.e ssh plex@plex). This way you can create a secure tunnel to your homelab from anywhere in the world!\nMonitoring Monitoring can become an important aspect of your homelab after it starts to become something that is relied upon. One of the simplest ways to setup some monitoring is using netdata. It can be installed on individual containers, VMs, and also a hypervisor (such as Proxmox). All of the monitoring works out of the box by detecting disks, memory, network interfaces, etc.\nAdditionally, all of these different agents can be connected to netdata cloud, which can alert you when some of your infrastructure is down or in a degraded state. Adding additional nodes to netdata cloud is as simple as a 1 line shell command.\nGrafana is another popular way of visualizing metrics, although it requires more initial setup.\nIn Summary Building out a homelab can be incredibly rewarding and it doesn\u0026rsquo;t always require buying a rack full of expensive servers to get a significant amount of utility.\n","href":"/blog/2021/09/06/what-to-do-with-a-homelab/","title":"What To Do With A Homelab"},{"content":"AppGate SDP provides a Zero Trust network. This post describes how to get AppGate SDP 4.3.2 working on Arch Linux.\nDepending on the AppGate SDP Server that is running, you may require a client that is more recent than the latest package on AUR. As of right now, the latest AUR is 4.2.2-1.\nThese steps highlight how to get it working with Python3.8 by making a 1 line modification to AppGate source code.\nPackaging We already know the community package is currently out of date, so let\u0026rsquo;s clone it:\ngit clone https://aur.archlinux.org/appgate-sdp.git cd appgate-sdp You\u0026rsquo;ll likely notice that the version is not what we want, so let\u0026rsquo;s modify the PKGBUILD to the following:\n# Maintainer: Pawel Mosakowski \u0026lt;pawel at mosakowski dot net\u0026gt; pkgname=appgate-sdp conflicts=(\u0026#39;appgate-sdp-headless\u0026#39;) pkgver=4.3.2 _download_pkgver=4.3 pkgrel=1 epoch= pkgdesc=\u0026#34;Software Defined Perimeter - GUI client\u0026#34; arch=(\u0026#39;x86_64\u0026#39;) url=\u0026#34;https://www.cyxtera.com/essential-defense/appgate-sdp/support\u0026#34; license=(\u0026#39;custom\u0026#39;) # dependecies calculated by namcap depends=(\u0026#39;gconf\u0026#39; \u0026#39;libsecret\u0026#39; \u0026#39;gtk3\u0026#39; \u0026#39;python\u0026#39; \u0026#39;nss\u0026#39; \u0026#39;libxss\u0026#39; \u0026#39;nodejs\u0026#39; \u0026#39;dnsmasq\u0026#39;) source=(\u0026#34;https://sdpdownloads.cyxtera.com/AppGate-SDP-${_download_pkgver}/clients/${pkgname}_${pkgver}_amd64.deb\u0026#34; \u0026#34;appgatedriver.service\u0026#34;) options=(staticlibs) prepare() { tar -xf data.tar.xz } package() { cp -dpr \u0026#34;${srcdir}\u0026#34;/{etc,lib,opt,usr} \u0026#34;${pkgdir}\u0026#34; mv -v \u0026#34;$pkgdir/lib/systemd/system\u0026#34; \u0026#34;$pkgdir/usr/lib/systemd/\u0026#34; rm -vrf \u0026#34;$pkgdir/lib\u0026#34; cp -v \u0026#34;$srcdir/appgatedriver.service\u0026#34; \u0026#34;$pkgdir/usr/lib/systemd/system/appgatedriver.service\u0026#34; mkdir -vp \u0026#34;$pkgdir/usr/share/licenses/appgate-sdp\u0026#34; cp -v \u0026#34;$pkgdir/usr/share/doc/appgate/copyright\u0026#34; \u0026#34;$pkgdir/usr/share/licenses/appgate-sdp\u0026#34; cp -v \u0026#34;$pkgdir/usr/share/doc/appgate/LICENSE.github\u0026#34; \u0026#34;$pkgdir/usr/share/licenses/appgate-sdp\u0026#34; cp -v \u0026#34;$pkgdir/usr/share/doc/appgate/LICENSES.chromium.html.bz2\u0026#34; \u0026#34;$pkgdir/usr/share/licenses/appgate-sdp\u0026#34; } md5sums=(\u0026#39;17101aac7623c06d5fbb95f50cf3dbdc\u0026#39; \u0026#39;002644116e20b2d79fdb36b7677ab4cf\u0026#39;) Let\u0026rsquo;s first make sure we have some dependencies. If you do not have yay, check it out.