Rewrote the whole website to get rid on a heavy theme

content/docs/gentoo/_index.md

@@ -0,0 +1,8 @@
+---
+title: "Gentoo"
+linkTitle: "Gentoo"
+weight: 1
+description: >
+  Gentoo related articles
+---
+

content/docs/gentoo/installation.md

@@ -0,0 +1,231 @@
+---
+title: "Installation"
+linkTitle: "installation"
+weight: 1
+description: >
+  Installation of a gentoo system
+---
+
+## Installation media
+
+You can get a bootable iso or liveusb from https://www.gentoo.org/downloads/. I recommend the minimal one. To create a bootable usb drive juste use `dd` to copy the image on it. Then boot on this brand new installation media.
+
+Once you boot on the installation media, you can start sshd and set a temporary password and proceed with the installation more confortably from another machine :
+
+{{< highlight sh >}}
+/etc/init.d/sshd start
+passwd
+{{< /highlight >}}
+
+## Partitionning
+
+There are several options depending on wether you need soft raid, full disk encryption or a simple root device with no additional complications. It will also differ if you are using a virtual machine or a physical one.
+
+{{< highlight sh >}}
+fdisk /dev/sda
+g
+n
+1
+2048
++2M
+t
+1
+4
+
+n
+2
+6144
++512M
+t
+2
+1
+
+n
+3
+1054720
+
+w
+mkfs.ext4 /dev/sda3
+mkfs.fat -F 32 -n efi-boot /dev/sda2
+mount /dev/sda3 /mnt/gentoo
+{{< /highlight >}}
+
+## Get the stage3 and chroot into it
+
+Get the stage 3 installation file from https://www.gentoo.org/downloads/. I personnaly use the non-multilib one from the advanced choices, since I am no longer using and 32bits software except steam, and I use steam from a multilib chroot.
+
+Put the archive on the server in /mnt/gentoo (you can simply wget it from there), then extract it :
+{{< highlight sh >}}
+tar xpf stage3-*.tar.xz --xattrs-include='*.*' --numeric-owner
+mount /dev/sda2 boot
+mount -t proc none proc
+mount -t sysfs none sys
+mount -o rbind /dev dev
+cp /etc/resolv.conf etc/
+chroot .
+{{< /highlight >}}
+
+## Initial configuration
+
+We prepare the local language of the system :
+{{< highlight sh >}}
+env-update && source /etc/profile
+echo 'LANG="en_US.utf8"' > /etc/env.d/02locale
+sed '/#en_US.UTF-8/s/#//' -i /etc/locale.gen
+locale-gen
+source /etc/profile
+{{< /highlight >}}
+
+We set a loop device to hold the portage tree. It will be formatted with optimisation for the many small files that compose it :
+{{< highlight sh >}}
+mkdir -p /srv/gentoo-distfiles
+truncate -s 10G /portage.img
+mke2fs  -b 1024 -i 2048 -m 0 -O "dir_index" -F /portage.img
+tune2fs -c 0 -i 0 /portage.img
+mkdir /usr/portage
+mount -o loop,noatime,nodev /portage.img /usr/portage/
+{{< /highlight >}}
+
+We set default compilation options and flags. If you are not me and cannot rsync this location, you can browse it from https://packages.adyxax.org/x86-64/etc/portage/ :
+{{< highlight sh >}}
+rsync -a --delete packages.adyxax.org:/srv/gentoo-builder/x86-64/etc/portage/ /etc/portage/
+sed -i /etc/portage/make.conf -e s/buildpkg/getbinpkg/
+echo 'PORTAGE_BINHOST="https://packages.adyxax.org/x86-64/packages/"' >> /etc/portage/make.conf
+{{< /highlight >}}
+
+We get the portage tree and sync the timezone
+{{< highlight sh >}}
+emerge --sync
+{{< /highlight >}}
+
+## Set hostname and timezone
+
+{{< highlight sh >}}
+export HOSTNAME=XXXXX
+sed -i /etc/conf.d/hostname -e /hostname=/s/=.*/=\"${HOSTNAME}\"/
+echo "Europe/Paris" > /etc/timezone
+emerge --config sys-libs/timezone-data
+{{< /highlight >}}
+
+## Check cpu flags and compatibility
+
+TODO
+{{< highlight sh >}}
+emerge cpuid2cpuflags -1q
+cpuid2cpuflags
+gcc -### -march=native /usr/include/stdlib.h
+{{< /highlight >}}
+
+## Rebuild the system
+
+{{< highlight sh >}}
+emerge --quiet -e @world
+emerge --quiet dosfstools app-admin/logrotate app-admin/syslog-ng app-portage/gentoolkit dev-vcs/git bird openvpn htop net-analyzer/tcpdump net-misc/bridge-utils sys-apps/i2c-tools sys-apps/pciutils sys-apps/usbutils sys-boot/grub sys-fs/ncdu sys-process/lsof
+{{< /highlight >}}
+
+## Grab a working kernel
+
+Next we need to Grab a working kernel from our build server along with its modules. If you don't have one already, you have some work to do!
