dave/site
1
0
Fork 0
mirror of https://github.com/davegallant/davegallant.github.io.git synced 2025-08-14 12:20:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

deploy: eb5ac08f16278eebb1b449c0c8a59342d644d95f

Browse Source
This commit is contained in:
davegallant
2024-01-02 20:10:57 +00:00
parent 0b9692c401
commit de6652db5f
71 changed files with 560 additions and 1270 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
blog/2020/03/16/appgate-sdp-on-arch-linux/index.html
View File

@@ -579,16 +579,6 @@ template {
See: https://getbootstrap.com/docs/5.0/layout/breakpoints/#available-breakpoints
*/
@custom-media --sm (min-width: 576px);
@custom-media --md (min-width: 768px);
@custom-media --lg (min-width: 992px);
@custom-media --xl (min-width: 1200px);
@custom-media --xxl (min-width: 1400px);
:root[data-theme="light"] {
--bg: var(--bg0);
--bg0: #fbf1c7;
@@ -765,7 +755,7 @@ h3 {
font-size: 1.625rem;
}
@media (--md) {
@media (min-width: 768px) {
h1 {
font-size: 2.375rem;
}
@@ -967,7 +957,7 @@ footer {
top: 2rem;
}
@media (--lg) {
@media (min-width: 992px) {
.sidebar {
display: flex;
@@ -1008,7 +998,7 @@ header {
display: none;
}
@media (--md) {
@media (min-width: 768px) {
.logo__text {
display: block;
}
@@ -1061,7 +1051,7 @@ header {
z-index: 1000;
}
@media (--md) {
@media (min-width: 768px) {
.search {
position: relative;
}
@@ -1167,7 +1157,7 @@ nav#menu ul.menu--horizontal li {
margin: 0 0.75rem;
}
@media (--md) {
@media (min-width: 768px) {
nav#menu ul.menu--horizontal {
display: flex;
@@ -1258,7 +1248,7 @@ nav#menu .menu__burger input {
transform: translate(0, -6px) rotate(-45deg);
}
@media (--md) {
@media (min-width: 768px) {
nav#menu .menu__burger {
display: none;
@@ -1494,7 +1484,7 @@ h1:hover .post-heading__anchor, h2:hover .post-heading__anchor, h3:hover .post-h
flex-flow: column;
}
@media (--md) {
@media (min-width: 768px) {
.jr__item-meta {
align-items: center;
flex-flow: row wrap;
@@ -1583,7 +1573,7 @@ h1:hover .post-heading__anchor, h2:hover .post-heading__anchor, h3:hover .post-h
}
*/
</style><link rel=preload href="/css/non-critical.67cb283542b48f68e77ea69ecc88c660d6cd3c5286d9f66a72c693a6d009b5745c627a5b065dab9c3583e47513e8845d4c7aa57bd4c4847fa4fca61ae5258681.css" as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-Z8soNUK0j2jnfqaezIjGYNbNPFKG2fZqcsaTptAJtXRcYnpbBl2rnDWD5HUT6IRdTHqle9TEhH+k/KYa5SWGgQ=="><link id=prism-dark rel=preload href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link id=prism-light rel=preload href=/prism-themes/prism-gruvbox-light.min.42a221741efe997fcc94187c39d63c555560678789ac9ca856c74a5f0ddb2aa6c50d38b2ffbecc7a99038cbbd2efa99746e862267f781c559e0cfec10b88a5fc.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-QqIhdB7+mX/MlBh8OdY8VVVgZ4eJrJyoVsdKXw3bKqbFDTiy/77MepkDjLvS76mXRuhiJn94HFWeDP7BC4il/A==" disabled><noscript><link rel=stylesheet href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link rel=stylesheet href="/css/non-critical.67cb283542b48f68e77ea69ecc88c660d6cd3c5286d9f66a72c693a6d009b5745c627a5b065dab9c3583e47513e8845d4c7aa57bd4c4847fa4fca61ae5258681.css" integrity="sha512-Z8soNUK0j2jnfqaezIjGYNbNPFKG2fZqcsaTptAJtXRcYnpbBl2rnDWD5HUT6IRdTHqle9TEhH+k/KYa5SWGgQ=="></noscript><script>(()=>{function n(){if(localStorage&&localStorage.getItem("theme"))return localStorage.getItem("theme");if(window.matchMedia)return window.matchMedia("(prefers-color-scheme: light)").matches?"light":"dark"}function e(e){document.documentElement.setAttribute("data-theme",e);let t=document.getElementById("prism-dark"),n=document.getElementById("prism-light");t.toggleAttribute("disabled",e==="light"),n.toggleAttribute("disabled",e==="dark"),localStorage.setItem("theme",e)}var t=n();t&&e(t);function s(t){let n=t.currentTarget.classList.contains("light--hidden")?"light":"dark";e(n)}document.addEventListener("DOMContentLoaded",function(){document.querySelectorAll(".theme__toggle").forEach(e=>{e.addEventListener("click",s)})})})()</script><link rel=apple-touch-icon sizes=180x180 href=/apple-touch-icon.png><link rel=icon type=image/png sizes=32x32 href=/favicon-32x32.png><link rel=icon type=image/png sizes=16x16 href=/favicon-16x16.png><link rel=manifest href=/site.webmanifest><link rel=mask-icon href=/safari-pinned-tab.svg color=#282828><meta name=msapplication-TileColor content="#282828"><meta name=theme-color content="#282828"></head><body><div class=layout><header><a class=logo href=/><div class=logo__text>davegallant.ca</div><div class=logo__chevron>></div><div class=logo__cursor></div></a><div class=search><input id=search__text type=search placeholder=Search... aria-label=Search autocomplete=off><div id=search__suggestions class=search__suggestions--hidden></div></div><nav id=menu><ul class=menu--horizontal><li class=menu__item><a href=/index.xml>RSS</a></li></ul><div class=menu__burger><input class=menu__item type=checkbox aria-label="Open main menu"><svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-menu-2" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M4 6h16"/><path d="M4 12h16"/><path d="M4 18h16"/></svg><ul class=menu--vertical><li><a class=menu__item href=/index.xml>RSS</a></li></ul></div></nav><button class="theme__toggle light--hidden" aria-label="Toggle light mode">
</style><link rel=preload href="/css/non-critical.fda4fe26932451ba1f7ab9430bf51f2047a023a1dcd0748e27f117a9cf8462bd2a9a27cb13f7f889850e85728f11cc1dbbd025849fe9f66e87a95305d6735f9f.css" as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-/aT+JpMkUboferlDC/UfIEegI6Hc0HSOJ/EXqc+EYr0qmifLE/f4iYUOhXKPEcwdu9AlhJ/p9m6HqVMF1nNfnw=="><link id=prism-dark rel=preload href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link id=prism-light rel=preload href=/prism-themes/prism-gruvbox-light.min.42a221741efe997fcc94187c39d63c555560678789ac9ca856c74a5f0ddb2aa6c50d38b2ffbecc7a99038cbbd2efa99746e862267f781c559e0cfec10b88a5fc.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-QqIhdB7+mX/MlBh8OdY8VVVgZ4eJrJyoVsdKXw3bKqbFDTiy/77MepkDjLvS76mXRuhiJn94HFWeDP7BC4il/A==" disabled><noscript><link rel=stylesheet href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link rel=stylesheet href="/css/non-critical.fda4fe26932451ba1f7ab9430bf51f2047a023a1dcd0748e27f117a9cf8462bd2a9a27cb13f7f889850e85728f11cc1dbbd025849fe9f66e87a95305d6735f9f.css" integrity="sha512-/aT+JpMkUboferlDC/UfIEegI6Hc0HSOJ/EXqc+EYr0qmifLE/f4iYUOhXKPEcwdu9AlhJ/p9m6HqVMF1nNfnw=="></noscript><script>(()=>{function n(){if(localStorage&&localStorage.getItem("theme"))return localStorage.getItem("theme");if(window.matchMedia)return window.matchMedia("(prefers-color-scheme: light)").matches?"light":"dark"}function e(e){document.documentElement.setAttribute("data-theme",e);let t=document.getElementById("prism-dark"),n=document.getElementById("prism-light");t.toggleAttribute("disabled",e==="light"),n.toggleAttribute("disabled",e==="dark"),localStorage.setItem("theme",e)}var t=n();t&&e(t);function s(t){let n=t.currentTarget.classList.contains("light--hidden")?"light":"dark";e(n)}document.addEventListener("DOMContentLoaded",function(){document.querySelectorAll(".theme__toggle").forEach(e=>{e.addEventListener("click",s)})})})()</script><link rel=apple-touch-icon sizes=180x180 href=/apple-touch-icon.png><link rel=icon type=image/png sizes=32x32 href=/favicon-32x32.png><link rel=icon type=image/png sizes=16x16 href=/favicon-16x16.png><link rel=manifest href=/site.webmanifest><link rel=mask-icon href=/safari-pinned-tab.svg color=#282828><meta name=msapplication-TileColor content="#282828"><meta name=theme-color content="#282828"></head><body><div class=layout><header><a class=logo href=/><div class=logo__text>davegallant.ca</div><div class=logo__chevron>></div><div class=logo__cursor></div></a><div class=search><input id=search__text type=search placeholder=Search... aria-label=Search autocomplete=off><div id=search__suggestions class=search__suggestions--hidden></div></div><nav id=menu><ul class=menu--horizontal><li class=menu__item><a href=/index.xml>RSS</a></li></ul><div class=menu__burger><input class=menu__item type=checkbox aria-label="Open main menu"><svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-menu-2" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M4 6h16"/><path d="M4 12h16"/><path d="M4 18h16"/></svg><ul class=menu--vertical><li><a class=menu__item href=/index.xml>RSS</a></li></ul></div></nav><button class="theme__toggle light--hidden" aria-label="Toggle light mode">
<svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-sun" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M12 12m-4 0a4 4 0 108 0 4 4 0 10-8 0"/><path d="M3 12h1m8-9v1m8 8h1m-9 8v1M5.6 5.6l.7.7m12.1-.7-.7.7m0 11.4.7.7m-12.1-.7-.7.7"/></svg></button>
<button class="theme__toggle dark--hidden" aria-label="Toggle dark mode"><svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-moon" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M12 3c.132.0.263.0.393.0a7.5 7.5.0 007.92 12.446A9 9 0 1112 2.992z"/></svg></button></header><main><div class=content><article class=post><div class=post-header><h1>AppGate SDP on Arch Linux</h1><div class=post-meta><span>2020-03-16</span><span> by </span><span class=post-meta__author>Dave Gallant</span><span> (updated: 2024-01-01)</span><div class=post-tags><a class=post-tag href=/tags/linux>linux</a><a class=post-tag href=/tags/vpn>vpn</a><a class=post-tag href=/tags/python>python</a></div></div></div><div class=post-content><p>AppGate SDP provides a Zero Trust network. This post describes how to get AppGate SDP <code>4.3.2</code> working on Arch Linux.</p><p>Depending on the AppGate SDP Server that is running, you may require a client that is more recent than the latest package on <a href=https://aur.archlinux.org/packages/appgate-sdp/ class=link--external target=_blank rel=noreferrer>AUR</a>.
As of right now, the latest AUR is <code>4.2.2-1</code>.</p><p>These steps highlight how to get it working with <code>Python3.8</code> by making a 1 line modification to AppGate source code.</p><h1 id=packaging>Packaging<a href=#packaging class=post-heading__anchor aria-hidden=true>#</a></h1><p>We already know the community package is currently out of date, so let&rsquo;s clone it:</p><div class=highlight><pre tabindex=0 style=color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4><code class=language-shell data-lang=shell><span style=display:flex><span>git clone https://aur.archlinux.org/appgate-sdp.git