\nyay -S dnsmasq gconf Now, let\u0026rsquo;s install it:\nmakepkg -si Running the client Ok, let\u0026rsquo;s run the client by executing appgate.\nIt complains about not being able to connect.\nEasy fix:\nsudo systemctl start appgatedriver.service Now we should be connected\u0026hellip; but DNS is not working?\nFixing the DNS Running resolvectl should display that something is not right.\nWhy is the DNS not being set by appgate?\n$ head -3 /opt/appgate/linux/set_dns #!/usr/bin/env python3 \u0026#39;\u0026#39;\u0026#39; This is used to set and unset the DNS. It seems like python3 is required for the DNS setting to happen. Let\u0026rsquo;s try to run it.\n$ sudo /opt/appgate/linux/set_dns /opt/appgate/linux/set_dns:88: SyntaxWarning: \u0026#34;is\u0026#34; with a literal. Did you mean \u0026#34;==\u0026#34;? servers = [( socket.AF_INET if x.version is 4 else socket.AF_INET6, map(int, x.packed)) for x in servers] Traceback (most recent call last): File \u0026#34;/opt/appgate/linux/set_dns\u0026#34;, line 30, in \u0026lt;module\u0026gt; import dbus ModuleNotFoundError: No module named \u0026#39;dbus\u0026#39; Ok, let\u0026rsquo;s install it:\n$ sudo python3.8 -m pip install dbus-python Will it work now? Not yet. There\u0026rsquo;s another issue:\n$ sudo /opt/appgate/linux/set_dns /opt/appgate/linux/set_dns:88: SyntaxWarning: \u0026#34;is\u0026#34; with a literal. Did you mean \u0026#34;==\u0026#34;? servers = [( socket.AF_INET if x.version is 4 else socket.AF_INET6, map(int, x.packed)) for x in servers] module \u0026#39;platform\u0026#39; has no attribute \u0026#39;linux_distribution\u0026#39; This is a breaking change in Python3.8.\nSo what is calling platform.linux_distribution?\nLet\u0026rsquo;s search for it:\n$ sudo grep -r \u0026#39;linux_distribution\u0026#39; /opt/appgate/linux/ /opt/appgate/linux/nm.py: if platform.linux_distribution()[0] != \u0026#39;Fedora\u0026#39;: Aha! So this is in the local AppGate source code. This should be an easy fix. Let\u0026rsquo;s just replace this line with:\nif True: # Since we are not using Fedora :) Wrapping up It turns out there are breaking changes in Python3.8.\nThe docs say Deprecated since version 3.5, will be removed in version 3.8: See alternative like the distro package.\nI suppose this highlights one of the caveats of relying upon the system\u0026rsquo;s python, rather than having an isolated, dedicated environment for all dependencies.\n","href":"/blog/2020/03/16/appgate-sdp-on-arch-linux/","title":"AppGate SDP on Arch Linux"},{"content":"","href":"/tags/python/","title":"python"},{"content":"","href":"/tags/vpn/","title":"vpn"},{"content":"test\n","href":"/page/search/","title":""},{"content":"","href":"/authors/","title":"Authors"},{"content":"","href":"/page/","title":"Pages"}]
\ No newline at end of file
