diff options
| author | Paul Buetow <paul@buetow.org> | 2025-06-03 10:28:37 +0300 |
|---|---|---|
| committer | Paul Buetow <paul@buetow.org> | 2025-06-03 10:28:37 +0300 |
| commit | c6a020f1c8b243809280bd04b372162a789fedeb (patch) | |
| tree | bf7c9674d283eca6f6e043b576564adf9eb0998d /gemfeed | |
| parent | 99caa616318b5652c332981bdce644a5ca8c4c09 (diff) | |
Update content for md
Diffstat (limited to 'gemfeed')
| -rw-r--r-- | gemfeed/2024-03-03-a-fine-fyne-android-app-for-quickly-logging-ideas-programmed-in-golang.md | 2 | ||||
| -rw-r--r-- | gemfeed/DRAFT-f3s-kubernetes-with-freebsd-part-6.md | 208 |
2 files changed, 210 insertions, 0 deletions
diff --git a/gemfeed/2024-03-03-a-fine-fyne-android-app-for-quickly-logging-ideas-programmed-in-golang.md b/gemfeed/2024-03-03-a-fine-fyne-android-app-for-quickly-logging-ideas-programmed-in-golang.md index 1f660405..1ab9fbd6 100644 --- a/gemfeed/2024-03-03-a-fine-fyne-android-app-for-quickly-logging-ideas-programmed-in-golang.md +++ b/gemfeed/2024-03-03-a-fine-fyne-android-app-for-quickly-logging-ideas-programmed-in-golang.md @@ -40,6 +40,8 @@ My Android apps will never be polished, but they will get the job done, and this ## All easy-peasy? +> Updated 2025-05-15: When using `fyne-cross android` everything works now! I don't have to perform any of the work-arounds listed below anymore! + I did have some issues with the app logo for Android, though. Android always showed the default app icon and not my custom icon whenever I used a custom `AndroidManifest.xml` for custom app storage permissions. Without a custom `AndroidAmnifest.xml` the app icon would be displayed under Android, but then the app would not have the `MANAGE_EXTERNAL_STORAGE` permission, which is required for Quick logger to write to a custom directory. I found a workaround, which I commented on here at Github: [https://github.com/fyne-io/fyne/issues/3077#issuecomment-1912697360](https://github.com/fyne-io/fyne/issues/3077#issuecomment-1912697360) diff --git a/gemfeed/DRAFT-f3s-kubernetes-with-freebsd-part-6.md b/gemfeed/DRAFT-f3s-kubernetes-with-freebsd-part-6.md new file mode 100644 index 00000000..81be255d --- /dev/null +++ b/gemfeed/DRAFT-f3s-kubernetes-with-freebsd-part-6.md @@ -0,0 +1,208 @@ +# f3s: Kubernetes with FreeBSD - Part 6: Storage + +> Published at 2025-04-04T23:21:01+03:00 + +This is the sixth blog post about the f3s series for self-hosting demands in a home lab. f3s? The "f" stands for FreeBSD, and the "3s" stands for k3s, the Kubernetes distribution used on FreeBSD-based physical machines. + +[2024-11-17 f3s: Kubernetes with FreeBSD - Part 1: Setting the stage](./2024-11-17-f3s-kubernetes-with-freebsd-part-1.md) +[2024-12-03 f3s: Kubernetes with FreeBSD - Part 2: Hardware and base installation](./2024-12-03-f3s-kubernetes-with-freebsd-part-2.md) +[2025-02-01 f3s: Kubernetes with FreeBSD - Part 3: Protecting from power cuts](./2025-02-01-f3s-kubernetes-with-freebsd-part-3.md) +[2025-04-05 f3s: Kubernetes with FreeBSD - Part 4: Rocky Linux Bhyve VMs](./2025-04-05-f3s-kubernetes-with-freebsd-part-4.md) +[2025-05-11 f3s: Kubernetes with FreeBSD - Part 5: WireGuard mesh network](./2025-05-11-f3s-kubernetes-with-freebsd-part-5.md) + +[](./f3s-kubernetes-with-freebsd-part-1/f3slogo.png) + +## Table of Contents + +* [⇢ f3s: Kubernetes with FreeBSD - Part 6: Storage](#f3s-kubernetes-with-freebsd---part-6-storage) +* [⇢ ⇢ Introduction](#introduction) +* [⇢ ⇢ UFS Setup](#ufs-setup) +* [⇢ ⇢ ZFS Setup](#zfs-setup) +* [⇢ ⇢ ⇢ Encryption](#encryption) + +## Introduction + +In this blog post, we are going to extend the Beelinks with some additional storage. + +Some photos here, describe why there are 2 different models of SSD drives (replication etc) + +``` +paul@f0:/ % doas camcontrol devlist +<512GB SSD D910R170> at scbus0 target 0 lun 0 (pass0,ada0) +<Samsung SSD 870 EVO 1TB SVT03B6Q> at scbus1 target 0 lun 0 (pass1,ada1) +<Generic Flash Disk 8.07> at scbus2 target 0 lun 0 (da0,pass2) +paul@f0:/ % +``` + +``` +paul@f1:/ % doas camcontrol devlist +<512GB SSD D910R170> at scbus0 target 0 lun 0 (pass0,ada0) +<CT1000BX500SSD1 M6CR072> at scbus1 target 0 lun 0 (pass1,ada1) +<Generic Flash Disk 8.07> at scbus2 target 0 lun 0 (da0,pass2) +paul@f1:/ % +``` + +## UFS Setup + +```sh +paul@f0:/ % doas newfs /dev/da0 +/dev/da0: 15000.0MB (30720000 sectors) block size 32768, fragment size 4096 + using 24 cylinder groups of 625.22MB, 20007 blks, 80128 inodes. + with soft updates +super-block backups (for fsck_ffs -b #) at: + 192, 1280640, 2561088, 3841536, 5121984, 6402432, 7682880, 8963328, 10243776, +11524224, 12804672, 14085120, 15365568, 16646016, 17926464, 19206912,k 20487360, +... + +paul@f0:/ % echo '/dev/da0 /keys ufs rw 0 2' | doas tee -a /etc/fstab +/dev/da0 /keys ufs rw 0 2 +paul@f0:/ % doas mkdir /keys +paul@f0:/ % doas mount /keys +paul@f0:/ % df | grep keys +/dev/da0 14877596 8 13687384 0% /keys +``` + +## ZFS Setup + +```sh +paul@f0:/dev % doas zpool create -m /data zdata /dev/ada1 +paul@f0:/dev % zpool list +NAME SIZE ALLOC FREE CKPOINT EXPANDSZ FRAG CAP DEDUP HEALTH ALTROOT +zdata 928G 432K 928G - - 0% 0% 1.00x ONLINE - +zroot 472G 19.8G 452G - - 0% 4% 1.00x ONLINE - + +``` + +### Encryption + +USB key for key location + +```sh +paul@f0:/keys % doas vm stop rocky +Sending ACPI shutdown to rocky + +paul@f0:/keys % doas vm list +NAME DATASTORE LOADER CPU MEMORY VNC AUTO STATE +rocky default uefi 4 14G - Yes [1] Stopped + + +paul@f0:/keys % doas zfs rename zroot/bhyve zroot/bhyve_old +paul@f0:/keys % doas zfs set mountpoint=/mnt zroot/bhyve_old +paul@f0:/keys % doas zfs snapshot zroot/bhyve_old/rocky@hamburger + + +paul@f0:/keys % doas openssl rand -out /keys/`hostname`:bhyve.key 32 +paul@f0:/keys % doas openssl rand -out /keys/`hostname`:zdata.key 32 +paul@f0:/keys % ls -ltr +total 8 +-rw-r--r-- 1 root wheel 16 May 25 11:54 f0.lan.buetow.org:bhyve.key +-rw-r--r-- 1 root wheel 16 May 25 11:54 f0.lan.buetow.org:zdata.key + +paul@f0:/keys % doas zfs create -o encryption=on -o keyformat=raw -o keylocation=file:///keys/`hostname`:bhyve.key zroot/bhyve +paul@f0:/keys % doas zfs create -o encryption=on -o keyformat=raw -o keylocation=file:///keys/`hostname`:zdata.key zdata/enc +paul@f0:/keys % doas zfs set mountpoint=/zroot/bhyve zroot/bhyve +paul@f0:/keys % doas zfs set mountpoint=/zroot/bhyve/rocky zroot/bhyve/rocky + +paul@f0:/keys % doas zfs send zroot/bhyve_old/rocky@hamburger | doas zfs recv zroot/bhyve/rocky +paul@f0:/keys % doas cp -Rp /mnt/.config /zroot/bhyve/ +paul@f0:/keys % doas cp -Rp /mnt/.img /zroot/bhyve/ +paul@f0:/keys % doas cp -Rp /mnt/.templates /zroot/bhyve/ +paul@f0:/keys % doas cp -Rp /mnt/.iso /zroot/bhyve/ + +paul@f0:/keys % doas sysrc zfskeys_enable=YES +zfskeys_enable: -> YES +``` + +Copied over all the keys from the partner