Update dependency stylelint-prettier to v5.0.3

.gitignore

@@ -119,3 +119,5 @@ dist
 # End of https://www.toptal.com/developers/gitignore/api/hugo,node
 
 public/
+
+.obsidian/

content/_index.md

@@ -6,6 +6,8 @@ This is a space where I document my learnings and share them with others. I hope
 
 I choose to host this site, alongside other tools, rather than relying exclusively on larger platforms because I believe in the open web. Interoperability is often not a consideration for popular platforms today and I find that concerning.
 
+My blog can be found [here](./blog).
+
 ## Connect
 
 If you would like to connect with me:

content/blog/replicating-truenas-datasets-to-sftpgo-over-tailscale/index.md

@@ -0,0 +1,30 @@
+---
+title: "Replicating TrueNAS datasets to sftpgo over Tailscale"
+date: "2025-04-17T22:03:33-04:00"
+draft: false
+comments: true
+toc: false
+author: "Dave Gallant"
+tags:
+  [
+    "tailscale",
+    "truenas",
+    "sftpgo",
+  ]
+---
+
+I've recently spun up an instance of TrueNAS SCALE after salvaging a couple hard drives from a past computer build and decided I could use additional network storage for various backups such as Proxmox VMs and home directory backups.
+
+<!--more-->
+
+The only app I've needed to install has been Tailscale which has enabled me to access the TrueNAS Web UI from anywhere. I've setup a few datasets and NFS shares to store various backups and the rest of the periodic backups have routinely been working without a hitch. Since my homelab is becoming more of a vital piece of infrastructure for my daily needs, I wanted to ensure that these datasets had [Cloud Sync Tasks](https://www.truenas.com/docs/scale/scaletutorials/dataprotection/cloudsynctasks/) setup for offsite backups. These encrypted backups are mostly being stored in places such as Google Drive and other blob storage providers.
+
+More recently, to reduce cloud costs, I've setup some a small node at another physical location and installed both Tailscale and [sftpgo](https://github.com/drakkan/sftpgo) on it to facilitate offsite backups. After setting up the infrastructure and adding a Cloud Sync Task in TrueNAS SCALE to replicate these backups offsite to sftpgo, I noticed that Tailscale's Magic DNS was not working, nor was the Tailscale IPv4 address.
+
+After reading the [Tailscale docs](https://tailscale.com/kb/1483/truenas#route-non-tailnet-traffic-through-truenas) , it became clear that the **Userspace** box had to be unchecked in the Tailscale app settings. This is because the Tailscale app is running within a docker container on the TrueNAS SCALE VM. After unchecking the **Userspace** box, I was able to verify that the Backup Credentials created for sftpgo worked when specifying the host as a Tailscale IPv4 address. This was probably good enough since the IP won't change unless the node is re-registered.
+
+~~To get MagicDNS working, I went to Network > Global Configuration and set "Nameserver 1" to **100.100.100.100**. After this, I was able to specify the FQDN in the Backup Credentials and the Cloud Sync Tasks started.~~ 
+
+This method of adding MagicDNS can lead to issues with DNS when updating the tailscale application in TrueNAS, so I ended using the Tailscale IP directly.
+
+

content/blog/using-a-realtek-nic-with-opnsense/index.md

@@ -0,0 +1,83 @@
+---
+title: "Using a Realtek NIC with OPNsense"
+date: "2025-04-21T17:17:46-04:00"
+draft: false
+comments: true
+toc: false
+author: "Dave Gallant"
+tags:
+    [
+    linux,
+    freebsd,
+    opnsense,
+    pfsense,
+    proxmox,
+    realtek,
+    nic,
+]
+---
+
+For the past few years, I've been running pfSense (and more recently OPNsense) in a virtual machine within Proxmox. This has been running fine with a single onboard Intel NIC. A few months ago, I upgraded to a machine that has a CPU that supports hardware-accelerated transcoding, has more SATA ports, and has more PCI slots for future expansion. With the goal of having a dedicated NIC for WAN, I bought an inexpensive 1Gbps PCIe NIC (TG-3468) despite reading about some of the concerns around Realtek NICs (sluggish performance, driver instability, and in some cases system crashes).
+
+I've been running a Realtek NICs reliably on Linux and Windows desktops, so I figured I could make it work without too much effort, but it turns out Realtek NICs really can be problematic when it comes to FreeBSD-based routers, and commonly documented workarounds did not solve my problems.
+
+<!--more-->
+
+## Environment
+
+My environment consists of:
+
+- Proxmox 8.4
+- OPNsense 25.1 (QEMU VM)
+- Ethernet controller: Intel Corporation Ethernet Connection (5) I219-LM
+- Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 15)
+
+# Goal
+
+The goal is to upgrade the OPNsense router from a single NIC to two NICs. The NICs are responsible for:
+
+1. **LAN**: the internal network for computers, phones, cameras, printers, etc (NIC 1)
+2. **WAN**: the connection from the ISP (NIC 2)
+
+Having two separate physical interfaces for LAN and WAN creates clear, physical separation between the trusted internal network and the untrusted external network at the hardware level. This also should improve performance and throughput since the same physical connection is no longer shared between LAN and WAN.
+
+## Device Passthrough
+
+For maximum performance and reduced hypervisor overhead, passing through a physical NIC for WAN directly to the VM seemed to make the most sense, so I passed it through to the OPNsense VM.
+
+![passthrough](./opnsense-device-passthrough.png)
+
+![passthrough-add-pci](./opnsense-device-passthrough-add-pci.png)
+
+I added the PCI device and restarted the OPNsense VM and re-configured the WAN in OPNsense to use this device.
+
+I received the WAN IP and everything appeared to be working. I ran a few speed tests and noticed that the download speeds were much lower than normal from all of my devices. I checked my instance of [speedtest-tracker](https://docs.speedtest-tracker.dev) noticed that the download speeds were significantly slower than historical records:
+
+![speedtest-tracker](./speedtest-tracker.png)
+
+These speeds tests were going through Mullvad, which occasionally is inconsistent, but the results remained consistently lower than the previous configuration.
+
+I reverted the WAN back to the original NIC, and the download speeds returned to more average results immediately so it became obvious that something was not right with this setup.
+
+### Realtek drivers
+
+I did some web searching / LLM prompting and discovered that some people have had improved results after installing the OPNsense plugin **os-realtek-re**.
+
+After installing the plugin and ensuring the kernel module was loaded at boot by following the post-install instructions, the throughput was still signicantly slower than before adding a second NIC.
+
+I was starting to think that there might be a problem with the hardware and began the process to return it to the vendor.
+
+## Virtualized NIC with a Linux bridge
+
+As one last shot, I created Linux Bridge in the Proxmox GUI with the Realtek NIC and passed it through to the OPNsense VM:
+
+![linux-bridge](./linux-bridge.png)
+
+![linux-bridge-add-network-device](./linux-bridge-add-network-device.png)
+
+I re-configured the WAN interface in OPNsense to use the newly added network device, and the download and upload speeds returned to the typical speeds. Another added benefit to this setup is that it bypasses the need for installing Realtek FreeBSD drivers on the OPNsense VM, since the network device is virtual and managed on the Proxmox host (debian-based).
+
+
+## Conclusion
+
+Although I am not sure why passing through a Realtek NIC to an OPNsense VM causes so much degradation in throughput, I am glad that there is a workaround. If I get ahold of another NIC, I would be interested in trying to reproduce the issue.