26
blog/2021/09/06/what-to-do-with-a-homelab/index.html
View File

@@ -579,16 +579,6 @@ template {
See: https://getbootstrap.com/docs/5.0/layout/breakpoints/#available-breakpoints
*/
@custom-media --sm (min-width: 576px);
@custom-media --md (min-width: 768px);
@custom-media --lg (min-width: 992px);
@custom-media --xl (min-width: 1200px);
@custom-media --xxl (min-width: 1400px);
:root[data-theme="light"] {
--bg: var(--bg0);
--bg0: #fbf1c7;
@@ -765,7 +755,7 @@ h3 {
font-size: 1.625rem;
}
@media (--md) {
@media (min-width: 768px) {
h1 {
font-size: 2.375rem;
}
@@ -967,7 +957,7 @@ footer {
top: 2rem;
}
@media (--lg) {
@media (min-width: 992px) {
.sidebar {
display: flex;
@@ -1008,7 +998,7 @@ header {
display: none;
}
@media (--md) {
@media (min-width: 768px) {
.logo__text {
display: block;
}
@@ -1061,7 +1051,7 @@ header {
z-index: 1000;
}
@media (--md) {
@media (min-width: 768px) {
.search {
position: relative;
}
@@ -1167,7 +1157,7 @@ nav#menu ul.menu--horizontal li {
margin: 0 0.75rem;
}
@media (--md) {
@media (min-width: 768px) {
nav#menu ul.menu--horizontal {
display: flex;
@@ -1258,7 +1248,7 @@ nav#menu .menu__burger input {
transform: translate(0, -6px) rotate(-45deg);
}
@media (--md) {
@media (min-width: 768px) {
nav#menu .menu__burger {
display: none;
@@ -1494,7 +1484,7 @@ h1:hover .post-heading__anchor, h2:hover .post-heading__anchor, h3:hover .post-h
flex-flow: column;
}
@media (--md) {
@media (min-width: 768px) {
.jr__item-meta {
align-items: center;
flex-flow: row wrap;
@@ -1583,7 +1573,7 @@ h1:hover .post-heading__anchor, h2:hover .post-heading__anchor, h3:hover .post-h
}
*/
</style><link rel=preload href="/css/non-critical.67cb283542b48f68e77ea69ecc88c660d6cd3c5286d9f66a72c693a6d009b5745c627a5b065dab9c3583e47513e8845d4c7aa57bd4c4847fa4fca61ae5258681.css" as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-Z8soNUK0j2jnfqaezIjGYNbNPFKG2fZqcsaTptAJtXRcYnpbBl2rnDWD5HUT6IRdTHqle9TEhH+k/KYa5SWGgQ=="><link id=prism-dark rel=preload href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link id=prism-light rel=preload href=/prism-themes/prism-gruvbox-light.min.42a221741efe997fcc94187c39d63c555560678789ac9ca856c74a5f0ddb2aa6c50d38b2ffbecc7a99038cbbd2efa99746e862267f781c559e0cfec10b88a5fc.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-QqIhdB7+mX/MlBh8OdY8VVVgZ4eJrJyoVsdKXw3bKqbFDTiy/77MepkDjLvS76mXRuhiJn94HFWeDP7BC4il/A==" disabled><noscript><link rel=stylesheet href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link rel=stylesheet href="/css/non-critical.67cb283542b48f68e77ea69ecc88c660d6cd3c5286d9f66a72c693a6d009b5745c627a5b065dab9c3583e47513e8845d4c7aa57bd4c4847fa4fca61ae5258681.css" integrity="sha512-Z8soNUK0j2jnfqaezIjGYNbNPFKG2fZqcsaTptAJtXRcYnpbBl2rnDWD5HUT6IRdTHqle9TEhH+k/KYa5SWGgQ=="></noscript><script>(()=>{function n(){if(localStorage&&localStorage.getItem("theme"))return localStorage.getItem("theme");if(window.matchMedia)return window.matchMedia("(prefers-color-scheme: light)").matches?"light":"dark"}function e(e){document.documentElement.setAttribute("data-theme",e);let t=document.getElementById("prism-dark"),n=document.getElementById("prism-light");t.toggleAttribute("disabled",e==="light"),n.toggleAttribute("disabled",e==="dark"),localStorage.setItem("theme",e)}var t=n();t&&e(t);function s(t){let n=t.currentTarget.classList.contains("light--hidden")?"light":"dark";e(n)}document.addEventListener("DOMContentLoaded",function(){document.querySelectorAll(".theme__toggle").forEach(e=>{e.addEventListener("click",s)})})})()</script><link rel=apple-touch-icon sizes=180x180 href=/apple-touch-icon.png><link rel=icon type=image/png sizes=32x32 href=/favicon-32x32.png><link rel=icon type=image/png sizes=16x16 href=/favicon-16x16.png><link rel=manifest href=/site.webmanifest><link rel=mask-icon href=/safari-pinned-tab.svg color=#282828><meta name=msapplication-TileColor content="#282828"><meta name=theme-color content="#282828"></head><body><div class=layout><header><a class=logo href=/><div class=logo__text>davegallant.ca</div><div class=logo__chevron>></div><div class=logo__cursor></div></a><div class=search><input id=search__text type=search placeholder=Search... aria-label=Search autocomplete=off><div id=search__suggestions class=search__suggestions--hidden></div></div><nav id=menu><ul class=menu--horizontal><li class=menu__item><a href=/index.xml>RSS</a></li></ul><div class=menu__burger><input class=menu__item type=checkbox aria-label="Open main menu"><svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-menu-2" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M4 6h16"/><path d="M4 12h16"/><path d="M4 18h16"/></svg><ul class=menu--vertical><li><a class=menu__item href=/index.xml>RSS</a></li></ul></div></nav><button class="theme__toggle light--hidden" aria-label="Toggle light mode">
</style><link rel=preload href="/css/non-critical.fda4fe26932451ba1f7ab9430bf51f2047a023a1dcd0748e27f117a9cf8462bd2a9a27cb13f7f889850e85728f11cc1dbbd025849fe9f66e87a95305d6735f9f.css" as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-/aT+JpMkUboferlDC/UfIEegI6Hc0HSOJ/EXqc+EYr0qmifLE/f4iYUOhXKPEcwdu9AlhJ/p9m6HqVMF1nNfnw=="><link id=prism-dark rel=preload href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link id=prism-light rel=preload href=/prism-themes/prism-gruvbox-light.min.42a221741efe997fcc94187c39d63c555560678789ac9ca856c74a5f0ddb2aa6c50d38b2ffbecc7a99038cbbd2efa99746e862267f781c559e0cfec10b88a5fc.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-QqIhdB7+mX/MlBh8OdY8VVVgZ4eJrJyoVsdKXw3bKqbFDTiy/77MepkDjLvS76mXRuhiJn94HFWeDP7BC4il/A==" disabled><noscript><link rel=stylesheet href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link rel=stylesheet href="/css/non-critical.fda4fe26932451ba1f7ab9430bf51f2047a023a1dcd0748e27f117a9cf8462bd2a9a27cb13f7f889850e85728f11cc1dbbd025849fe9f66e87a95305d6735f9f.css" integrity="sha512-/aT+JpMkUboferlDC/UfIEegI6Hc0HSOJ/EXqc+EYr0qmifLE/f4iYUOhXKPEcwdu9AlhJ/p9m6HqVMF1nNfnw=="></noscript><script>(()=>{function n(){if(localStorage&&localStorage.getItem("theme"))return localStorage.getItem("theme");if(window.matchMedia)return window.matchMedia("(prefers-color-scheme: light)").matches?"light":"dark"}function e(e){document.documentElement.setAttribute("data-theme",e);let t=document.getElementById("prism-dark"),n=document.getElementById("prism-light");t.toggleAttribute("disabled",e==="light"),n.toggleAttribute("disabled",e==="dark"),localStorage.setItem("theme",e)}var t=n();t&&e(t);function s(t){let n=t.currentTarget.classList.contains("light--hidden")?"light":"dark";e(n)}document.addEventListener("DOMContentLoaded",function(){document.querySelectorAll(".theme__toggle").forEach(e=>{e.addEventListener("click",s)})})})()</script><link rel=apple-touch-icon sizes=180x180 href=/apple-touch-icon.png><link rel=icon type=image/png sizes=32x32 href=/favicon-32x32.png><link rel=icon type=image/png sizes=16x16 href=/favicon-16x16.png><link rel=manifest href=/site.webmanifest><link rel=mask-icon href=/safari-pinned-tab.svg color=#282828><meta name=msapplication-TileColor content="#282828"><meta name=theme-color content="#282828"></head><body><div class=layout><header><a class=logo href=/><div class=logo__text>davegallant.ca</div><div class=logo__chevron>></div><div class=logo__cursor></div></a><div class=search><input id=search__text type=search placeholder=Search... aria-label=Search autocomplete=off><div id=search__suggestions class=search__suggestions--hidden></div></div><nav id=menu><ul class=menu--horizontal><li class=menu__item><a href=/index.xml>RSS</a></li></ul><div class=menu__burger><input class=menu__item type=checkbox aria-label="Open main menu"><svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-menu-2" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M4 6h16"/><path d="M4 12h16"/><path d="M4 18h16"/></svg><ul class=menu--vertical><li><a class=menu__item href=/index.xml>RSS</a></li></ul></div></nav><button class="theme__toggle light--hidden" aria-label="Toggle light mode">
<svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-sun" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M12 12m-4 0a4 4 0 108 0 4 4 0 10-8 0"/><path d="M3 12h1m8-9v1m8 8h1m-9 8v1M5.6 5.6l.7.7m12.1-.7-.7.7m0 11.4.7.7m-12.1-.7-.7.7"/></svg></button>
<button class="theme__toggle dark--hidden" aria-label="Toggle dark mode"><svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-moon" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M12 3c.132.0.263.0.393.0a7.5 7.5.0 007.92 12.446A9 9 0 1112 2.992z"/></svg></button></header><main><div class=content><article class=post><div class=post-header><h1>What to do with a homelab</h1><div class=post-meta><span>2021-09-06</span><span> by </span><span class=post-meta__author>Dave Gallant</span><span> (updated: 2024-01-02)</span><div class=post-tags><a class=post-tag href=/tags/self-hosted>self&#8209;hosted</a><a class=post-tag href=/tags/proxmox>proxmox</a><a class=post-tag href=/tags/tailscale>tailscale</a></div></div></div><div class=post-content><p>A homelab can be an inexpensive way to host a multitude of internal/external services and learn <em>a lot</em> in the process.</p><p>Do you want host your own Media server? Ad blocker? Web server?
Are you interested in learning more about Linux? Virtualization? Networking? Security?