node to each node, so they backup each other: + +```sh +paul@f0:/keys % doas chown root * +paul@f0:/keys % doas chmod 400 * +paul@f0:/keys % ls -ltr +total 24 +-r-------- 1 root paul 16 May 25 11:56 f0.lan.buetow.org:zdata.key +-r-------- 1 root paul 16 May 25 11:56 f0.lan.buetow.org:bhyve.key +-r-------- 1 root paul 16 May 25 11:56 f1.lan.buetow.org:zdata.key +-r-------- 1 root paul 16 May 25 11:56 f1.lan.buetow.org:bhyve.key +-r-------- 1 root paul 16 May 25 11:57 f2.lan.buetow.org:zdata.key +-r-------- 1 root paul 16 May 25 11:57 f2.lan.buetow.org:bhyve.key +``` + +```sh +paul@f0:/keys % doas vm init +paul@f0:/keys % doas reboot +. +. +. +paul@f0:~ % doas vm list +paul@f0:~ % doas vm list +NAME DATASTORE LOADER CPU MEMORY VNC AUTO STATE +rocky default uefi 4 14G 0.0.0.0:5900 Yes [1] Running (2265) +``` + +```sh +paul@f0:~ % doas zfs destroy -R zroot/bhyve_old + +paul@f0:~ % zfs get all zdata/enc | grep -E '(encryption|key)' +zdata/enc encryption aes-256-gcm - +zdata/enc keylocation file:///keys/f0.lan.buetow.org:zdata.key local +zdata/enc keyformat raw - +zdata/enc encryptionroot zdata/enc - +zdata/enc keystatus available - +paul@f0:~ % zfs get all zroot/bhyve | grep -E '(encryption|key)' +zroot/bhyve encryption aes-256-gcm - +zroot/bhyve keylocation file:///keys/f0.lan.buetow.org:bhyve.key local +zroot/bhyve keyformat raw - +zroot/bhyve encryptionroot zroot/bhyve - +zroot/bhyve keystatus available - +paul@f0:~ % zfs get all zroot/bhyve/rocky | grep -E '(encryption|key)' +zroot/bhyve/rocky encryption aes-256-gcm - +zroot/bhyve/rocky keylocation none default +zroot/bhyve/rocky keyformat raw - +zroot/bhyve/rocky encryptionroot zroot/bhyve - +zroot/bhyve/rocky keystatus available - +``` + +``` + paul@f0:~ % zpool status + pool: zdata + state: ONLINE +config: + + NAME STATE READ WRITE CKSUM + zdata ONLINE 0 0 0 + ada1 ONLINE 0 0 0 + +errors: No known data errors + + pool: zroot + state: ONLINE +config: + + NAME STATE READ WRITE CKSUM + zroot ONLINE 0 0 0 + ada0p4 ONLINE 0 0 0 + +errors: No known data errors +``` + +ZFS auto scrubbing....~? + +Backup of the keys on the key locations (all keys on all 3 USB keys) + +Other *BSD-related posts: + +[2025-05-11 f3s: Kubernetes with FreeBSD - Part 5: WireGuard mesh network](./2025-05-11-f3s-kubernetes-with-freebsd-part-5.md) +[2025-04-05 f3s: Kubernetes with FreeBSD - Part 4: Rocky Linux Bhyve VMs](./2025-04-05-f3s-kubernetes-with-freebsd-part-4.md) +[2025-02-01 f3s: Kubernetes with FreeBSD - Part 3: Protecting from power cuts](./2025-02-01-f3s-kubernetes-with-freebsd-part-3.md) +[2024-12-03 f3s: Kubernetes with FreeBSD - Part 2: Hardware and base installation](./2024-12-03-f3s-kubernetes-with-freebsd-part-2.md) +[2024-11-17 f3s: Kubernetes with FreeBSD - Part 1: Setting the stage](./2024-11-17-f3s-kubernetes-with-freebsd-part-1.md) +[2024-04-01 KISS high-availability with OpenBSD](./2024-04-01-KISS-high-availability-with-OpenBSD.md) +[2024-01-13 One reason why I love OpenBSD](./2024-01-13-one-reason-why-i-love-openbsd.md) +[2022-10-30 Installing DTail on OpenBSD](./2022-10-30-installing-dtail-on-openbsd.md) +[2022-07-30 Let's Encrypt with OpenBSD and Rex](./2022-07-30-lets-encrypt-with-openbsd-and-rex.md) +[2016-04-09 Jails and ZFS with Puppet on FreeBSD](./2016-04-09-jails-and-zfs-on-freebsd-with-puppet.md) + +E-Mail your comments to `paul@nospam.buetow.org` + +[Back to the main site](../) |