From fbdb03396c2e0512100fdc6ae6644a3f3d5b2d06 Mon Sep 17 00:00:00 2001 From: Paul Buetow Date: Tue, 3 Jun 2025 10:28:36 +0300 Subject: Update content for html --- ...quickly-logging-ideas-programmed-in-golang.html | 2 + .../DRAFT-f3s-kubernetes-with-freebsd-part-6.html | 247 +++++++++++++++++++++ gemfeed/atom.xml | 4 +- 3 files changed, 252 insertions(+), 1 deletion(-) create mode 100644 gemfeed/DRAFT-f3s-kubernetes-with-freebsd-part-6.html (limited to 'gemfeed') diff --git a/gemfeed/2024-03-03-a-fine-fyne-android-app-for-quickly-logging-ideas-programmed-in-golang.html b/gemfeed/2024-03-03-a-fine-fyne-android-app-for-quickly-logging-ideas-programmed-in-golang.html index b48aa9ee..9f9e57c5 100644 --- a/gemfeed/2024-03-03-a-fine-fyne-android-app-for-quickly-logging-ideas-programmed-in-golang.html +++ b/gemfeed/2024-03-03-a-fine-fyne-android-app-for-quickly-logging-ideas-programmed-in-golang.html @@ -54,6 +54,8 @@

All easy-peasy?



+Updated 2025-05-15: When using fyne-cross android everything works now! I don't have to perform any of the work-arounds listed below anymore!
+
I did have some issues with the app logo for Android, though. Android always showed the default app icon and not my custom icon whenever I used a custom AndroidManifest.xml for custom app storage permissions. Without a custom AndroidAmnifest.xml the app icon would be displayed under Android, but then the app would not have the MANAGE_EXTERNAL_STORAGE permission, which is required for Quick logger to write to a custom directory. I found a workaround, which I commented on here at Github:

https://github.com/fyne-io/fyne/issues/3077#issuecomment-1912697360
diff --git a/gemfeed/DRAFT-f3s-kubernetes-with-freebsd-part-6.html b/gemfeed/DRAFT-f3s-kubernetes-with-freebsd-part-6.html new file mode 100644 index 00000000..0219cb6e --- /dev/null +++ b/gemfeed/DRAFT-f3s-kubernetes-with-freebsd-part-6.html @@ -0,0 +1,247 @@ + + + + +f3s: Kubernetes with FreeBSD - Part 6: Storage + + + + + +

+Home | Markdown | Gemini +

+

f3s: Kubernetes with FreeBSD - Part 6: Storage


+
+Published at 2025-04-04T23:21:01+03:00
+
+This is the sixth blog post about the f3s series for self-hosting demands in a home lab. f3s? The "f" stands for FreeBSD, and the "3s" stands for k3s, the Kubernetes distribution used on FreeBSD-based physical machines.
+
+2024-11-17 f3s: Kubernetes with FreeBSD - Part 1: Setting the stage
+2024-12-03 f3s: Kubernetes with FreeBSD - Part 2: Hardware and base installation
+2025-02-01 f3s: Kubernetes with FreeBSD - Part 3: Protecting from power cuts
+2025-04-05 f3s: Kubernetes with FreeBSD - Part 4: Rocky Linux Bhyve VMs
+2025-05-11 f3s: Kubernetes with FreeBSD - Part 5: WireGuard mesh network
+
+f3s logo
+
+

Table of Contents


+
+
+

Introduction


+
+In this blog post, we are going to extend the Beelinks with some additional storage.
+
+Some photos here, describe why there are 2 different models of SSD drives (replication etc)
+
+
+paul@f0:/ % doas camcontrol devlist
+<512GB SSD D910R170>               at scbus0 target 0 lun 0 (pass0,ada0)
+<Samsung SSD 870 EVO 1TB SVT03B6Q>  at scbus1 target 0 lun 0 (pass1,ada1)
+<Generic Flash Disk 8.07>          at scbus2 target 0 lun 0 (da0,pass2)
+paul@f0:/ %
+
+
+
+paul@f1:/ % doas camcontrol devlist
+<512GB SSD D910R170>               at scbus0 target 0 lun 0 (pass0,ada0)
+<CT1000BX500SSD1 M6CR072>          at scbus1 target 0 lun 0 (pass1,ada1)
+<Generic Flash Disk 8.07>          at scbus2 target 0 lun 0 (da0,pass2)
+paul@f1:/ %
+
+
+