26
blog/2021/09/08/why-i-threw-out-my-dotfiles/index.html
View File

@@ -579,16 +579,6 @@ template {
See: https://getbootstrap.com/docs/5.0/layout/breakpoints/#available-breakpoints
*/
@custom-media --sm (min-width: 576px);
@custom-media --md (min-width: 768px);
@custom-media --lg (min-width: 992px);
@custom-media --xl (min-width: 1200px);
@custom-media --xxl (min-width: 1400px);
:root[data-theme="light"] {
--bg: var(--bg0);
--bg0: #fbf1c7;
@@ -765,7 +755,7 @@ h3 {
font-size: 1.625rem;
}
@media (--md) {
@media (min-width: 768px) {
h1 {
font-size: 2.375rem;
}
@@ -967,7 +957,7 @@ footer {
top: 2rem;
}
@media (--lg) {
@media (min-width: 992px) {
.sidebar {
display: flex;
@@ -1008,7 +998,7 @@ header {
display: none;
}
@media (--md) {
@media (min-width: 768px) {
.logo__text {
display: block;
}
@@ -1061,7 +1051,7 @@ header {
z-index: 1000;
}
@media (--md) {
@media (min-width: 768px) {
.search {
position: relative;
}
@@ -1167,7 +1157,7 @@ nav#menu ul.menu--horizontal li {
margin: 0 0.75rem;
}
@media (--md) {
@media (min-width: 768px) {
nav#menu ul.menu--horizontal {
display: flex;
@@ -1258,7 +1248,7 @@ nav#menu .menu__burger input {
transform: translate(0, -6px) rotate(-45deg);
}
@media (--md) {
@media (min-width: 768px) {
nav#menu .menu__burger {
display: none;
@@ -1494,7 +1484,7 @@ h1:hover .post-heading__anchor, h2:hover .post-heading__anchor, h3:hover .post-h
flex-flow: column;
}
@media (--md) {
@media (min-width: 768px) {
.jr__item-meta {
align-items: center;
flex-flow: row wrap;
@@ -1583,7 +1573,7 @@ h1:hover .post-heading__anchor, h2:hover .post-heading__anchor, h3:hover .post-h
}
*/
</style><link rel=preload href="/css/non-critical.67cb283542b48f68e77ea69ecc88c660d6cd3c5286d9f66a72c693a6d009b5745c627a5b065dab9c3583e47513e8845d4c7aa57bd4c4847fa4fca61ae5258681.css" as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-Z8soNUK0j2jnfqaezIjGYNbNPFKG2fZqcsaTptAJtXRcYnpbBl2rnDWD5HUT6IRdTHqle9TEhH+k/KYa5SWGgQ=="><link id=prism-dark rel=preload href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link id=prism-light rel=preload href=/prism-themes/prism-gruvbox-light.min.42a221741efe997fcc94187c39d63c555560678789ac9ca856c74a5f0ddb2aa6c50d38b2ffbecc7a99038cbbd2efa99746e862267f781c559e0cfec10b88a5fc.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-QqIhdB7+mX/MlBh8OdY8VVVgZ4eJrJyoVsdKXw3bKqbFDTiy/77MepkDjLvS76mXRuhiJn94HFWeDP7BC4il/A==" disabled><noscript><link rel=stylesheet href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link rel=stylesheet href="/css/non-critical.67cb283542b48f68e77ea69ecc88c660d6cd3c5286d9f66a72c693a6d009b5745c627a5b065dab9c3583e47513e8845d4c7aa57bd4c4847fa4fca61ae5258681.css" integrity="sha512-Z8soNUK0j2jnfqaezIjGYNbNPFKG2fZqcsaTptAJtXRcYnpbBl2rnDWD5HUT6IRdTHqle9TEhH+k/KYa5SWGgQ=="></noscript><script>(()=>{function n(){if(localStorage&&localStorage.getItem("theme"))return localStorage.getItem("theme");if(window.matchMedia)return window.matchMedia("(prefers-color-scheme: light)").matches?"light":"dark"}function e(e){document.documentElement.setAttribute("data-theme",e);let t=document.getElementById("prism-dark"),n=document.getElementById("prism-light");t.toggleAttribute("disabled",e==="light"),n.toggleAttribute("disabled",e==="dark"),localStorage.setItem("theme",e)}var t=n();t&&e(t);function s(t){let n=t.currentTarget.classList.contains("light--hidden")?"light":"dark";e(n)}document.addEventListener("DOMContentLoaded",function(){document.querySelectorAll(".theme__toggle").forEach(e=>{e.addEventListener("click",s)})})})()</script><link rel=apple-touch-icon sizes=180x180 href=/apple-touch-icon.png><link rel=icon type=image/png sizes=32x32 href=/favicon-32x32.png><link rel=icon type=image/png sizes=16x16 href=/favicon-16x16.png><link rel=manifest href=/site.webmanifest><link rel=mask-icon href=/safari-pinned-tab.svg color=#282828><meta name=msapplication-TileColor content="#282828"><meta name=theme-color content="#282828"></head><body><div class=layout><header><a class=logo href=/><div class=logo__text>davegallant.ca</div><div class=logo__chevron>></div><div class=logo__cursor></div></a><div class=search><input id=search__text type=search placeholder=Search... aria-label=Search autocomplete=off><div id=search__suggestions class=search__suggestions--hidden></div></div><nav id=menu><ul class=menu--horizontal><li class=menu__item><a href=/index.xml>RSS</a></li></ul><div class=menu__burger><input class=menu__item type=checkbox aria-label="Open main menu"><svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-menu-2" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M4 6h16"/><path d="M4 12h16"/><path d="M4 18h16"/></svg><ul class=menu--vertical><li><a class=menu__item href=/index.xml>RSS</a></li></ul></div></nav><button class="theme__toggle light--hidden" aria-label="Toggle light mode">
</style><link rel=preload href="/css/non-critical.fda4fe26932451ba1f7ab9430bf51f2047a023a1dcd0748e27f117a9cf8462bd2a9a27cb13f7f889850e85728f11cc1dbbd025849fe9f66e87a95305d6735f9f.css" as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-/aT+JpMkUboferlDC/UfIEegI6Hc0HSOJ/EXqc+EYr0qmifLE/f4iYUOhXKPEcwdu9AlhJ/p9m6HqVMF1nNfnw=="><link id=prism-dark rel=preload href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link id=prism-light rel=preload href=/prism-themes/prism-gruvbox-light.min.42a221741efe997fcc94187c39d63c555560678789ac9ca856c74a5f0ddb2aa6c50d38b2ffbecc7a99038cbbd2efa99746e862267f781c559e0cfec10b88a5fc.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-QqIhdB7+mX/MlBh8OdY8VVVgZ4eJrJyoVsdKXw3bKqbFDTiy/77MepkDjLvS76mXRuhiJn94HFWeDP7BC4il/A==" disabled><noscript><link rel=stylesheet href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link rel=stylesheet href="/css/non-critical.fda4fe26932451ba1f7ab9430bf51f2047a023a1dcd0748e27f117a9cf8462bd2a9a27cb13f7f889850e85728f11cc1dbbd025849fe9f66e87a95305d6735f9f.css" integrity="sha512-/aT+JpMkUboferlDC/UfIEegI6Hc0HSOJ/EXqc+EYr0qmifLE/f4iYUOhXKPEcwdu9AlhJ/p9m6HqVMF1nNfnw=="></noscript><script>(()=>{function n(){if(localStorage&&localStorage.getItem("theme"))return localStorage.getItem("theme");if(window.matchMedia)return window.matchMedia("(prefers-color-scheme: light)").matches?"light":"dark"}function e(e){document.documentElement.setAttribute("data-theme",e);let t=document.getElementById("prism-dark"),n=document.getElementById("prism-light");t.toggleAttribute("disabled",e==="light"),n.toggleAttribute("disabled",e==="dark"),localStorage.setItem("theme",e)}var t=n();t&&e(t);function s(t){let n=t.currentTarget.classList.contains("light--hidden")?"light":"dark";e(n)}document.addEventListener("DOMContentLoaded",function(){document.querySelectorAll(".theme__toggle").forEach(e=>{e.addEventListener("click",s)})})})()</script><link rel=apple-touch-icon sizes=180x180 href=/apple-touch-icon.png><link rel=icon type=image/png sizes=32x32 href=/favicon-32x32.png><link rel=icon type=image/png sizes=16x16 href=/favicon-16x16.png><link rel=manifest href=/site.webmanifest><link rel=mask-icon href=/safari-pinned-tab.svg color=#282828><meta name=msapplication-TileColor content="#282828"><meta name=theme-color content="#282828"></head><body><div class=layout><header><a class=logo href=/><div class=logo__text>davegallant.ca</div><div class=logo__chevron>></div><div class=logo__cursor></div></a><div class=search><input id=search__text type=search placeholder=Search... aria-label=Search autocomplete=off><div id=search__suggestions class=search__suggestions--hidden></div></div><nav id=menu><ul class=menu--horizontal><li class=menu__item><a href=/index.xml>RSS</a></li></ul><div class=menu__burger><input class=menu__item type=checkbox aria-label="Open main menu"><svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-menu-2" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M4 6h16"/><path d="M4 12h16"/><path d="M4 18h16"/></svg><ul class=menu--vertical><li><a class=menu__item href=/index.xml>RSS</a></li></ul></div></nav><button class="theme__toggle light--hidden" aria-label="Toggle light mode">
<svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-sun" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M12 12m-4 0a4 4 0 108 0 4 4 0 10-8 0"/><path d="M3 12h1m8-9v1m8 8h1m-9 8v1M5.6 5.6l.7.7m12.1-.7-.7.7m0 11.4.7.7m-12.1-.7-.7.7"/></svg></button>
<button class="theme__toggle dark--hidden" aria-label="Toggle dark mode"><svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-moon" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M12 3c.132.0.263.0.393.0a7.5 7.5.0 007.92 12.446A9 9 0 1112 2.992z"/></svg></button></header><main><div class=content><article class=post><div class=post-header><h1>Why I threw out my dotfiles</h1><div class=post-meta><span>2021-09-08</span><span> (updated: 2024-01-01)</span><div class=post-tags><a class=post-tag href=/tags/nix>nix</a><a class=post-tag href=/tags/dotfiles>dotfiles</a><a class=post-tag href=/tags/home-manager>home&#8209;manager</a></div></div></div><div class=post-content><p>Over the years I have collected a number of dotfiles that I have shared across both Linux and macOS machines (<code>~/.zshrc</code>, <code>~/.config/git/config</code>, <code>~/.config/tmux/tmux.conf</code>, etc). I have tried several different ways to manage them, including <a href=https://www.atlassian.com/git/tutorials/dotfiles class=link--external target=_blank rel=noreferrer>bare git repos</a> and utilities such as <a href=https://www.gnu.org/software/stow/ class=link--external target=_blank rel=noreferrer>GNU Stow</a>. These solutions work well enough, but I have since found what I would consider a much better solution for organizing user configuration: <a href=https://github.com/nix-community/home-manager class=link--external target=_blank rel=noreferrer>home-manager</a>.</p><h2 id=what-is-home-manager>What is home-manager?<a href=#what-is-home-manager class=post-heading__anchor aria-hidden=true>#</a></h2><p>Before understanding home-manager, it is worth briefly discussing what nix is. <a href=https://nixos.org/ class=link--external target=_blank rel=noreferrer>nix</a> is a package manager that originally spawned from a <a href=https://edolstra.github.io/pubs/phd-thesis.pdf class=link--external target=_blank rel=noreferrer>PhD thesis</a>. Unlike other package managers, it uses symbolic links to keep track of the currently installed packages, keeping around the old ones in case you may want to rollback.</p><p>For example, I have used nix to install the package <a href="https://search.nixos.org/packages?channel=unstable&amp;show=bind&amp;from=0&amp;size=50&amp;sort=relevance&amp;type=packages&amp;query=bind" class=link--external target=_blank rel=noreferrer>bind</a> which includes <code>dig</code>. You can see that it is available on multiple platforms. The absolute path of <code>dig</code> can be found by running:</p><div class=highlight><pre tabindex=0 style=color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4><code class=language-console data-lang=console><span style=display:flex><span>$ ls -lh <span style=color:#66d9ef>$(</span>which dig<span style=color:#66d9ef>)</span>
</span></span><span style=display:flex><span>lrwxr-xr-x 73 root 31 Dec 1969 /run/current-system/sw/bin/dig -&gt; /nix/store/0r4qdyprljd3dki57jn6c6a8dh2rbg9g-bind-9.16.16-dnsutils/bin/dig