diff --git a/post/index.html b/post/index.html
index fd8e6caf..147c5c11 100644
--- a/post/index.html
+++ b/post/index.html
@@ -7,7 +7,7 @@
-
+
Posts • davegallant
@@ -45,12 +45,18 @@ tech blog
diff --git a/post/index.xml b/post/index.xml
index 3bda358b..f433700f 100644
--- a/post/index.xml
+++ b/post/index.xml
@@ -1 +1 @@
-Posts on davegallant/post/Recent content in Posts on davegallantHugo -- gohugo.ioen-usMon, 06 Sep 2021 01:12:54 -0400What To Do With A Homelab/blog/2021/09/06/what-to-do-with-a-homelab/Mon, 06 Sep 2021 01:12:54 -0400/blog/2021/09/06/what-to-do-with-a-homelab/<p>A homelab can be an inexpensive way to host a multitude of internal/external services and learn <em>a lot</em> in the process.</p>AppGate SDP on Arch Linux/blog/2020/03/16/appgate-sdp-on-arch-linux/Mon, 16 Mar 2020 22:00:15 -0400/blog/2020/03/16/appgate-sdp-on-arch-linux/<p>AppGate SDP provides a Zero Trust network. This post describes how to get AppGate SDP <code>4.3.2</code> working on Arch Linux.</p>
\ No newline at end of file
+Posts on davegallant/post/Recent content in Posts on davegallantHugo -- gohugo.ioen-usWed, 08 Sep 2021 00:42:33 -0400Why I Threw Out My Dotfiles/blog/2021/09/08/why-i-threw-out-my-dotfiles/Wed, 08 Sep 2021 00:42:33 -0400/blog/2021/09/08/why-i-threw-out-my-dotfiles/What To Do With A Homelab/blog/2021/09/06/what-to-do-with-a-homelab/Mon, 06 Sep 2021 01:12:54 -0400/blog/2021/09/06/what-to-do-with-a-homelab/<p>A homelab can be an inexpensive way to host a multitude of internal/external services and learn <em>a lot</em> in the process.</p>AppGate SDP on Arch Linux/blog/2020/03/16/appgate-sdp-on-arch-linux/Mon, 16 Mar 2020 22:00:15 -0400/blog/2020/03/16/appgate-sdp-on-arch-linux/<p>AppGate SDP provides a Zero Trust network. This post describes how to get AppGate SDP <code>4.3.2</code> working on Arch Linux.</p>
\ No newline at end of file
diff --git a/sitemap.xml b/sitemap.xml
index 6982b8ad..94a67b60 100644
--- a/sitemap.xml
+++ b/sitemap.xml
@@ -1 +1 @@
-/about//tags/adguard/2021-09-06T01:12:54-04:00/2021-09-06T01:12:54-04:00/tags/homelab/2021-09-06T01:12:54-04:00/tags/linux/2021-09-06T01:12:54-04:00/tags/netdata/2021-09-06T01:12:54-04:00/tags/pihole/2021-09-06T01:12:54-04:00/tags/plex/2021-09-06T01:12:54-04:00/post/2021-09-06T01:12:54-04:00/tags/2021-09-06T01:12:54-04:00/tags/tailscale/2021-09-06T01:12:54-04:00/tags/virtualization/2021-09-06T01:12:54-04:00/blog/2021/09/06/what-to-do-with-a-homelab/2021-09-06T01:12:54-04:00/blog/2020/03/16/appgate-sdp-on-arch-linux/2020-03-16T22:00:15-04:00/tags/python/2020-03-16T22:00:15-04:00/tags/vpn/2020-03-16T22:00:15-04:00/page/search//authors//page/
\ No newline at end of file
+/about//2021-09-08T00:42:33-04:00/tags/dotfiles/2021-09-08T00:42:33-04:00/tags/home-manager/2021-09-08T00:42:33-04:00/tags/nix/2021-09-08T00:42:33-04:00/post/2021-09-08T00:42:33-04:00/tags/2021-09-08T00:42:33-04:00/blog/2021/09/08/why-i-threw-out-my-dotfiles/2021-09-08T00:42:33-04:00/tags/adguard/2021-09-06T01:12:54-04:00/tags/homelab/2021-09-06T01:12:54-04:00/tags/linux/2021-09-06T01:12:54-04:00/tags/netdata/2021-09-06T01:12:54-04:00/tags/pihole/2021-09-06T01:12:54-04:00/tags/plex/2021-09-06T01:12:54-04:00/tags/tailscale/2021-09-06T01:12:54-04:00/tags/virtualization/2021-09-06T01:12:54-04:00/blog/2021/09/06/what-to-do-with-a-homelab/2021-09-06T01:12:54-04:00/blog/2020/03/16/appgate-sdp-on-arch-linux/2020-03-16T22:00:15-04:00/tags/python/2020-03-16T22:00:15-04:00/tags/vpn/2020-03-16T22:00:15-04:00/page/search//authors//page/