+
+Check the necessary hardware support with :
+{{< highlight sh >}}
+i2cdetect -l
+lspci -nnk
+lsusb
+{{< /highlight >}}
+
+TODO specific page with details on how to build required modules like the nas for example.
+{{< highlight sh >}}
+emerge gentoo-sources genkernel -q
+...
+{{< /highlight >}}
+
+## Final configuration steps
+
+### fstab
+
+{{< highlight sh >}}
+# /etc/fstab: static file system information.
+#
+#<fs>         <mountpoint>  <type>  <opts>              <dump/pass>
+/dev/vda3     /             ext4    noatime             0  1
+/dev/vda2     /boot         vfat    noatime             1  2
+/portage.img  /usr/portage  ext2    noatime,nodev,loop  0  0
+{{< /highlight >}}
+
+### networking
+{{< highlight sh >}}
+echo 'hostname="phoenix"' > /etc/conf.d/hostname
+echo 'dns_domain_lo="adyxax.org"
+config_eth0="192.168.1.3 netmask 255.255.255.0"
+routes_eth0="default via 192.168.1.1"' > /etc/conf.d/net
+cd /etc/init.d
+ln -s net.lo net.eth0
+rc-update add net.eth0 boot
+{{< /highlight >}}
+
+### Grub
+
+TODO especially the conf in /etc/default/grub when using an encrypted /
+{{< highlight sh >}}
+{{< /highlight >}}
+
+### /etc/hosts
+
+{{< highlight sh >}}
+scp root@collab-jde.nexen.net:/etc/hosts /etc/
+{{< /highlight >}}
+
+### root account access
+
+{{< highlight sh >}}
+mkdir -p /root/.ssh
+echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDN1ha6PFKgxF3MSWUlDaruVVpj3UzoiN4IJEvDrCnDbIW8xu+TclbeGJSRXXBbqRKeUfhX0GDA7cvSUIAz2U7AGK7wq5tbzJKagVYtxcSHBSi6dZR9KGb3eoshnrCeFzem1jWXG02PZJGvjB+ml3QhUguyAqm9q0n/NL6zzKhGoKiELO+tQghGIY8jafRv4rE4yyXZnwuCu8JI9P8ldGhKgOPeOdKIVTIVezUmKILWgAF+Hg7O72rQqUua9sdoK1mEYme/wgu0bQbvN26owGgBAgS3uc2nngLD01TZToG/wC1wH9A3KxT6+3akjRlPfLOY0BuK4OBGEGm6e0KZrIMhUr8fHQ8nmTmBqw7puI0gIXYB2EjhpsQ7TijYVqLYXbyxaXYyqisgY0QRWC7Te5Io6TSgorfXzi7zrcQGgWByHkhxTylf36LYSKWEheIQIRqytOdGqeXagFMz2ptLFKk4dA61LS5fPXIJucdghvnmLPml8cO9/9VHQ7gq7DxQu7sIwt/W13yTTUyI9DSHwxeHUwECzxAb5pOVL6pRjTMH8q1/eAMl35TFSh6s5tGvvHGz9+gMlE9A2Pv8CyXDBmXV6srrwxTSlglnmgdq6c9w3VtBKu572/z0cS6vqZMgEno4rIiwyhqNWdjbMXYw/U0q/w5XC9zCcSuluxvaY14qqQ== adyxax
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDMdBAFjENiPMTtq90GT3+NZ68nfGxQiRExaYYnLzm1ecmulCvsuA4AOpeLY6f+FWe+ludiw7nhrXzssDdsKBy0QL+XQyvjjjW4X+k9MYhP1gAWXEOGJnjJ/1ovEsMt++6fLyNKLUTA46kErbEehDs22r+rIiEKatrn0BNrJcRI94H44oEL1/ImzVam0cSBL0tPiaJxe60sBs7M76zfyFtVdMGkeuBpS7ee+FLA58fsS3/sEZmkas8MT0QdvZz1y/66MknXYbIaqDSOUACXGF4yVKpogLRRJ1SgNo1Ujo/U3VOR1O4CiQczsZOcbSdjgl0x3fJb7BaIxrZy9iW2I7G/L/chfTvRws+x1s1y5FNZOOiXMCdZjhgLaRwb6p5gMsMVn9sJbhDjmejcAkBKQDkzbvxxhfVkH225FoVXA9YF0msWLyOEyZQYbA8autLDJsAOT5RDfw/G82DQBufAPEBR/bPby0Hl5kjqW75bpSVxDvzmKwt3EpITg9iuYEhvYZ/Zq5qC1UJ54ZfOvaf0PsTUzFePty6ve/JzfxCV1XgFQ+B8l4NSz11loDfNXSUngf7lL4qu5X4aN6WmLFO1YbyFlfpvt3K1CekJmWVeE5mV9EFTUJ4ParVWRGiA4W+zaCOsHgRkcGkp4eYGyWW8gOR/lVxYU2IFl9mbMrC9bkdRbQ== hurricane' > /root/.ssh/authorized_keys
+passwd
+{{< /highlight >}}
+
+### Add necessary daemons on boot
+{{< highlight sh >}}
+rc-update add syslog-ng default
+rc-update add cronie default
+rc-update add sshd default
+{{< /highlight >}}
+
+## TODO
+
+{{< highlight sh >}}
+net-firewall/shorewall
+...
+rc-update add shorewall default
+sed '/PRODUCTS/s/=.*/="shorewall"/' -i /etc/conf.d/shorewall-init
+rc-update add shorewall-init boot
+
+net-analyzer/fail2ban
+echo '[sshd]
+enabled  = true
+filter = sshd
+ignoreip = 127.0.0.1/8  10.1.0.0/24  37.187.103.36  137.74.173.247  90.85.207.113
+bantime  = 3600
+banaction = shorewall
+logpath = /var/log/messages
+maxretry = 3' > /etc/fail2ban/jail.d/sshd.conf
+rc-update add fail2ban default
+
+app-emulation/docker
+/etc/docker/daemon.json
+{ "iptables": false }
+rc-update add docker default
+
+app-emulation/lxd
+rc-update add lxd default
+{{< /highlight >}}
+
+## References
+
+- http://blog.siphos.be/2013/04/gentoo-protip-using-buildpkgonly/
+- https://wiki.gentoo.org/wiki/Genkernel
+- https://wiki.gentoo.org/wiki/Kernel/Configuration
+- https://wiki.gentoo.org/wiki/Kernel
+- https://forums.gentoo.org/viewtopic-t-1076024-start-0.html
+- https://wiki.gentoo.org/wiki/Binary_package_guide#Setting_up_a_binary_package_host