26
blog/2021/09/17/automatically-rotating-aws-access-keys/index.html
View File

File diff suppressed because one or more lines are too long

26
blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/index.html
View File

@@ -579,16 +579,6 @@ template {
See: https://getbootstrap.com/docs/5.0/layout/breakpoints/#available-breakpoints
*/
@custom-media --sm (min-width: 576px);
@custom-media --md (min-width: 768px);
@custom-media --lg (min-width: 992px);
@custom-media --xl (min-width: 1200px);
@custom-media --xxl (min-width: 1400px);
:root[data-theme="light"] {
--bg: var(--bg0);
--bg0: #fbf1c7;
@@ -765,7 +755,7 @@ h3 {
font-size: 1.625rem;
}
@media (--md) {
@media (min-width: 768px) {
h1 {
font-size: 2.375rem;
}
@@ -967,7 +957,7 @@ footer {
top: 2rem;
}
@media (--lg) {
@media (min-width: 992px) {
.sidebar {
display: flex;
@@ -1008,7 +998,7 @@ header {
display: none;
}
@media (--md) {
@media (min-width: 768px) {
.logo__text {
display: block;
}
@@ -1061,7 +1051,7 @@ header {
z-index: 1000;
}
@media (--md) {
@media (min-width: 768px) {
.search {
position: relative;
}
@@ -1167,7 +1157,7 @@ nav#menu ul.menu--horizontal li {
margin: 0 0.75rem;
}
@media (--md) {
@media (min-width: 768px) {
nav#menu ul.menu--horizontal {
display: flex;
@@ -1258,7 +1248,7 @@ nav#menu .menu__burger input {
transform: translate(0, -6px) rotate(-45deg);
}
@media (--md) {
@media (min-width: 768px) {
nav#menu .menu__burger {
display: none;
@@ -1494,7 +1484,7 @@ h1:hover .post-heading__anchor, h2:hover .post-heading__anchor, h3:hover .post-h
flex-flow: column;
}
@media (--md) {
@media (min-width: 768px) {
.jr__item-meta {
align-items: center;
flex-flow: row wrap;
@@ -1583,7 +1573,7 @@ h1:hover .post-heading__anchor, h2:hover .post-heading__anchor, h3:hover .post-h
}
*/
</style><link rel=preload href="/css/non-critical.67cb283542b48f68e77ea69ecc88c660d6cd3c5286d9f66a72c693a6d009b5745c627a5b065dab9c3583e47513e8845d4c7aa57bd4c4847fa4fca61ae5258681.css" as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-Z8soNUK0j2jnfqaezIjGYNbNPFKG2fZqcsaTptAJtXRcYnpbBl2rnDWD5HUT6IRdTHqle9TEhH+k/KYa5SWGgQ=="><link id=prism-dark rel=preload href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link id=prism-light rel=preload href=/prism-themes/prism-gruvbox-light.min.42a221741efe997fcc94187c39d63c555560678789ac9ca856c74a5f0ddb2aa6c50d38b2ffbecc7a99038cbbd2efa99746e862267f781c559e0cfec10b88a5fc.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-QqIhdB7+mX/MlBh8OdY8VVVgZ4eJrJyoVsdKXw3bKqbFDTiy/77MepkDjLvS76mXRuhiJn94HFWeDP7BC4il/A==" disabled><noscript><link rel=stylesheet href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link rel=stylesheet href="/css/non-critical.67cb283542b48f68e77ea69ecc88c660d6cd3c5286d9f66a72c693a6d009b5745c627a5b065dab9c3583e47513e8845d4c7aa57bd4c4847fa4fca61ae5258681.css" integrity="sha512-Z8soNUK0j2jnfqaezIjGYNbNPFKG2fZqcsaTptAJtXRcYnpbBl2rnDWD5HUT6IRdTHqle9TEhH+k/KYa5SWGgQ=="></noscript><script>(()=>{function n(){if(localStorage&&localStorage.getItem("theme"))return localStorage.getItem("theme");if(window.matchMedia)return window.matchMedia("(prefers-color-scheme: light)").matches?"light":"dark"}function e(e){document.documentElement.setAttribute("data-theme",e);let t=document.getElementById("prism-dark"),n=document.getElementById("prism-light");t.toggleAttribute("disabled",e==="light"),n.toggleAttribute("disabled",e==="dark"),localStorage.setItem("theme",e)}var t=n();t&&e(t);function s(t){let n=t.currentTarget.classList.contains("light--hidden")?"light":"dark";e(n)}document.addEventListener("DOMContentLoaded",function(){document.querySelectorAll(".theme__toggle").forEach(e=>{e.addEventListener("click",s)})})})()</script><link rel=apple-touch-icon sizes=180x180 href=/apple-touch-icon.png><link rel=icon type=image/png sizes=32x32 href=/favicon-32x32.png><link rel=icon type=image/png sizes=16x16 href=/favicon-16x16.png><link rel=manifest href=/site.webmanifest><link rel=mask-icon href=/safari-pinned-tab.svg color=#282828><meta name=msapplication-TileColor content="#282828"><meta name=theme-color content="#282828"></head><body><div class=layout><header><a class=logo href=/><div class=logo__text>davegallant.ca</div><div class=logo__chevron>></div><div class=logo__cursor></div></a><div class=search><input id=search__text type=search placeholder=Search... aria-label=Search autocomplete=off><div id=search__suggestions class=search__suggestions--hidden></div></div><nav id=menu><ul class=menu--horizontal><li class=menu__item><a href=/index.xml>RSS</a></li></ul><div class=menu__burger><input class=menu__item type=checkbox aria-label="Open main menu"><svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-menu-2" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M4 6h16"/><path d="M4 12h16"/><path d="M4 18h16"/></svg><ul class=menu--vertical><li><a class=menu__item href=/index.xml>RSS</a></li></ul></div></nav><button class="theme__toggle light--hidden" aria-label="Toggle light mode">
</style><link rel=preload href="/css/non-critical.fda4fe26932451ba1f7ab9430bf51f2047a023a1dcd0748e27f117a9cf8462bd2a9a27cb13f7f889850e85728f11cc1dbbd025849fe9f66e87a95305d6735f9f.css" as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-/aT+JpMkUboferlDC/UfIEegI6Hc0HSOJ/EXqc+EYr0qmifLE/f4iYUOhXKPEcwdu9AlhJ/p9m6HqVMF1nNfnw=="><link id=prism-dark rel=preload href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link id=prism-light rel=preload href=/prism-themes/prism-gruvbox-light.min.42a221741efe997fcc94187c39d63c555560678789ac9ca856c74a5f0ddb2aa6c50d38b2ffbecc7a99038cbbd2efa99746e862267f781c559e0cfec10b88a5fc.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-QqIhdB7+mX/MlBh8OdY8VVVgZ4eJrJyoVsdKXw3bKqbFDTiy/77MepkDjLvS76mXRuhiJn94HFWeDP7BC4il/A==" disabled><noscript><link rel=stylesheet href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link rel=stylesheet href="/css/non-critical.fda4fe26932451ba1f7ab9430bf51f2047a023a1dcd0748e27f117a9cf8462bd2a9a27cb13f7f889850e85728f11cc1dbbd025849fe9f66e87a95305d6735f9f.css" integrity="sha512-/aT+JpMkUboferlDC/UfIEegI6Hc0HSOJ/EXqc+EYr0qmifLE/f4iYUOhXKPEcwdu9AlhJ/p9m6HqVMF1nNfnw=="></noscript><script>(()=>{function n(){if(localStorage&&localStorage.getItem("theme"))return localStorage.getItem("theme");if(window.matchMedia)return window.matchMedia("(prefers-color-scheme: light)").matches?"light":"dark"}function e(e){document.documentElement.setAttribute("data-theme",e);let t=document.getElementById("prism-dark"),n=document.getElementById("prism-light");t.toggleAttribute("disabled",e==="light"),n.toggleAttribute("disabled",e==="dark"),localStorage.setItem("theme",e)}var t=n();t&&e(t);function s(t){let