UFS Setup


+
+ +
paul@f0:/ % doas newfs /dev/da0
+/dev/da0: 15000.0MB (30720000 sectors) block size 32768, fragment size 4096
+        using 24 cylinder groups of 625.22MB, 20007 blks, 80128 inodes.
+        with soft updates
+super-block backups (for fsck_ffs -b #) at:
+ 192, 1280640, 2561088, 3841536, 5121984, 6402432, 7682880, 8963328, 10243776,
+11524224, 12804672, 14085120, 15365568, 16646016, 17926464, 19206912,k 20487360,
+...
+
+paul@f0:/ % echo '/dev/da0 /keys ufs rw 0 2' | doas tee -a /etc/fstab
+/dev/da0 /keys ufs rw 0 2
+paul@f0:/ % doas mkdir /keys
+paul@f0:/ % doas mount /keys
+paul@f0:/ % df | grep keys
+/dev/da0             14877596       8  13687384     0%    /keys
+
+
+

ZFS Setup


+
+ +
paul@f0:/dev % doas zpool create -m /data zdata /dev/ada1
+paul@f0:/dev % zpool list
+NAME    SIZE  ALLOC   FREE  CKPOINT  EXPANDSZ   FRAG    CAP  DEDUP    HEALTH  ALTROOT
+zdata   928G   432K   928G        -         -     0%     0%  1.00x    ONLINE  -
+zroot   472G  19.8G   452G        -         -     0%     4%  1.00x    ONLINE  -
+
+
+
+