content/docs/gentoo/kernel_upgrades.md

@@ -0,0 +1,45 @@
+---
+title: "Gentoo Kernel Upgrades"
+linkTitle: "Kernel Upgrades"
+weight: 1
+description: >
+  Gentoo kernel upgrades on adyxax.org
+---
+# Gentoo kernel upgrades
+
+## Building on collab-jde
+
+{{< highlight sh >}}
+PREV_VERSION=4.14.78-gentoo
+eselect kernel list
+eselect kernel set 1
+cd /usr/src/linux
+for ARCHI in `ls /srv/gentoo-builder/kernels/`; do
+    make mrproper
+    cp /srv/gentoo-builder/kernels/${ARCHI}/config-${PREV_VERSION} .config
+    echo "~~~~~~~~~~ $ARCHI ~~~~~~~~~~"
+    make oldconfig
+    make -j5
+    INSTALL_MOD_PATH=/srv/gentoo-builder/kernels/${ARCHI}/ make modules_install
+    INSTALL_PATH=/srv/gentoo-builder/kernels/${ARCHI}/ make install
+done
+{{< / highlight >}}
+
+## Deploying on each node :
+
+{{< highlight sh >}}
+export VERSION=5.4.28-gentoo-x86_64
+wget http://packages.adyxax.org/kernels/x86_64/System.map-${VERSION} -O /boot/System.map-${VERSION}
+wget http://packages.adyxax.org/kernels/x86_64/config-${VERSION} -O /boot/config-${VERSION}
+wget http://packages.adyxax.org/kernels/x86_64/vmlinuz-${VERSION} -O /boot/vmlinuz-${VERSION}
+rsync -a --delete collab-jde.nexen.net:/srv/gentoo-builder/kernels/x86_64/lib/modules/${VERSION} /lib/modules/
+eselect kernel set 1
+cd /usr/src/linux
+cp /boot/config-${VERSION} .config
+cp /boot/System.map-${VERSION} System.map
+(cd usr ; make gen_init_cpio)
+make modules_prepare
+emerge @module-rebuild
+genkernel --install initramfs --ssh-host-keys=create-from-host
+grub-mkconfig -o /boot/grub/grub.cfg
+{{< / highlight >}}