n=t.currentTarget.classList.contains("light--hidden")?"light":"dark";e(n)}document.addEventListener("DOMContentLoaded",function(){document.querySelectorAll(".theme__toggle").forEach(e=>{e.addEventListener("click",s)})})})()</script><link rel=apple-touch-icon sizes=180x180 href=/apple-touch-icon.png><link rel=icon type=image/png sizes=32x32 href=/favicon-32x32.png><link rel=icon type=image/png sizes=16x16 href=/favicon-16x16.png><link rel=manifest href=/site.webmanifest><link rel=mask-icon href=/safari-pinned-tab.svg color=#282828><meta name=msapplication-TileColor content="#282828"><meta name=theme-color content="#282828"></head><body><div class=layout><header><a class=logo href=/><div class=logo__text>davegallant.ca</div><div class=logo__chevron>></div><div class=logo__cursor></div></a><div class=search><input id=search__text type=search placeholder=Search... aria-label=Search autocomplete=off><div id=search__suggestions class=search__suggestions--hidden></div></div><nav id=menu><ul class=menu--horizontal><li class=menu__item><a href=/index.xml>RSS</a></li></ul><div class=menu__burger><input class=menu__item type=checkbox aria-label="Open main menu"><svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-menu-2" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M4 6h16"/><path d="M4 12h16"/><path d="M4 18h16"/></svg><ul class=menu--vertical><li><a class=menu__item href=/index.xml>RSS</a></li></ul></div></nav><button class="theme__toggle light--hidden" aria-label="Toggle light mode">
<svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-sun" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M12 12m-4 0a4 4 0 108 0 4 4 0 10-8 0"/><path d="M3 12h1m8-9v1m8 8h1m-9 8v1M5.6 5.6l.7.7m12.1-.7-.7.7m0 11.4.7.7m-12.1-.7-.7.7"/></svg></button>
<button class="theme__toggle dark--hidden" aria-label="Toggle dark mode"><svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-moon" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M12 3c.132.0.263.0.393.0a7.5 7.5.0 007.92 12.446A9 9 0 1112 2.992z"/></svg></button></header><main><div class=content><article class=post><div class=post-header><h1>Replacing docker with podman on macOS (and Linux)</h1><div class=post-meta><span>2021-10-11</span><span> (updated: 2024-01-02)</span><div class=post-tags><a class=post-tag href=/tags/docker>docker</a><a class=post-tag href=/tags/podman>podman</a><a class=post-tag href=/tags/containers>containers</a></div></div></div><div class=post-content><p>There are a number of reasons why you might want to replace docker, especially on macOS. The following feature bundled in Docker Desktop might have motivated you enough to consider replacing docker:</p><blockquote class=twitter-tweet><p lang=en dir=ltr>...ignoring Docker updates is a paid feature now?? <a href=https://t.co/ZxKW3b9LQM>pic.twitter.com/ZxKW3b9LQM</a></p>&mdash; Brendan Dolan-Gavitt (@moyix) <a href="https://twitter.com/moyix/status/1388586550682861568?ref_src=twsrc%5Etfw">May 1, 2021</a></blockquote><script async src=https://platform.twitter.com/widgets.js></script><p>Docker has been one of the larger influencers in the container world, helping to standardize the <a href=https://github.com/opencontainers/image-spec/blob/main/spec.md class=link--external target=_blank rel=noreferrer>OCI Image Format Specification</a>. For many developers, containers have become synonymous with terms like <code>docker</code> and <code>Dockerfile</code> (a file containing build instructions for a container image). Docker has certainly made it very convenient to build and run containers, but it is not the only solution for doing so.</p><p>This post briefly describes my experience swapping out docker for podman on macOS.</p><h3 id=what-is-a-container>What is a container?<a href=#what-is-a-container class=post-heading__anchor aria-hidden=true>#</a></h3><p>A container is a standard unit of software that packages up all application dependencies within it. Multiple containers can be run on a host machine all sharing the same kernel as the host. Linux namespaces help provide an isolated view of the system, including mnt, pid, net, ipc, uid, cgroup, and time. There is an <a href="https://www.youtube.com/watch?v=sK5i-N34im8" class=link--external target=_blank rel=noreferrer>in-depth video</a> that discusses what containers are made from, and <a href="https://youtu.be/sK5i-N34im8?t=2468" class=link--external target=_blank rel=noreferrer>near the end</a> there is a demonstration on how to build your own containers from the command line.</p><p>By easily allowing the necessary dependencies to live alongside the application code, containers make the &ldquo;works on my machine&rdquo; problem less of a problem.</p><h3 id=benefits-of-podman>Benefits of Podman<a href=#benefits-of-podman class=post-heading__anchor aria-hidden=true>#</a></h3><p>One of the most interesting features of Podman is that it is daemonless. There isn&rsquo;t a process running on your system managing your containers. In contrast, the docker client is reliant upon the docker daemon (often running as root) to be able to build and run containers.</p><p>Podman is rootless by default. It is now possible to <a href=https://docs.docker.com/engine/security/rootless/ class=link--external target=_blank rel=noreferrer>run the docker daemon rootless</a> as well, but it&rsquo;s still not the default behaviour.</p><p>I&rsquo;ve also observed that so far my 2019 16" Macbook Pro hasn&rsquo;t sounded like a jet engine, although I haven&rsquo;t performed any disk-intensive operations yet.</p><h3 id=installing-podman>Installing Podman<a href=#installing-podman class=post-heading__anchor aria-hidden=true>#</a></h3><p>Running Podman on macOS is more involved than on Linux, because the podman-machine must run Linux inside of a virtual machine. Fortunately, the installation is made simple with <a href=https://formulae.brew.sh/formula/podman class=link--external target=_blank rel=noreferrer>brew</a> (read <a href=https://podman.io/getting-started/installation#linux-distributions class=link--external target=_blank rel=noreferrer>this</a> if you&rsquo;re installing Podman on Linux):</p><div class=highlight><pre tabindex=0 style=color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4><code class=language-sh data-lang=sh><span style=display:flex><span>brew install podman
</span></span></code></pre></div><p>The podman-machine must be started:</p><div class=highlight><pre tabindex=0 style=color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4><code class=language-sh data-lang=sh><span style=display:flex><span><span style=color:#75715e># This is not necessary on Linux</span>