\ No newline at end of file
diff --git a/tags/adguard/index.html b/tags/adguard/index.html
index 77fe601e..f5c697f7 100644
--- a/tags/adguard/index.html
+++ b/tags/adguard/index.html
@@ -7,7 +7,7 @@
-
+
Tag: adguard • davegallant
@@ -45,12 +45,18 @@ tech blog
+
+
+
\ No newline at end of file
diff --git a/tags/home-manager/index.xml b/tags/home-manager/index.xml
new file mode 100644
index 00000000..5ba8da5c
--- /dev/null
+++ b/tags/home-manager/index.xml
@@ -0,0 +1 @@
+home-manager on davegallant/tags/home-manager/Recent content in home-manager on davegallantHugo -- gohugo.ioen-usWed, 08 Sep 2021 00:42:33 -0400Why I Threw Out My Dotfiles/blog/2021/09/08/why-i-threw-out-my-dotfiles/Wed, 08 Sep 2021 00:42:33 -0400/blog/2021/09/08/why-i-threw-out-my-dotfiles/
\ No newline at end of file
diff --git a/tags/home-manager/page/1/index.html b/tags/home-manager/page/1/index.html
new file mode 100644
index 00000000..b5a9db71
--- /dev/null
+++ b/tags/home-manager/page/1/index.html
@@ -0,0 +1 @@
+/tags/home-manager/
\ No newline at end of file
diff --git a/tags/homelab/index.html b/tags/homelab/index.html
index d2524e35..aaffad4f 100644
--- a/tags/homelab/index.html
+++ b/tags/homelab/index.html
@@ -7,7 +7,7 @@
-
+
Tag: homelab • davegallant
@@ -45,12 +45,18 @@ tech blog
+
+
+
\ No newline at end of file
diff --git a/tags/nix/index.xml b/tags/nix/index.xml
new file mode 100644
index 00000000..d71d86f5
--- /dev/null
+++ b/tags/nix/index.xml
@@ -0,0 +1 @@
+nix on davegallant/tags/nix/Recent content in nix on davegallantHugo -- gohugo.ioen-usWed, 08 Sep 2021 00:42:33 -0400Why I Threw Out My Dotfiles/blog/2021/09/08/why-i-threw-out-my-dotfiles/Wed, 08 Sep 2021 00:42:33 -0400/blog/2021/09/08/why-i-threw-out-my-dotfiles/
\ No newline at end of file
diff --git a/tags/nix/page/1/index.html b/tags/nix/page/1/index.html
new file mode 100644
index 00000000..ab2d4dab
--- /dev/null
+++ b/tags/nix/page/1/index.html
@@ -0,0 +1 @@
+/tags/nix/
\ No newline at end of file
diff --git a/tags/pihole/index.html b/tags/pihole/index.html
index f2ed9f23..9305a9fa 100644
--- a/tags/pihole/index.html
+++ b/tags/pihole/index.html
@@ -7,7 +7,7 @@
-
+
Tag: pihole • davegallant
@@ -45,12 +45,18 @@ tech blog
+ +davegallant + +
+Tags
+-
+adguard
+
-
+dotfiles
+
-
+home-manager
+
-
+homelab
+
-
+linux
+
-
+netdata
+
-
+nix
+
-
+pihole
+
-
+plex
+
-
+python
+
-
+tailscale
+
-
+virtualization
+
-
+vpn
+
+Why I Threw Out My Dotfiles
+Do you manage a
+.zshrc?.vimrc?tmux.conf? Do you have dozens of configuration files that you manage in a git repo? Or maybe you don’t backup any of your configuration at all? Do you also have a bunch of command line utilities that you forget you installed? Or don’t remember why you installed them?Over the years I have collected a number of dotfiles that I have shared across both Linux and macOS machines. I have tried several different ways to manage them, including bare git repos and utilities such as GNU Stow. These solutions work well enough, but I have since found what I would consider a much better solution for organizing user configuration: home-manager.