package-lock.json

@@ -6055,10 +6055,11 @@
       }
     },
     "node_modules/stylelint-prettier": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/stylelint-prettier/-/stylelint-prettier-5.0.0.tgz",
-      "integrity": "sha512-RHfSlRJIsaVg5Br94gZVdWlz/rBTyQzZflNE6dXvSxt/GthWMY3gEHsWZEBaVGg7GM+XrtVSp4RznFlB7i0oyw==",
+      "version": "5.0.3",
+      "resolved": "https://registry.npmjs.org/stylelint-prettier/-/stylelint-prettier-5.0.3.tgz",
+      "integrity": "sha512-B6V0oa35ekRrKZlf+6+jA+i50C4GXJ7X1PPmoCqSUoXN6BrNF6NhqqhanvkLjqw2qgvrS0wjdpeC+Tn06KN3jw==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "prettier-linter-helpers": "^1.0.0"
       },

themes/custom-theme/assets/css/non-critical/00-vendor.css

@@ -1,12 +1,12 @@
 /*! purgecss start ignore */
 
-/* Prism Plugins */
 {{ range $.Site.Params.prism.plugins }}
   {{ $path := printf "prismjs/plugins/%s/prism-%s.css" . . }}
-  {{ $plugin := resources.Get $path }}
-  {{ if $plugin }}
-  {{ printf "/*%s*/" $plugin }}
-    @import "{{ $plugin }}";
+  {{ $pluginCSS := resources.Get $path }}
+  {{ if $pluginCSS }}
+    {{ $importPath := trim $pluginCSS.RelPermalink "/" }}
+    {{ printf "/* Import stylesheet for Prism plugin '%s' from '%s' */" . $importPath }}
+    @import "{{ $importPath }}";
   {{ end }}
 {{ end }}
 

themes/custom-theme/package-lock.json

@@ -6217,9 +6217,9 @@
       }
     },
     "node_modules/stylelint-prettier": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/stylelint-prettier/-/stylelint-prettier-5.0.0.tgz",
-      "integrity": "sha512-RHfSlRJIsaVg5Br94gZVdWlz/rBTyQzZflNE6dXvSxt/GthWMY3gEHsWZEBaVGg7GM+XrtVSp4RznFlB7i0oyw==",
+      "version": "5.0.3",
+      "resolved": "https://registry.npmjs.org/stylelint-prettier/-/stylelint-prettier-5.0.3.tgz",
+      "integrity": "sha512-B6V0oa35ekRrKZlf+6+jA+i50C4GXJ7X1PPmoCqSUoXN6BrNF6NhqqhanvkLjqw2qgvrS0wjdpeC+Tn06KN3jw==",
       "dev": true,
       "dependencies": {
         "prettier-linter-helpers": "^1.0.0"
@@ -10772,9 +10772,9 @@
       }
     },
     "stylelint-prettier": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/stylelint-prettier/-/stylelint-prettier-5.0.0.tgz",
-      "integrity": "sha512-RHfSlRJIsaVg5Br94gZVdWlz/rBTyQzZflNE6dXvSxt/GthWMY3gEHsWZEBaVGg7GM+XrtVSp4RznFlB7i0oyw==",
+      "version": "5.0.3",
+      "resolved": "https://registry.npmjs.org/stylelint-prettier/-/stylelint-prettier-5.0.3.tgz",
+      "integrity": "sha512-B6V0oa35ekRrKZlf+6+jA+i50C4GXJ7X1PPmoCqSUoXN6BrNF6NhqqhanvkLjqw2qgvrS0wjdpeC+Tn06KN3jw==",
       "dev": true,
       "requires": {
         "prettier-linter-helpers": "^1.0.0"