26
blog/2021/11/14/running-k3s-in-lxc-on-proxmox/index.html
View File

@@ -578,16 +578,6 @@ template {
See: https://getbootstrap.com/docs/5.0/layout/breakpoints/#available-breakpoints
*/
@custom-media --sm (min-width: 576px);
@custom-media --md (min-width: 768px);
@custom-media --lg (min-width: 992px);
@custom-media --xl (min-width: 1200px);
@custom-media --xxl (min-width: 1400px);
:root[data-theme="light"] {
--bg: var(--bg0);
--bg0: #fbf1c7;
@@ -764,7 +754,7 @@ h3 {
font-size: 1.625rem;
}
@media (--md) {
@media (min-width: 768px) {
h1 {
font-size: 2.375rem;
}
@@ -966,7 +956,7 @@ footer {
top: 2rem;
}
@media (--lg) {
@media (min-width: 992px) {
.sidebar {
display: flex;
@@ -1007,7 +997,7 @@ header {
display: none;
}
@media (--md) {
@media (min-width: 768px) {
.logo__text {
display: block;
}
@@ -1060,7 +1050,7 @@ header {
z-index: 1000;
}
@media (--md) {
@media (min-width: 768px) {
.search {
position: relative;
}
@@ -1166,7 +1156,7 @@ nav#menu ul.menu--horizontal li {
margin: 0 0.75rem;
}
@media (--md) {
@media (min-width: 768px) {
nav#menu ul.menu--horizontal {
display: flex;
@@ -1257,7 +1247,7 @@ nav#menu .menu__burger input {
transform: translate(0, -6px) rotate(-45deg);
}
@media (--md) {
@media (min-width: 768px) {
nav#menu .menu__burger {
display: none;
@@ -1493,7 +1483,7 @@ h1:hover .post-heading__anchor, h2:hover .post-heading__anchor, h3:hover .post-h
flex-flow: column;
}
@media (--md) {
@media (min-width: 768px) {
.jr__item-meta {
align-items: center;
flex-flow: row wrap;
@@ -1582,7 +1572,7 @@ h1:hover .post-heading__anchor, h2:hover .post-heading__anchor, h3:hover .post-h
}
*/
</style><link rel=preload href="/css/non-critical.67cb283542b48f68e77ea69ecc88c660d6cd3c5286d9f66a72c693a6d009b5745c627a5b065dab9c3583e47513e8845d4c7aa57bd4c4847fa4fca61ae5258681.css" as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-Z8soNUK0j2jnfqaezIjGYNbNPFKG2fZqcsaTptAJtXRcYnpbBl2rnDWD5HUT6IRdTHqle9TEhH+k/KYa5SWGgQ=="><link id=prism-dark rel=preload href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link id=prism-light rel=preload href=/prism-themes/prism-gruvbox-light.min.42a221741efe997fcc94187c39d63c555560678789ac9ca856c74a5f0ddb2aa6c50d38b2ffbecc7a99038cbbd2efa99746e862267f781c559e0cfec10b88a5fc.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-QqIhdB7+mX/MlBh8OdY8VVVgZ4eJrJyoVsdKXw3bKqbFDTiy/77MepkDjLvS76mXRuhiJn94HFWeDP7BC4il/A==" disabled><noscript><link rel=stylesheet href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link rel=stylesheet href="/css/non-critical.67cb283542b48f68e77ea69ecc88c660d6cd3c5286d9f66a72c693a6d009b5745c627a5b065dab9c3583e47513e8845d4c7aa57bd4c4847fa4fca61ae5258681.css" integrity="sha512-Z8soNUK0j2jnfqaezIjGYNbNPFKG2fZqcsaTptAJtXRcYnpbBl2rnDWD5HUT6IRdTHqle9TEhH+k/KYa5SWGgQ=="></noscript><script>(()=>{function n(){if(localStorage&&localStorage.getItem("theme"))return localStorage.getItem("theme");if(window.matchMedia)return window.matchMedia("(prefers-color-scheme: light)").matches?"light":"dark"}function e(e){document.documentElement.setAttribute("data-theme",e);let t=document.getElementById("prism-dark"),n=document.getElementById("prism-light");t.toggleAttribute("disabled",e==="light"),n.toggleAttribute("disabled",e==="dark"),localStorage.setItem("theme",e)}var t=n();t&&e(t);function s(t){let n=t.currentTarget.classList.contains("light--hidden")?"light":"dark";e(n)}document.addEventListener("DOMContentLoaded",function(){document.querySelectorAll(".theme__toggle").forEach(e=>{e.addEventListener("click",s)})})})()</script><link rel=apple-touch-icon sizes=180x180 href=/apple-touch-icon.png><link rel=icon type=image/png sizes=32x32 href=/favicon-32x32.png><link rel=icon type=image/png sizes=16x16 href=/favicon-16x16.png><link rel=manifest href=/site.webmanifest><link rel=mask-icon href=/safari-pinned-tab.svg color=#282828><meta name=msapplication-TileColor content="#282828"><meta name=theme-color content="#282828"></head><body><div class=layout><header><a class=logo href=/><div class=logo__text>davegallant.ca</div><div class=logo__chevron>></div><div class=logo__cursor></div></a><div class=search><input id=search__text type=search placeholder=Search... aria-label=Search autocomplete=off><div id=search__suggestions class=search__suggestions--hidden></div></div><nav id=menu><ul class=menu--horizontal><li class=menu__item><a href=/index.xml>RSS</a></li></ul><div class=menu__burger><input class=menu__item type=checkbox aria-label="Open main menu"><svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-menu-2" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M4 6h16"/><path d="M4 12h16"/><path d="M4 18h16"/></svg><ul class=menu--vertical><li><a class=menu__item href=/index.xml>RSS</a></li></ul></div></nav><button class="theme__toggle light--hidden" aria-label="Toggle light mode">
</style><link rel=preload href="/css/non-critical.fda4fe26932451ba1f7ab9430bf51f2047a023a1dcd0748e27f117a9cf8462bd2a9a27cb13f7f889850e85728f11cc1dbbd025849fe9f66e87a95305d6735f9f.css" as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-/aT+JpMkUboferlDC/UfIEegI6Hc0HSOJ/EXqc+EYr0qmifLE/f4iYUOhXKPEcwdu9AlhJ/p9m6HqVMF1nNfnw=="><link id=prism-dark rel=preload href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link id=prism-light rel=preload href=/prism-themes/prism-gruvbox-light.min.42a221741efe997fcc94187c39d63c555560678789ac9ca856c74a5f0ddb2aa6c50d38b2ffbecc7a99038cbbd2efa99746e862267f781c559e0cfec10b88a5fc.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-QqIhdB7+mX/MlBh8OdY8VVVgZ4eJrJyoVsdKXw3bKqbFDTiy/77MepkDjLvS76mXRuhiJn94HFWeDP7BC4il/A==" disabled><noscript><link rel=stylesheet href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link rel=stylesheet href="/css/non-critical.fda4fe26932451ba1f7ab9430bf51f2047a023a1dcd0748e27f117a9cf8462bd2a9a27cb13f7f889850e85728f11cc1dbbd025849fe9f66e87a95305d6735f9f.css" integrity="sha512-/aT+JpMkUboferlDC/UfIEegI6Hc0HSOJ/EXqc+EYr0qmifLE/f4iYUOhXKPEcwdu9AlhJ/p9m6HqVMF1nNfnw=="></noscript><script>(()=>{function n(){if(localStorage&&localStorage.getItem("theme"))return localStorage.getItem("theme");if(window.matchMedia)return window.matchMedia("(prefers-color-scheme: light)").matches?"light":"dark"}function e(e){document.documentElement.setAttribute("data-theme",e);let t=document.getElementById("prism-dark"),n=document.getElementById("prism-light");t.toggleAttribute("disabled",e==="light"),n.toggleAttribute("disabled",e==="dark"),localStorage.setItem("theme",e)}var t=n();t&&e(t);function s(t){let n=t.currentTarget.classList.contains("light--hidden")?"light":"dark";e(n)}document.addEventListener("DOMContentLoaded",function(){document.querySelectorAll(".theme__toggle").forEach(e=>{e.addEventListener("click",s)})})})()</script><link rel=apple-touch-icon sizes=180x180 href=/apple-touch-icon.png><link rel=icon type=image/png sizes=32x32 href=/favicon-32x32.png><link rel=icon type=image/png sizes=16x16 href=/favicon-16x16.png><link rel=manifest href=/site.webmanifest><link rel=mask-icon href=/safari-pinned-tab.svg color=#282828><meta name=msapplication-TileColor content="#282828"><meta name=theme-color content="#282828"></head><body><div class=layout><header><a class=logo href=/><div class=logo__text>davegallant.ca</div><div class=logo__chevron>></div><div class=logo__cursor></div></a><div class=search><input id=search__text type=search placeholder=Search... aria-label=Search autocomplete=off><div id=search__suggestions class=search__suggestions--hidden></div></div><nav id=menu><ul class=menu--horizontal><li class=menu__item><a href=/index.xml>RSS</a></li></ul><div class=menu__burger><input class=menu__item type=checkbox aria-label="Open main menu"><svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-menu-2" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M4 6h16"/><path d="M4 12h16"/><path d="M4 18h16"/></svg><ul class=menu--vertical><li><a class=menu__item href=/index.xml>RSS</a></li></ul></div></nav><button class="theme__toggle light--hidden" aria-label="Toggle light mode">
<svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-sun" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M12 12m-4 0a4 4 0 108 0 4 4 0 10-8 0"/><path d="M3 12h1m8-9v1m8 8h1m-9 8v1M5.6 5.6l.7.7m12.1-.7-.7.7m0 11.4.7.7m-12.1-.7-.7.7"/></svg></button>
<button class="theme__toggle dark--hidden" aria-label="Toggle dark mode"><svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-moon" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M12 3c.132.0.263.0.393.0a7.5 7.5.0 007.92 12.446A9 9 0 1112 2.992z"/></svg></button></header><main><div class=content><article class=post><div class=post-header><h1>Running K3s in LXC on Proxmox</h1><div class=post-meta><span>2021-11-14</span><span> (updated: 2024-01-01)</span><div class=post-tags><a class=post-tag href=/tags/k3s>k3s</a><a class=post-tag href=/tags/proxmox>proxmox</a><a class=post-tag href=/tags/lxc>lxc</a><a class=post-tag href=/tags/self-hosted>self&#8209;hosted</a></div></div></div><div class=post-content><p>It has been a while since I&rsquo;ve actively used Kubernetes and wanted to explore the evolution of tools such as <a href=https://helm.sh class=link--external target=_blank rel=noreferrer>Helm</a> and <a href=https://tekton.dev class=link--external target=_blank rel=noreferrer>Tekton</a>. I decided to deploy <a href=https://k3s.io class=link--external target=_blank rel=noreferrer>K3s</a>, since I&rsquo;ve had success with deploying it on resource-contrained Raspberry Pis in the past. I thought that this time it&rsquo;d be convenient to have K3s running in a LXC container on Proxmox. This would allow for easy snapshotting of the entire Kubernetes deployment. LXC containers also provide an efficient way to use a machine&rsquo;s resources.</p><h2 id=what-is-k3s>What is K3s?<a href=#what-is-k3s class=post-heading__anchor aria-hidden=true>#</a></h2><p>K3s is a Kubernetes distro that advertises itself as a lightweight binary with a much smaller memory-footprint than traditional k8s. K3s is not a fork of k8s as it seeks to remain as close to upstream as it possibly can.</p><h2 id=configure-proxmox>Configure Proxmox<a href=#configure-proxmox class=post-heading__anchor aria-hidden=true>#</a></h2><p>This <a href=https://gist.github.com/triangletodd/02f595cd4c0dc9aac5f7763ca2264185 class=link--external target=_blank rel=noreferrer>gist</a> contains snippets and discussion on how to deploy K3s in LXC on Proxmox. It mentions that <code>bridge-nf-call-iptables</code> should be loaded, but I did not understand the benefit of doing this.</p><h2 id=disable-swap>Disable swap<a href=#disable-swap class=post-heading__anchor aria-hidden=true>#</a></h2><p>There is an issue on Kubernetes regarding swap <a href=https://github.com/kubernetes/kubernetes/issues/53533 class=link--external target=_blank rel=noreferrer>here</a>. There claims to be support for swap in 1.22, but for now let&rsquo;s disable it:</p><div class=highlight><pre tabindex=0 style=color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4><code class=language-shell data-lang=shell><span style=display:flex><span>sudo sysctl vm.swappiness<span style=color:#f92672>=</span><span style=color:#ae81ff>0</span>
</span></span><span style=display:flex><span>sudo swapoff -a