+What is home-manager?
+Before understanding home-manager, it is worth briefly discussing what nix is. nix is a package manager that original spawned from a PhD thesis. Unlike other package managers, it uses symbolic links to keep track of the currently installed packages, keeping around the old ones in case you may want to rollback.
+For example, I have used nix to install the package bind which includes
+dig. You can see that it is available on multiple platforms. The absolute path ofdigcan be found by running:Notice that there is a hash included in file path? This is nix store path and is computed by the nix package manager. This nix pill does a good job explaining how this hash is computed. All of the nix pills are worth a read, if you are interested in learning more about nix itself. However, using home-manager does not require extensive knowledge of nix.
+Part of the nix ecosystem includes nixpkgs. Many popular tools can be found already packaged in this repository. As you can see with these stats, there is a large number of existing packages that are being maintained by the community. Contributing a new package is easy, and anyone can do it!
+home-manager leverages the nix package manager (and nixpkgs), as well the nix language so that you can declaratively define your system configuration. I store my nix-config in git so that I can keep track of my packages and configurations, and retain a clean and informative git commit history so that I can understand what changed and why.
+Setting up home-manager
+ +The first thing you should do is install nix:
+It’s not a good idea to curl and execute random files from the internet, so you might want to download the install script first and take a peak before executing it!
+Open up a new shell in your terminal and running
+nixshould work. If not, run. ~/.nix-profile/etc/profile.d/nix.shNow, install home-manager:
+You should see a wave of
+/nix/store/*paths being displayed on your screen.Now, to start off with a basic configuration, open up
+~/.config/nixpkgs/home.nixin the editor of your choice and paste this in (you will want to changeuserNameandhomeDirectory):Save the file and run:
+You should see another wave of
+/nix/store/*paths. The new configuration should now be active.If you run
+zsh, you should see that you have starship and access to several other utils such asrg,fd, andexa.This basic configuration above is also defining your
+~/.config/git/configand.zshrc. If you already have either of these files, home-manager will complain about them already existing.If you take
+cat ~/.zshrc, you will see the way these configuration files are generated.Wrapping up
+And that is how you can get started defining your user configuration with home-manager. You can extend this configuration for programs such as (neo)vim, emacs, alacritty, ssh, etc. To see other programs, take a look at home-manager/modules/programs.
++Why I Threw Out My Dotfiles +
++Why I Threw Out My Dotfiles +
++ +davegallant + +
+Tags
+-
+adguard
+
-
+dotfiles
+
-
+home-manager
+
-
+homelab
+
-
+linux
+
-
+netdata
+
-
+nix
+
-
+pihole
+
-
+plex
+
-
+python
+
-
+tailscale
+
-
+virtualization
+
-
+vpn
+
+Tag: dotfiles
++-
+
+
+Posted on
+
+
+
+
+
+
+
++Why I Threw Out My Dotfiles +
++ +davegallant + +
+Tags
+-
+adguard
+
-
+dotfiles
+
-
+home-manager
+
-
+homelab
+
-
+linux
+
-
+netdata
+
-
+nix
+
-
+pihole
+
-
+plex
+
-
+python
+
-
+tailscale
+
-
+virtualization
+
-
+vpn
+
+Tag: home-manager
++-
+
+
+Posted on
+
+
+
+
+
+
+
++Why I Threw Out My Dotfiles +
++ +davegallant + +
+Tags
+-
+adguard
+
-
+dotfiles
+
-
+home-manager
+
-
+homelab
+
-
+linux
+
-
+netdata
+
-
+nix
+
-
+pihole
+
-
+plex
+
-
+python
+
-
+tailscale
+
-
+virtualization
+
-
+vpn
+
+Tag: nix
++-
+
+
+Posted on
+
+
+
+
+
+
+
++Why I Threw Out My Dotfiles +
+