diff --git a/docs/desktop-os/posts/02-gentoo-openrc-install.md b/docs/desktop-os/posts/02-gentoo-openrc-install.md index 0cb6a71..a261631 100644 --- a/docs/desktop-os/posts/02-gentoo-openrc-install.md +++ b/docs/desktop-os/posts/02-gentoo-openrc-install.md @@ -214,7 +214,7 @@ PORTAGE_LOGDIR_CLEAN="find \"\${PORTAGE_LOGDIR}\" -type f ! -name \"summary.log* ACCEPT_LICENSE="-* @FREE" # USE flags -USE="${USE} -debug -telemetry -modemmanager -ext* -ppp -systemd -elogind -X -kde -gnome -gtk-doc -webengine hardened dist-kernel udev initramfs hostonly secureboot modules-sign apparmor acpi networkmanager dbus hwaccel bash-completion man pam pipewire vulkan wayland jpeg png svg" #(2)! +USE="${USE} -debug -telemetry -modemmanager -ext* -ppp -systemd -elogind -X -kde -gnome -gtk-doc -webengine hardened dist-kernel udev initramfs hostonly secureboot modules-sign apparmor acpi networkmanager dbus hwaccel bash-completion man pam pipewire vulkan wayland eme-free jpeg png svg" #(2)! # Emerge flags EMERGE_DEFAULT_OPTS="${EMERGE_DEFAULT_OPTS} --with-bdeps y --quiet-build y" @@ -242,8 +242,8 @@ Configure some key aspects of the system: ``` shell-session sh# echo > /etc/hostname -sh# echo TZ="/usr/share/zoneinfo//" > /etc/env.d/timezone -sh# echo MUSL_LOCPATH="/usr/share/i18n/locales/musl" > /etc/env.d/musl_locales #(1)! +sh# echo TZ="/usr/share/zoneinfo//" > /etc/env.d/00tz +sh# echo MUSL_LOCPATH="/usr/share/i18n/locales/musl" > /etc/env.d/01locales #(1)! sh# env-update && source /etc/profile sh# eselect locale set #(2)! sh# rc-update add ntpd default @@ -599,4 +599,4 @@ For users to be able to modify connections on the system they will have to be ad ## Concluding remarks -This is the bare minimum for a Gentoo Linux desktop system. Some additional features such as bluetooth, laptop battery management, printer compatiblity, et cetera, have been documented well in the [Gentoo Wiki](https://wiki.gentoo.org/wiki/Main_Page), and can thus be found there. The next steps are the improvement of the security of the system and the configuration of the graphical session. \ No newline at end of file +This is the bare minimum for a Gentoo Linux desktop system. Some additional features such as bluetooth, laptop battery management, printer compatiblity, et cetera, have been documented well in the [Gentoo Wiki](https://wiki.gentoo.org/wiki/Main_Page), and can thus be found there. The next steps are the improvement of the security of the system and the configuration of the graphical session. diff --git a/docs/server-os/posts/01-alpine-install.md b/docs/server-os/posts/01-alpine-install.md index 8f3d0a9..2c9eace 100644 --- a/docs/server-os/posts/01-alpine-install.md +++ b/docs/server-os/posts/01-alpine-install.md @@ -154,7 +154,7 @@ sh# zfs create -o mountpoint=/home -o atime=off -o setuid=off -o devices=off -o Write the encryption key to TPM with `zlevis`: ``` shell-session -sh# zlevis encrypt rpool '{"pcr_ids":"0,1,7"}' < /tmp/rpool.key #(1)! +sh# zlevis encrypt rpool '{"pcr_ids":"0,5,7"}' < /tmp/rpool.key #(1)! ``` 1. See [zlevis functionality](https://docs.ampel.dev/zlevis/functionality/) to see the functionality of each `pcr_id`, and the other options that can be set. @@ -393,25 +393,26 @@ To configure Swap install `zram-init`: sh# apk add zram-init ``` -and add it to the default runlevel: +Configure `zram-init` to create a swap device of size one fourth of the ram size: + +``` shell title="/etc/conf.d/zram-init" +load_on_start="yes" +unload_on_stop="yes" +num_devices="1" + +type0="swap" +size0=`LC_ALL=C free -m | awk '/^mem:/{print int($2/4)}'` +maxs0=1 +algo0=zstd +labl0=zram_swap +``` + +and add `zram-init` to the default runlevel: ``` shell-session sh# rc-update add zram-init default ``` -Configure `zram-init` by editing: - -``` shell title="/etc/conf.d/zram-init" -num_devices= - -# swap - 500M - -#size0=512 -size0=`LC_ALL=C free -m | awk '/^mem:/{print int($2/4)}'` -``` - -Now the size of the swap device will be one fourth of the ram size. - ### Users To run applications securely, in an environment with fewer privileges, a user is necessary. @@ -455,4 +456,4 @@ root:x:0:0:root:/root:/sbin/nologin ## Concluding remarks -This is essentially it, you now have a fully operational alpine base system running, configured for server use. The next steps are the improvement of the security of the system and the configuration of the container management software. \ No newline at end of file +This is essentially it, you now have a fully operational alpine base system running, configured for server use. The next steps are the improvement of the security of the system and the configuration of the container management software. diff --git a/docs/server-os/posts/03-container-management-podman-runit.md b/docs/server-os/posts/03-container-management-podman-runit.md index 384785f..ebdcfa1 100644 --- a/docs/server-os/posts/03-container-management-podman-runit.md +++ b/docs/server-os/posts/03-container-management-podman-runit.md @@ -104,7 +104,7 @@ sh$ podman run --rm hello-world To run a single container create: -``` shell title="~/.config/sv//run" +``` shell title="~/.config/sv/{container-name}/run" #!/bin/sh command="/usr/bin/podman" @@ -360,4 +360,4 @@ Make it executable and link it to the service directory: ``` shell-session sh$ chmod +x ~/.config/sv/caddy/run sh$ ln -s /.config/sv/caddy /.local/service -``` \ No newline at end of file +``` diff --git a/mkdocs.yml b/mkdocs.yml index fdf4420..5b03df1 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -1,6 +1,6 @@ site_name: Ampel Blog site_url: https://blog.ampel.dev -copyright: This work is dedicated to the public domain under the Creative Commons CC0 public domain dedication. +copyright: "\copyright 2022-2025 Ampel Authors: This work is licensed under the CC-BY-NC-SA-4.0 license" repo_name: ampel/blog repo_url: https://git.ampel.dev/ampel/blog @@ -69,4 +69,4 @@ nav: - 'Desktop OS': - desktop-os/index.md - 'Server OS': - - server-os/index.md \ No newline at end of file + - server-os/index.md