26
blog/2022/03/13/backing-up-gmail-with-synology/index.html
View File

File diff suppressed because one or more lines are too long

26
blog/2022/04/02/virtualizing-my-router-with-pfsense/index.html
View File

File diff suppressed because one or more lines are too long

26
blog/2022/12/10/watching-youtube-in-private/index.html
View File

@@ -579,16 +579,6 @@ template {
See: https://getbootstrap.com/docs/5.0/layout/breakpoints/#available-breakpoints
*/
@custom-media --sm (min-width: 576px);
@custom-media --md (min-width: 768px);
@custom-media --lg (min-width: 992px);
@custom-media --xl (min-width: 1200px);
@custom-media --xxl (min-width: 1400px);
:root[data-theme="light"] {
--bg: var(--bg0);
--bg0: #fbf1c7;
@@ -765,7 +755,7 @@ h3 {
font-size: 1.625rem;
}
@media (--md) {
@media (min-width: 768px) {
h1 {
font-size: 2.375rem;
}
@@ -967,7 +957,7 @@ footer {
top: 2rem;
}
@media (--lg) {
@media (min-width: 992px) {
.sidebar {
display: flex;
@@ -1008,7 +998,7 @@ header {
display: none;
}
@media (--md) {
@media (min-width: 768px) {
.logo__text {
display: block;
}
@@ -1061,7 +1051,7 @@ header {
z-index: 1000;
}
@media (--md) {
@media (min-width: 768px) {
.search {
position: relative;
}
@@ -1167,7 +1157,7 @@ nav#menu ul.menu--horizontal li {
margin: 0 0.75rem;
}
@media (--md) {
@media (min-width: 768px) {
nav#menu ul.menu--horizontal {
display: flex;
@@ -1258,7 +1248,7 @@ nav#menu .menu__burger input {
transform: translate(0, -6px) rotate(-45deg);
}
@media (--md) {
@media (min-width: 768px) {
nav#menu .menu__burger {
display: none;
@@ -1494,7 +1484,7 @@ h1:hover .post-heading__anchor, h2:hover .post-heading__anchor, h3:hover .post-h
flex-flow: column;
}
@media (--md) {
@media (min-width: 768px) {
.jr__item-meta {
align-items: center;
flex-flow: row wrap;
@@ -1583,7 +1573,7 @@ h1:hover .post-heading__anchor, h2:hover .post-heading__anchor, h3:hover .post-h
}
*/
</style><link rel=preload href="/css/non-critical.67cb283542b48f68e77ea69ecc88c660d6cd3c5286d9f66a72c693a6d009b5745c627a5b065dab9c3583e47513e8845d4c7aa57bd4c4847fa4fca61ae5258681.css" as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-Z8soNUK0j2jnfqaezIjGYNbNPFKG2fZqcsaTptAJtXRcYnpbBl2rnDWD5HUT6IRdTHqle9TEhH+k/KYa5SWGgQ=="><link id=prism-dark rel=preload href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link id=prism-light rel=preload href=/prism-themes/prism-gruvbox-light.min.42a221741efe997fcc94187c39d63c555560678789ac9ca856c74a5f0ddb2aa6c50d38b2ffbecc7a99038cbbd2efa99746e862267f781c559e0cfec10b88a5fc.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-QqIhdB7+mX/MlBh8OdY8VVVgZ4eJrJyoVsdKXw3bKqbFDTiy/77MepkDjLvS76mXRuhiJn94HFWeDP7BC4il/A==" disabled><noscript><link rel=stylesheet href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link rel=stylesheet href="/css/non-critical.67cb283542b48f68e77ea69ecc88c660d6cd3c5286d9f66a72c693a6d009b5745c627a5b065dab9c3583e47513e8845d4c7aa57bd4c4847fa4fca61ae5258681.css" integrity="sha512-Z8soNUK0j2jnfqaezIjGYNbNPFKG2fZqcsaTptAJtXRcYnpbBl2rnDWD5HUT6IRdTHqle9TEhH+k/KYa5SWGgQ=="></noscript><script>(()=>{function n(){if(localStorage&&localStorage.getItem("theme"))return localStorage.getItem("theme");if(window.matchMedia)return window.matchMedia("(prefers-color-scheme: light)").matches?"light":"dark"}function e(e){document.documentElement.setAttribute("data-theme",e);let t=document.getElementById("prism-dark"),n=document.getElementById("prism-light");t.toggleAttribute("disabled",e==="light"),n.toggleAttribute("disabled",e==="dark"),localStorage.setItem("theme",e)}var t=n();t&&e(t);function s(t){let n=t.currentTarget.classList.contains("light--hidden")?"light":"dark";e(n)}document.addEventListener("DOMContentLoaded",function(){document.querySelectorAll(".theme__toggle").forEach(e=>{e.addEventListener("click",s)})})})()</script><link rel=apple-touch-icon sizes=180x180 href=/apple-touch-icon.png><link rel=icon type=image/png sizes=32x32 href=/favicon-32x32.png><link rel=icon type=image/png sizes=16x16 href=/favicon-16x16.png><link rel=manifest href=/site.webmanifest><link rel=mask-icon href=/safari-pinned-tab.svg color=#282828><meta name=msapplication-TileColor content="#282828"><meta name=theme-color content="#282828"></head><body><div class=layout><header><a class=logo href=/><div class=logo__text>davegallant.ca</div><div class=logo__chevron>></div><div class=logo__cursor></div></a><div class=search><input id=search__text type=search placeholder=Search... aria-label=Search autocomplete=off><div id=search__suggestions class=search__suggestions--hidden></div></div><nav id=menu><ul class=menu--horizontal><li class=menu__item><a href=/index.xml>RSS</a></li></ul><div class=menu__burger><input class=menu__item type=checkbox aria-label="Open main menu"><svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-menu-2" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M4 6h16"/><path d="M4 12h16"/><path d="M4 18h16"/></svg><ul class=menu--vertical><li><a class=menu__item href=/index.xml>RSS</a></li></ul></div></nav><button class="theme__toggle light--hidden" aria-label="Toggle light mode">
</style><link rel=preload href="/css/non-critical.fda4fe26932451ba1f7ab9430bf51f2047a023a1dcd0748e27f117a9cf8462bd2a9a27cb13f7f889850e85728f11cc1dbbd025849fe9f66e87a95305d6735f9f.css" as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-/aT+JpMkUboferlDC/UfIEegI6Hc0HSOJ/EXqc+EYr0qmifLE/f4iYUOhXKPEcwdu9AlhJ/p9m6HqVMF1nNfnw=="><link id=prism-dark rel=preload href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link id=prism-light rel=preload href=/prism-themes/prism-gruvbox-light.min.42a221741efe997fcc94187c39d63c555560678789ac9ca856c74a5f0ddb2aa6c50d38b2ffbecc7a99038cbbd2efa99746e862267f781c559e0cfec10b88a5fc.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-QqIhdB7+mX/MlBh8OdY8VVVgZ4eJrJyoVsdKXw3bKqbFDTiy/77MepkDjLvS76mXRuhiJn94HFWeDP7BC4il/A==" disabled><noscript><link rel=stylesheet href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link rel=stylesheet href="/css/non-critical.fda4fe26932451ba1f7ab9430bf51f2047a023a1dcd0748e27f117a9cf8462bd2a9a27cb13f7f889850e85728f11cc1dbbd025849fe9f66e87a95305d6735f9f.css" integrity="sha512-/aT+JpMkUboferlDC/UfIEegI6Hc0HSOJ/EXqc+EYr0qmifLE/f4iYUOhXKPEcwdu9AlhJ/p9m6HqVMF1nNfnw=="></noscript><script>(()=>{function n(){if(localStorage&&localStorage.getItem("theme"))return localStorage.getItem("theme");if(window.matchMedia)return window.matchMedia("(prefers-color-scheme: light)").matches?"light":"dark"}function e(e){document.documentElement.setAttribute("data-theme",e);let t=document.getElementById("prism-dark"),n=document.getElementById("prism-light");t.toggleAttribute("disabled",e==="light"),n.toggleAttribute("disabled",e==="dark"),localStorage.setItem("theme",e)}var t=n();t&&e(t);function s(t){let n=t.currentTarget.classList.contains("light--hidden")?"light":"dark";e(n)}document.addEventListener("DOMContentLoaded",function(){document.querySelectorAll(".theme__toggle").forEach(e=>{e.addEventListener("click",s)})})})()</script><link rel=apple-touch-icon sizes=180x180 href=/apple-touch-icon.png><link rel=icon type=image/png sizes=32x32 href=/favicon-32x32.png><link rel=icon type=image/png sizes=16x16 href=/favicon-16x16.png><link rel=manifest href=/site.webmanifest><link rel=mask-icon href=/safari-pinned-tab.svg color=#282828><meta name=msapplication-TileColor content="#282828"><meta name=theme-color content="#282828"></head><body><div class=layout><header><a class=logo href=/><div class=logo__text>davegallant.ca</div><div class=logo__chevron>></div><div class=logo__cursor></div></a><div class=search><input id=search__text type=search placeholder=Search... aria-label=Search autocomplete=off><div id=search__suggestions class=search__suggestions--hidden></div></div><nav id=menu><ul class=menu--horizontal><li class=menu__item><a href=/index.xml>RSS</a></li></ul><div class=menu__burger><input class=menu__item type=checkbox aria-label="Open main menu"><svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-menu-2" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M4 6h16"/><path d="M4 12h16"/><path d="M4 18h16"/></svg><ul class=menu--vertical><li><a class=menu__item href=/index.xml>RSS</a></li></ul></div></nav><button class="theme__toggle light--hidden" aria-label="Toggle light mode">
<svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-sun" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M12 12m-4 0a4 4 0 108 0 4 4 0 10-8 0"/><path d="M3 12h1m8-9v1m8 8h1m-9 8v1M5.6 5.6l.7.7m12.1-.7-.7.7m0 11.4.7.7m-12.1-.7-.7.7"/></svg></button>
<button class="theme__toggle dark--hidden" aria-label="Toggle dark mode"><svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-moon" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M12 3c.132.0.263.0.393.0a7.5 7.5.0 007.92 12.446A9 9 0 1112 2.992z"/></svg></button></header><main><div class=content><article class=post><div class=post-header><h1>Watching YouTube in private</h1><div class=post-meta><span>2022-12-10</span><span> (updated: 2024-01-02)</span><div class=post-tags><a class=post-tag href=/tags/invidious>invidious</a><a class=post-tag href=/tags/youtube>youtube</a><a class=post-tag href=/tags/yewtu.be>yewtu.be</a><a class=post-tag href=/tags/tailscale>tailscale</a><a class=post-tag href=/tags/privacy>privacy</a><a class=post-tag href=/tags/self-hosted>self&#8209;hosted</a></div></div></div><div class=post-content><p>I recently stumbled upon <a href=https://yewtu.be class=link--external target=_blank rel=noreferrer>yewtu.be</a> and found it intriguing. It not only allows you to watch YouTube without <em>being on YouTube</em>, but it also allows you to create an account and subscribe to channels without a Google account. What sort of wizardry is going on under the hood? It turns out that it&rsquo;s a hosted instance of <a href=https://invidious.io/ class=link--external target=_blank rel=noreferrer>invidious</a>.</p><p><picture><source type=image/webp srcset="/blog/2022/12/10/watching-youtube-in-private/computerphile_huab6e3127a0b06a834b4e3cd718370398_957247_300x0_resize_q75_h2_box_3.webp 300w,/blog/2022/12/10/watching-youtube-in-private/computerphile_huab6e3127a0b06a834b4e3cd718370398_957247_500x0_resize_q75_h2_box_3.webp 500w,/blog/2022/12/10/watching-youtube-in-private/computerphile_huab6e3127a0b06a834b4e3cd718370398_957247_700x0_resize_q75_h2_box_3.webp 700w" sizes="(max-width: 499px) 300px,(max-width: 699px) 500px,700px"><img src=/blog/2022/12/10/watching-youtube-in-private/computerphile.png srcset="/blog/2022/12/10/watching-youtube-in-private/computerphile_huab6e3127a0b06a834b4e3cd718370398_957247_300x0_resize_box_3.png 300w,/blog/2022/12/10/watching-youtube-in-private/computerphile_huab6e3127a0b06a834b4e3cd718370398_957247_500x0_resize_box_3.png 500w,/blog/2022/12/10/watching-youtube-in-private/computerphile_huab6e3127a0b06a834b4e3cd718370398_957247_700x0_resize_box_3.png 700w" sizes="(max-width: 499px) 300px,(max-width: 699px) 500px,700px" alt=image loading=lazy width=1625 height=1529></picture></p><p>The layout is simple, and <strong>JavaScript is not required</strong>.</p><p>I started using <a href=https://yewtu.be class=link--external target=_blank rel=noreferrer>yewtu.be</a> as my primary client for watching videos. I subscribe to several YouTube channels and I prefer the interface invidiuous provides due to its simplicity. It&rsquo;s also nice to be in control of my search and watch history.</p><p>A few days ago, yewtu.be went down briefly, and that motivated me enough to self-host invidious. There are several other hosted instances listed <a href=https://docs.invidious.io/instances/ class=link--external target=_blank rel=noreferrer>here</a>, but being able to easily backup my own instance (including subscriptions and watch history) is more compelling in my case.</p><h3 id=hosting-invidious>Hosting invidious<a href=#hosting-invidious class=post-heading__anchor aria-hidden=true>#</a></h3><p>The quickest way to get invidious up is with docker-compose as mentioned in the <a href=https://docs.invidious.io/installation/ class=link--external target=_blank rel=noreferrer>docs</a>.</p><p>I made a few modifications, and ended up with:</p><div class=highlight><pre tabindex=0 style=color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4><code class=language-yaml data-lang=yaml><span style=display:flex><span><span style=color:#f92672>version</span>: <span style=color:#e6db74>&#34;3&#34;</span>
</span></span><span style=display:flex><span><span style=color:#f92672>services</span>:

