Posts

Introduction As per my previous post on OMV5 and OpenVPN, I decided to install Wireguard, a more performant VPN software. Configuration To start, we need to install Wireguard on OMV5. So SSH into your box and run: apt update apt install wireguard Verify that the Wireguard kernel module is functional: /sbin/modinfo wireguard Create a server keypair: mkdir /etc/wireguard/ chmod 700 /etc/wireguard/ cd /etc/wireguard/ wg genkey | tee vpn-server-private.key | wg pubkey > vpn-server-public....

Introduction I recently installed Openmediavault 5. For those who do NOT know what this software does here is a short/brief description: it is a network attached storage (NAS) solution based on Debian Linux that contains or can contain SSH, (S)FTP, SMB/CIFS, DAAP media server, RSync, BitTorrent client, etc. The aspect I greatly like is the modular design of the framework, which permits enhancement via plugins. Long story short, I use OMV5 for Plex, as a Rsync server, and now, I want to try playing around with virtual machines (VMs) either via Cockpit or the KVM plugin found in OMV5....

Introduction As mentioned in previous articles, Vagrant is a useful tool for development. It allows the quick creation of virtual machines, VMs, via decorative syntax and hypervisors, be it Hyper-V, VirtualBox, or some other. For sheer interests, I want to work with the latest K3D, a CLI that utilizes Docker to create a light-weight Kubernetes, K3S, that runs within Docker. Although “HA”, high availability, works on the same compute, VMs, whatever, a new feature was just incorporated that I would like to use to create remote servers and agents, or rather nodes / node pools....

Introduction This very short article is about port knocking and iptables. Port knocking allows a specific port to be opened when a sequence of connection attempts on predefined ports are made. The correct sequence of “knocks” will dynamically open the desired port temporarily so that a connection can be made on the desired port. In this article we will use port 22 as the port to hide with four (4) UDP ports to knock....

Introduction Ansible is my go-to IaC tool. Why? Because unlike other tools it just requires SSH or WinRM access to a machine. I prefer this method for simplicity rather than creating a master/slave relationship. LXD is also my go-to container and virtual machine manager. Sure, we can debate all day the pros and cons and compare to “Docker”. Although, I must state for local development, I will use Docker and Docker Compose, but for production, I prefer LXD, which runs an OS as a container and can utilize the benefits of a VM....