content/docs/gentoo/lxd.md

@@ -0,0 +1,38 @@
+---
+title: "LXD"
+linkTitle: "LXD"
+weight: 1
+description: >
+  How to setup a LXD server
+---
+
+{{< highlight sh >}}
+touch /etc{/subuid,/subgid}
+usermod --add-subuids 1000000-1065535 root
+usermod --add-subgids 1000000-1065535 root
+emerge -q app-emulation/lxd
+/etc/init.d/lxd start
+rc-update add lxd default
+{{< /highlight >}}
+
+{{< highlight sh >}}
+myth /etc/init.d # lxd init
+Would you like to use LXD clustering? (yes/no) [default=no]:
+Do you want to configure a new storage pool? (yes/no) [default=yes]:
+Name of the new storage pool [default=default]:
+Would you like to connect to a MAAS server? (yes/no) [default=no]:
+Would you like to create a new local network bridge? (yes/no) [default=yes]: no
+Would you like to configure LXD to use an existing bridge or host interface? (yes/no) [default=no]: yes
+Name of the existing bridge or host interface: lxdbr0
+Would you like LXD to be available over the network? (yes/no) [default=no]: yes
+Address to bind LXD to (not including port) [default=all]: 10.1.0.247
+Port to bind LXD to [default=8443]:
+Trust password for new clients:
+Again:
+Invalid input, try again.
+
+Trust password for new clients:
+Again:
+Would you like stale cached images to be updated automatically? (yes/no) [default=yes]
+Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]:
+{{< /highlight >}}

content/docs/gentoo/steam.md

@@ -0,0 +1,65 @@
+---
+title: "Steam"
+linkTitle: "Steam"
+weight: 1
+description: >
+  How to make steam work seamlessly on gentoo with a chroot
+---
+
+I am not using a multilib profile on gentoo (I use amd64 only everywhere), so when the time came to install steam I had to get a little creative. Overall I believe this is the perfect
+way to install and use steam as it self contains it cleanly while not limiting the functionalities. In particular sound works, as does the hardware acceleration in games. I tried to
+achieve that with containers but didn't quite made it work as well as this chroot setup.
+
+## Installation notes
+
+Note that there is no way to provide a "most recent stage 3" installation link. You will have to browse http://distfiles.gentoo.org/releases/amd64/autobuilds/current-stage3-amd64/
+and adjust the download url manually bellow :
+
+{{< highlight sh >}}
+mkdir /usr/local/steam
+cd /usr/local/steam
+wget http://distfiles.gentoo.org/releases/amd64/autobuilds/current-stage3-amd64/stage3-amd64-20190122T214501Z.tar.xz
+tar -xvpf stage3*
+rm stage3*
+cp -L /etc/resolv.conf etc
+mkdir usr/portage
+mkdir -p srv/gentoo-distfiles
+mount -R /dev dev
+mount -R /sys sys
+mount -t proc proc proc
+mount -R /usr/portage usr/portage
+mount -R /usr/src usr/src
+mount -R /srv/gentoo-distfiles/ srv/gentoo-distfiles/
+mount -R /run run
+cp /etc/portage/make.conf etc/portage/
+sed -e '/LLVM_TARGETS/d' -e '/getbinpkg/d' -i etc/portage/make.conf
+rm -rf etc/portage/package.use
+cp /etc/portage/package.use etc/portage/
+cp /etc/portage/package.accept_keywords etc/portage/
+chroot . 
+env-update && source /etc/profile
+wget -P /etc/portage/repos.conf/ https://raw.githubusercontent.com/anyc/steam-overlay/master/steam-overlay.conf
+emaint sync --repo steam-overlay
+emerge dev-vcs/git -q
+emerge --ask games-util/steam-launcher
+useradd -m -G audio,video steam
+{{< /highlight >}}
+
+## Launch script
+
+Note that we use `su` and not `su -` since we need to preserve the environment. If you don't you won't get any sound in game. The pulseaudio socket is shared through the mount of
+/run inside the chroot :
+{{< highlight sh >}}
+su
+cd /usr/local/steam
+mount -R /dev dev
+mount -R /sys sys
+mount -t proc proc proc
+mount -R /usr/portage usr/portage
+mount -R /usr/src usr/src
+mount -R /run run
+chroot . 
+env-update && source /etc/profile
+su steam
+steam
+{{< /highlight >}}