Notes

It was surprisingly tricky to setup an Arch LXC on top of Proxmox. Some notes: The latest template is here. And I found that link from the official Arch wiki. I had to enable nesting, before I started the container for the first time. Otherwise, it never seemed to connect to the network. The template doesn’t have OpenSSH in it. So, I had to use a password for the root user during setup and disable it later. First time setup, from the Proxmox LXC console: ...

I rent SFTP storage from rsync.net. It took me awhile to figure out how to properly mount it on my Proxmox Backup Server but, in the end, looks quite simple. (This should work for Hetzner Storage Boxes as well.) First, install sshfs or something. Second, put the following in the /etc/fstab file: [email protected]:proxmox-backup-server/mnt/datastore/local-1 /mnt/rsyncnet fuse.sshfs x-systemd.automount,reconnect,identityfile=/root/.ssh/id_ed25519,allow_other,uid=34,gid=34 0 0 I believe the corresponding mount command, for manual mount, is: mount -t fuse.sshfs \ [email protected]:pbs \ /mnt/rsyncnet \ -o reconnect,IdentityFile=/root/.ssh/id_ed25519,allow_other,uid=34,gid=34 Third, you can’t directly create a datastore from PBS’s UI. Instead, create a dummy one (with an arbitrary directory on host) and then switch the location for that with the one above by modifying the /etc/proxmox-backup/datastore.cfg file. ...

I had a large Docker Compose project on a Proxmox LXC and I recently decided to migrate that to a new VM. So, in addition to code, I had to create an exact copy of my Docker volume and non-volume data. Here’s how I did that. First, a few things to note: I used the destination VM to trigger the rsync command. I used sudo on both sides because the files were owned by multiple arbitrary users. (This complicated things a bit.) I had to do the following in order. (Earlier, I didn’t docker compose create and ran into this error.) rsync the Docker Compose code. docker compose create on the destination. rsync Docker volume data. (I did this twice actually: once, while the project was up on the source and once after bringing it down. This helped me decrease overall downtime.) docker compose up -d or whatever on the destination. Second, I used something like the following to create exact copies: ...

I recently setup Step CA in my homelab. Proxmox UI allows setting up ACME only through Let’s Encrypt, but apparently you can setup other providers through the command line. So, this is how I went about it. cp /root/root_CA.crt /usr/local/share/ca-certificates/homelab.crt update-ca-certificates # For Proxmox VE pvenode acme account register self-hosted-ca foo@bar --directory https://web-server-1.lan.ketanvijayvargiya.com:12001/acme/acme/directory # Or for Proxmox Backup Server proxmox-backup-manager acme account register self-hosted-ca foo@bar --directory https://web-server-1.lan.ketanvijayvargiya.com:12001/acme/acme/directory

Update: I (re)(re)setup Step CA in my homelab, hopefully for the last time! The following is from 2024-10-19 with updates from this week’s learnings. I recently (re)setup a Step CA instance in my homelab. By default, the root certificate generated by Step CA has a validity of 10 years, but I wanted that to be longer. So: docker run --rm -it \ -v ~/app-data/step-ca:/home/step smallstep/step-ca \ step certificate create "SelfHostedCA" root_ca.crt root_ca_key \ --profile root-ca \ --not-after 2100-01-01T00:00:00Z \ --no-password \ --insecure # Validate the actual expiration on the root certificate. openssl x509 -in stepca/certs/root_ca.crt -noout -text I then generated an intermediate {cert, key} pair: ...

Note: Previous version here. Some cities aren’t stroller friendly. For example, Rome (because of its cobbled streets) or Venice (because of narrow streets and staircased bridges). Still, it’s impractical to travel here without a stroller. Maybe get a light one. Some cities may not have enough train connections between them. (For e.g., Naples to Sorrento.) So, book trains early for those. If you expect warm weather, take shorts even if some random blogs cite culture reasons for not doing so.

Here’s how I configured Proxmox (and Proxmox Backup Server) to send notifications to Ntfy through their webhook method. POST URL: https://ntfy.sh/{{ secrets.channel }} Headers: X-Title: {{ title }} Markdown: Yes Priority: low Authorization: Bearer {{ secrets.token }} Body: {{ severity }} {{ message }} Secrets: channel token Here’s a screenshot:

I one day woke up in the morning to the following error on my Proxmox server: Apr 20 00:06:20 pve kernel: e1000e 0000:00:1f.6 eno1: NIC Link is Down Apr 20 00:06:20 pve kernel: vmbr0: port 1(eno1) entered disabled state Apr 20 00:06:23 pve kernel: e1000e 0000:00:1f.6 eno1: NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx Apr 20 00:06:23 pve kernel: vmbr0: port 1(eno1) entered blocking state Apr 20 00:06:23 pve kernel: vmbr0: port 1(eno1) entered forwarding state 2025-04-20T00:14:45.918353-07:00 pve kernel: [1789014.672581] e1000e 0000:00:1f.6 eno1: Detected Hardware Unit Hang: After some digging, I added the following to the /etc/network/interfaces file. Haven’t seen that error again in at least a few months: ...

Different aspects of the job: Project delivery. Big picture thinking. Could be both vision or strategy. Mentorship. Different skills they need: Technical skills. Product management. Project management. People skills: how to organize people to work as a team, grow their careers etc. Different archetypes, i.e. style of work they do: Team lead: usually a starting point for a Staff engineer, something they transition into from a senior engineering role. Architect. Solvers: usually present in teams that place more emphasis on individual contributions than on teams. Right hands: borrow power from and act as proxies for senior leadership.