Encryption


+
+USB key for key location
+
+ +
paul@f0:/keys % doas vm stop rocky
+Sending ACPI shutdown to rocky
+
+paul@f0:/keys % doas vm list
+NAME     DATASTORE  LOADER     CPU  MEMORY  VNC  AUTO     STATE
+rocky    default    uefi       4    14G     -    Yes [1]  Stopped
+
+
+paul@f0:/keys % doas zfs rename zroot/bhyve zroot/bhyve_old
+paul@f0:/keys % doas zfs set mountpoint=/mnt zroot/bhyve_old
+paul@f0:/keys % doas zfs snapshot zroot/bhyve_old/rocky@hamburger
+
+
+paul@f0:/keys % doas openssl rand -out /keys/`hostname`:bhyve.key 32
+paul@f0:/keys % doas openssl rand -out /keys/`hostname`:zdata.key 32
+paul@f0:/keys % ls -ltr
+total 8
+-rw-r--r--  1 root wheel 16 May 25 11:54 f0.lan.buetow.org:bhyve.key
+-rw-r--r--  1 root wheel 16 May 25 11:54 f0.lan.buetow.org:zdata.key
+
+paul@f0:/keys % doas zfs create -o encryption=on -o keyformat=raw -o keylocation=file:///keys/`hostname`:bhyve.key zroot/bhyve
+paul@f0:/keys % doas zfs create -o encryption=on -o keyformat=raw -o keylocation=file:///keys/`hostname`:zdata.key zdata/enc
+paul@f0:/keys % doas zfs set mountpoint=/zroot/bhyve zroot/bhyve
+paul@f0:/keys % doas zfs set mountpoint=/zroot/bhyve/rocky zroot/bhyve/rocky
+
+paul@f0:/keys % doas zfs send zroot/bhyve_old/rocky@hamburger | doas zfs recv zroot/bhyve/rocky
+paul@f0:/keys % doas cp -Rp /mnt/.config /zroot/bhyve/
+paul@f0:/keys % doas cp -Rp /mnt/.img /zroot/bhyve/
+paul@f0:/keys % doas cp -Rp /mnt/.templates /zroot/bhyve/
+paul@f0:/keys % doas cp -Rp /mnt/.iso /zroot/bhyve/
+
+paul@f0:/keys % doas sysrc zfskeys_enable=YES
+zfskeys_enable:  -> YES
+
+
+Copied over all the keys from the partner node to each node, so they backup each other:
+
+ +
paul@f0:/keys % doas chown root *
+paul@f0:/keys % doas chmod 400 *
+paul@f0:/keys % ls -ltr
+total 24
+-r--------  1 root paul 16 May 25 11:56 f0.lan.buetow.org:zdata.key
+-r--------  1 root paul 16 May 25 11:56 f0.lan.buetow.org:bhyve.key
+-r--------  1 root paul 16 May 25 11:56 f1.lan.buetow.org:zdata.key
+-r--------  1 root paul 16 May 25 11:56 f1.lan.buetow.org:bhyve.key
+-r--------  1 root paul 16 May 25 11:57 f2.lan.buetow.org:zdata.key
+-r--------  1 root paul 16 May 25 11:57 f2.lan.buetow.org:bhyve.key
+
+
+ +
paul@f0:/keys % doas vm init
+paul@f0:/keys % doas reboot
+.
+.
+.
+paul@f0:~ % doas vm list
+paul@f0:~ % doas vm list
+NAME     DATASTORE  LOADER     CPU  MEMORY  VNC           AUTO     STATE
+rocky    default    uefi       4    14G     0.0.0.0:5900  Yes [1]  Running (2265)
+
+
+ +
paul@f0:~ % doas zfs destroy -R zroot/bhyve_old
+
+paul@f0:~ % zfs get all zdata/enc | grep -E '(encryption|key)'
+zdata/enc  encryption            aes-256-gcm                               -
+zdata/enc  keylocation           file:///keys/f0.lan.buetow.org:zdata.key  local
+zdata/enc  keyformat             raw                                       -
+zdata/enc  encryptionroot        zdata/enc                                 -
+zdata/enc  keystatus             available                                 -
+paul@f0:~ % zfs get all zroot/bhyve | grep -E '(encryption|key)'
+zroot/bhyve  encryption            aes-256-gcm                               -
+zroot/bhyve  keylocation           file:///keys/f0.lan.buetow.org:bhyve.key  local
+zroot/bhyve  keyformat             raw                                       -
+zroot/bhyve  encryptionroot        zroot/bhyve                               -
+zroot/bhyve  keystatus             available                                 -
+paul@f0:~ % zfs get all zroot/bhyve/rocky | grep -E '(encryption|key)'
+zroot/bhyve/rocky  encryption            aes-256-gcm            -
+zroot/bhyve/rocky  keylocation           none                   default
+zroot/bhyve/rocky  keyformat             raw                    -
+zroot/bhyve/rocky  encryptionroot        zroot/bhyve            -
+zroot/bhyve/rocky  keystatus             available              -
+
+
+
+	paul@f0:~ % zpool status
+  pool: zdata
+ state: ONLINE
+config:
+
+        NAME        STATE     READ WRITE CKSUM
+        zdata       ONLINE       0     0     0
+          ada1      ONLINE       0     0     0
+
+errors: No known data errors
+
+  pool: zroot
+ state: ONLINE
+config:
+
+        NAME        STATE     READ WRITE CKSUM
+        zroot       ONLINE       0     0     0
+          ada0p4    ONLINE       0     0     0
+
+errors: No known data errors
+
+
+ZFS auto scrubbing....~?
+
+Backup of the keys on the key locations (all keys on all 3 USB keys)
+
+Other *BSD-related posts:
+
+2025-05-11 f3s: Kubernetes with FreeBSD - Part 5: WireGuard mesh network
+2025-04-05 f3s: Kubernetes with FreeBSD - Part 4: Rocky Linux Bhyve VMs
+2025-02-01 f3s: Kubernetes with FreeBSD - Part 3: Protecting from power cuts
+2024-12-03 f3s: Kubernetes with FreeBSD - Part 2: Hardware and base installation
+2024-11-17 f3s: Kubernetes with FreeBSD - Part 1: Setting the stage
+2024-04-01 KISS high-availability with OpenBSD
+2024-01-13 One reason why I love OpenBSD
+2022-10-30 Installing DTail on OpenBSD
+2022-07-30 Let's Encrypt with OpenBSD and Rex
+2016-04-09 Jails and ZFS with Puppet on FreeBSD
+
+E-Mail your comments to paul@nospam.buetow.org
+
+Back to the main site
+

+Generated with Gemtexter 3.0.1-develop | +served by OpenBSD/relayd(8)+httpd(8) | +Site Mirrors +

+ + diff --git a/gemfeed/atom.xml b/gemfeed/atom.xml index c6e8721a..078d0cc6 100644 --- a/gemfeed/atom.xml +++ b/gemfeed/atom.xml @@ -1,6 +1,6 @@ - 2025-05-11T12:12:02+03:00 + 2025-06-03T10:27:49+03:00 foo.zone feed To be in the .zone! @@ -7082,6 +7082,8 @@ http://www.gnu.org/software/src-highlite -->

All easy-peasy?



+Updated 2025-05-15: When using fyne-cross android everything works now! I don't have to perform any of the work-arounds listed below anymore!
+
I did have some issues with the app logo for Android, though. Android always showed the default app icon and not my custom icon whenever I used a custom AndroidManifest.xml for custom app storage permissions. Without a custom AndroidAmnifest.xml the app icon would be displayed under Android, but then the app would not have the MANAGE_EXTERNAL_STORAGE permission, which is required for Quick logger to write to a custom directory. I found a workaround, which I commented on here at Github:

https://github.com/fyne-io/fyne/issues/3077#issuecomment-1912697360
-- cgit v1.2.3