26
blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/index.html
View File

@@ -579,16 +579,6 @@ template {
See: https://getbootstrap.com/docs/5.0/layout/breakpoints/#available-breakpoints
*/
@custom-media --sm (min-width: 576px);
@custom-media --md (min-width: 768px);
@custom-media --lg (min-width: 992px);
@custom-media --xl (min-width: 1200px);
@custom-media --xxl (min-width: 1400px);
:root[data-theme="light"] {
--bg: var(--bg0);
--bg0: #fbf1c7;
@@ -765,7 +755,7 @@ h3 {
font-size: 1.625rem;
}
@media (--md) {
@media (min-width: 768px) {
h1 {
font-size: 2.375rem;
}
@@ -967,7 +957,7 @@ footer {
top: 2rem;
}
@media (--lg) {
@media (min-width: 992px) {
.sidebar {
display: flex;
@@ -1008,7 +998,7 @@ header {
display: none;
}
@media (--md) {
@media (min-width: 768px) {
.logo__text {
display: block;
}
@@ -1061,7 +1051,7 @@ header {
z-index: 1000;
}
@media (--md) {
@media (min-width: 768px) {
.search {
position: relative;
}
@@ -1167,7 +1157,7 @@ nav#menu ul.menu--horizontal li {
margin: 0 0.75rem;
}
@media (--md) {
@media (min-width: 768px) {
nav#menu ul.menu--horizontal {
display: flex;
@@ -1258,7 +1248,7 @@ nav#menu .menu__burger input {
transform: translate(0, -6px) rotate(-45deg);
}
@media (--md) {
@media (min-width: 768px) {
nav#menu .menu__burger {
display: none;
@@ -1494,7 +1484,7 @@ h1:hover .post-heading__anchor, h2:hover .post-heading__anchor, h3:hover .post-h
flex-flow: column;
}
@media (--md) {
@media (min-width: 768px) {
.jr__item-meta {
align-items: center;
flex-flow: row wrap;
@@ -1583,7 +1573,7 @@ h1:hover .post-heading__anchor, h2:hover .post-heading__anchor, h3:hover .post-h
}
*/
</style><link rel=preload href="/css/non-critical.67cb283542b48f68e77ea69ecc88c660d6cd3c5286d9f66a72c693a6d009b5745c627a5b065dab9c3583e47513e8845d4c7aa57bd4c4847fa4fca61ae5258681.css" as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-Z8soNUK0j2jnfqaezIjGYNbNPFKG2fZqcsaTptAJtXRcYnpbBl2rnDWD5HUT6IRdTHqle9TEhH+k/KYa5SWGgQ=="><link id=prism-dark rel=preload href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link id=prism-light rel=preload href=/prism-themes/prism-gruvbox-light.min.42a221741efe997fcc94187c39d63c555560678789ac9ca856c74a5f0ddb2aa6c50d38b2ffbecc7a99038cbbd2efa99746e862267f781c559e0cfec10b88a5fc.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-QqIhdB7+mX/MlBh8OdY8VVVgZ4eJrJyoVsdKXw3bKqbFDTiy/77MepkDjLvS76mXRuhiJn94HFWeDP7BC4il/A==" disabled><noscript><link rel=stylesheet href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link rel=stylesheet href="/css/non-critical.67cb283542b48f68e77ea69ecc88c660d6cd3c5286d9f66a72c693a6d009b5745c627a5b065dab9c3583e47513e8845d4c7aa57bd4c4847fa4fca61ae5258681.css" integrity="sha512-Z8soNUK0j2jnfqaezIjGYNbNPFKG2fZqcsaTptAJtXRcYnpbBl2rnDWD5HUT6IRdTHqle9TEhH+k/KYa5SWGgQ=="></noscript><script>(()=>{function n(){if(localStorage&&localStorage.getItem("theme"))return localStorage.getItem("theme");if(window.matchMedia)return window.matchMedia("(prefers-color-scheme: light)").matches?"light":"dark"}function e(e){document.documentElement.setAttribute("data-theme",e);let t=document.getElementById("prism-dark"),n=document.getElementById("prism-light");t.toggleAttribute("disabled",e==="light"),n.toggleAttribute("disabled",e==="dark"),localStorage.setItem("theme",e)}var t=n();t&&e(t);function s(t){let n=t.currentTarget.classList.contains("light--hidden")?"light":"dark";e(n)}document.addEventListener("DOMContentLoaded",function(){document.querySelectorAll(".theme__toggle").forEach(e=>{e.addEventListener("click",s)})})})()</script><link rel=apple-touch-icon sizes=180x180 href=/apple-touch-icon.png><link rel=icon type=image/png sizes=32x32 href=/favicon-32x32.png><link rel=icon type=image/png sizes=16x16 href=/favicon-16x16.png><link rel=manifest href=/site.webmanifest><link rel=mask-icon href=/safari-pinned-tab.svg color=#282828><meta name=msapplication-TileColor content="#282828"><meta name=theme-color content="#282828"></head><body><div class=layout><header><a class=logo href=/><div class=logo__text>davegallant.ca</div><div class=logo__chevron>></div><div class=logo__cursor></div></a><div class=search><input id=search__text type=search placeholder=Search... aria-label=Search autocomplete=off><div id=search__suggestions class=search__suggestions--hidden></div></div><nav id=menu><ul class=menu--horizontal><li class=menu__item><a href=/index.xml>RSS</a></li></ul><div class=menu__burger><input class=menu__item type=checkbox aria-label="Open main menu"><svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-menu-2" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M4 6h16"/><path d="M4 12h16"/><path d="M4 18h16"/></svg><ul class=menu--vertical><li><a class=menu__item href=/index.xml>RSS</a></li></ul></div></nav><button class="theme__toggle light--hidden" aria-label="Toggle light mode">
</style><link rel=preload href="/css/non-critical.fda4fe26932451ba1f7ab9430bf51f2047a023a1dcd0748e27f117a9cf8462bd2a9a27cb13f7f889850e85728f11cc1dbbd025849fe9f66e87a95305d6735f9f.css" as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-/aT+JpMkUboferlDC/UfIEegI6Hc0HSOJ/EXqc+EYr0qmifLE/f4iYUOhXKPEcwdu9AlhJ/p9m6HqVMF1nNfnw=="><link id=prism-dark rel=preload href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link id=prism-light rel=preload href=/prism-themes/prism-gruvbox-light.min.42a221741efe997fcc94187c39d63c555560678789ac9ca856c74a5f0ddb2aa6c50d38b2ffbecc7a99038cbbd2efa99746e862267f781c559e0cfec10b88a5fc.css as=style onload='this.onload=null,this.rel="stylesheet"' integrity="sha512-QqIhdB7+mX/MlBh8OdY8VVVgZ4eJrJyoVsdKXw3bKqbFDTiy/77MepkDjLvS76mXRuhiJn94HFWeDP7BC4il/A==" disabled><noscript><link rel=stylesheet href=/prism-themes/prism-gruvbox-dark.min.54aecc64074623a4f9898544dcbdab9e804f1560ef0b38f4cf8e10fcaaf72264e798cb407c601aca6ecd833ec4eb93d66535581f18d45ba202cf848b70dbc332.css integrity="sha512-VK7MZAdGI6T5iYVE3L2rnoBPFWDvCzj0z44Q/Kr3ImTnmMtAfGAaym7Ngz7E65PWZTVYHxjUW6ICz4SLcNvDMg=="><link rel=stylesheet href="/css/non-critical.fda4fe26932451ba1f7ab9430bf51f2047a023a1dcd0748e27f117a9cf8462bd2a9a27cb13f7f889850e85728f11cc1dbbd025849fe9f66e87a95305d6735f9f.css" integrity="sha512-/aT+JpMkUboferlDC/UfIEegI6Hc0HSOJ/EXqc+EYr0qmifLE/f4iYUOhXKPEcwdu9AlhJ/p9m6HqVMF1nNfnw=="></noscript><script>(()=>{function n(){if(localStorage&&localStorage.getItem("theme"))return localStorage.getItem("theme");if(window.matchMedia)return window.matchMedia("(prefers-color-scheme: light)").matches?"light":"dark"}function e(e){document.documentElement.setAttribute("data-theme",e);let t=document.getElementById("prism-dark"),n=document.getElementById("prism-light");t.toggleAttribute("disabled",e==="light"),n.toggleAttribute("disabled",e==="dark"),localStorage.setItem("theme",e)}var t=n();t&&e(t);function s(t){let n=t.currentTarget.classList.contains("light--hidden")?"light":"dark";e(n)}document.addEventListener("DOMContentLoaded",function(){document.querySelectorAll(".theme__toggle").forEach(e=>{e.addEventListener("click",s)})})})()</script><link rel=apple-touch-icon sizes=180x180 href=/apple-touch-icon.png><link rel=icon type=image/png sizes=32x32 href=/favicon-32x32.png><link rel=icon type=image/png sizes=16x16 href=/favicon-16x16.png><link rel=manifest href=/site.webmanifest><link rel=mask-icon href=/safari-pinned-tab.svg color=#282828><meta name=msapplication-TileColor content="#282828"><meta name=theme-color content="#282828"></head><body><div class=layout><header><a class=logo href=/><div class=logo__text>davegallant.ca</div><div class=logo__chevron>></div><div class=logo__cursor></div></a><div class=search><input id=search__text type=search placeholder=Search... aria-label=Search autocomplete=off><div id=search__suggestions class=search__suggestions--hidden></div></div><nav id=menu><ul class=menu--horizontal><li class=menu__item><a href=/index.xml>RSS</a></li></ul><div class=menu__burger><input class=menu__item type=checkbox aria-label="Open main menu"><svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-menu-2" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M4 6h16"/><path d="M4 12h16"/><path d="M4 18h16"/></svg><ul class=menu--vertical><li><a class=menu__item href=/index.xml>RSS</a></li></ul></div></nav><button class="theme__toggle light--hidden" aria-label="Toggle light mode">
<svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-sun" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M12 12m-4 0a4 4 0 108 0 4 4 0 10-8 0"/><path d="M3 12h1m8-9v1m8 8h1m-9 8v1M5.6 5.6l.7.7m12.1-.7-.7.7m0 11.4.7.7m-12.1-.7-.7.7"/></svg></button>
<button class="theme__toggle dark--hidden" aria-label="Toggle dark mode"><svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-moon" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M12 3c.132.0.263.0.393.0a7.5 7.5.0 007.92 12.446A9 9 0 1112 2.992z"/></svg></button></header><main><div class=content><article class=post><div class=post-header><h1>Using AKS and SOCKS to connect to a private Azure DB</h1><div class=post-meta><span>2023-05-22</span><span> (updated: 2024-01-01)</span><div class=post-tags><a class=post-tag href=/tags/aks>aks</a><a class=post-tag href=/tags/aws>aws</a><a class=post-tag href=/tags/azure>azure</a><a class=post-tag href=/tags/bastion>bastion</a><a class=post-tag href=/tags/cloud-sql-proxy>cloud&#8209;sql&#8209;proxy</a><a class=post-tag href=/tags/database>database</a><a class=post-tag href=/tags/eks>eks</a><a class=post-tag href=/tags/k8s>k8s</a><a class=post-tag href=/tags/kubectl-plugin-socks5-proxy>kubectl&#8209;plugin&#8209;socks5&#8209;proxy</a><a class=post-tag href=/tags/proxy>proxy</a><a class=post-tag href=/tags/socat>socat</a><a class=post-tag href=/tags/socks>socks</a></div></div></div><div class=post-content><p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p><h2 id=go-public>Go Public?<a href=#go-public class=post-heading__anchor aria-hidden=true>#</a></h2><p>Should the database be migrated to public subnets? Ideally not, since it is good practice to host internal infrastructure in restricted subnets.</p><h2 id=how-do-others-handle-this>How do others handle this?<a href=#how-do-others-handle-this class=post-heading__anchor aria-hidden=true>#</a></h2><p>With GCP, connecting to a private db instance from any machine can be achieved with <a href=https://github.com/GoogleCloudPlatform/cloud-sql-proxy class=link--external target=_blank rel=noreferrer>cloud-sql-proxy</a>. This works by proxying requests from your machine to the SQL database instance in the cloud, while the authentication is handled by GCP&rsquo;s IAM.</p><p>So what about Azure? Is there any solution that is as elegant as cloud-sql-proxy?</p><h2 id=a-bastion>A Bastion<a href=#a-bastion class=post-heading__anchor aria-hidden=true>#</a></h2><p>Similar to what <a href=https://aws.amazon.com/blogs/database/securely-connect-to-an-amazon-rds-or-amazon-ec2-database-instance-remotely-with-your-preferred-gui/ class=link--external target=_blank rel=noreferrer>AWS has recommended</a>, perhaps a bastion is the way forward?</p><p>Azure has a fully-managed service called <a href=https://azure.microsoft.com/en-ca/products/azure-bastion class=link--external target=_blank rel=noreferrer>Azure Bastion</a> that provides secure access to virtual machines that do not have public IPs. This looks interesting, but unfortunately it <a href=https://azure.microsoft.com/en-ca/pricing/details/azure-bastion/#pricing class=link--external target=_blank rel=noreferrer>costs money</a> and requires an additional virtual machine.</p><p>Because this adds cost (and complexity), it does not seem like a desirable option in its current state. If it provided a more seamless connection to the database, it would be more appealing.</p><h2 id=socks>SOCKS<a href=#socks class=post-heading__anchor aria-hidden=true>#</a></h2><blockquote><p><strong>2023-12-13:</strong>
An alternative to using a socks proxy is <a href=http://www.dest-unreach.org/socat/ class=link--external target=_blank rel=noreferrer>socat</a>. This would allow you to relay tcp connections to a pod running in k8s, and then port-forward them to your localhost.

26
blog/2023/12/10/setting-up-gitea-actions-with-tailscale/index.html
View File

File diff suppressed because one or more lines are too long