Tinc different! - Part II: The Two Tunnels

This is the second part of my little series about tinc and NixOS, where I first shortly introduced tinc and then explained how to set it up on Linux in general as well as on NixOS. This part is more or less a rewrite of a question I posted to the NixOS discourse a while ago. For a while I’ve been using tinc on a bunch of infrastructure and so far it’s basically been rock solid: once set up nodes anywhere simply join their network and become reachable for anyone who needs to access them....

April 12, 2021 · 20 min · oblivious observer

Tinc different! - Part I: The Fellowship of the Ping

This is a post about tinc - a nifty little Mesh VPN service. It is also the first part of a little series of posts related to tinc and NixOS. In this first part I’ll just write a bit about how to set up tinc, then in the second part I’ll take a closer look into how writing a NixOS module can managing tinc networks easier. And finally in the third part I’ll present a rewrite of the module with a bunch more features....

April 3, 2021 · 10 min · oblivious observer

Blogging with orgmode, hugo and nix

How I yet again decided to set up another iteration of this blog. This time using nix, hugo and of course orgmode.. Introduction This is my third attempt of setting up an easy to use blogging workflow. The first time I chose to try out use ox-hugo as well as github pages. Initially everything worked, but I quickly stopped writing posts because my initial setup using a single orgmode file with ox-hugo did not match my notetaking workflow, where I basically generate a bunch of random files and some of them get reworked or updated enough for me to think about publishing them....

March 22, 2021 · 13 min · oblivious observer

Including noweb snippets in orgmode

This is a bit of a strange one, but in case anyone else goes down the rabbit hole of using noweb inside orgmode, this might be interesting. noweb syntax provides a really nifty way to split up or even autogenerate code blocks in orgmode documents. When writing literate documents noweb syntax also provides one with a way of staying on topic, whenever these files become more complex. If you’ve never used noweb syntax in orgmode you should definitely look it up....

September 14, 2020 · 2 min · oblivious observer

NixOS encrypted VM installation

In this post I’ll describe how to set up a sparse VM image with full disk encryption and NixOS on ZFS, which can be uploaded to a VPS provider and then unlocked on boot using ssh. First we need to create a virtual machine image file. Initially I tried using qemu-img, but somehow the image file was missing some information and the VM would not recognize a disk. Instead I went with the easy way and used virt-manager to create a new VM with the correct image size....

August 29, 2020 · 6 min · oblivious observer

NixOS on ZFS Install Script

This is a rather short post and the start of what will hopefully become a nice little series of posts related to NixOS. I just had to bulk install NixOS on a bunch of Intel NUCs, here is a little script to automate the installation process. Some bits and pieces are taken from other installation scripts, but it’s been a while, so I don’t know who to credit for them, I’m fairly sure this wonderful post from the NixOS discourse was involved though....

August 26, 2020 · 3 min · oblivious observer

Introducing oblivious

There is a new static site generator on the block.. also hello world.. Update (2021): guess what, I’m back to hugo.. Not necessarily because I started to dislike the idea of oblivious, I think it still is a pretty interesting concept and I particularly love the idea of being able to create a site, while having minimal dependencies and being pretty much language agnostic. The reason I switched was that on the one hand I got a bit more involved with NixOS, which seems to be even better suited to some of the things oblivious ended up taking care of (such as fetching resources) and on the other hand I just want to be able to publish something by pressing a bunch of keys without having to actively maintain the underlying tooling....

August 22, 2020 · 4 min · oblivious observer

Introducing a Boot Environment Manager for Proxmox

This post introduces a fork of the FreeBSD beadm utility which can be used to manage Boot Environments on Proxmox ZFS Installations. In this Post I will showcase how to use the beadm Boot Environment manager in Proxmox. After the showcase there are some notes on what I did to make beadm run on Linux in general and finally a part about what has been changed in order to make beadm work with Proxmox specifically....

October 29, 2019 · 17 min · oblivious observer

Proof of Concept: Adding Boot Environments to Proxmox VE 6

Dear Reader, this time I would like to invite you onto a small journey: To boldly go where no man has gone before (Alright, that’s not true, but I think it’s the first time someone documents this kind of thing in the context of Proxmox). We’re about to embark on a journey to make your Proxmox host quite literally immortal. Also since what we are essentially doing here is only a Proof of concept, you probably shouldn’t use it in production, but as it’s really amazing, so you might want to try it out in a test environment....

August 28, 2019 · 29 min · oblivious observer

Encrypting Proxmox VE 6: ZFS, LUKS, systemd-boot and Dropbear

This describes how to set up a fully encrypted Proxmox VE 6 host with ZFS root and unlocking it remotely using the dropbear ssh server. Also it describes how you can do that, while keeping systemd-boot and thus also the pve tooling intact. (I’m not sure if the pve tooling still works if you replace systemd-boot with grub, which seems to be the common solution to creating this kind of setup, maybe it does....

August 23, 2019 · 10 min · oblivious observer