From a099c9484837676765806878a394a3ca019b2f8c Mon Sep 17 00:00:00 2001
From: pablo <pablomartincalvo@gmail.com>
Date: Sun, 12 Feb 2023 11:34:05 +0100
Subject: [PATCH 01/10] stuff

---
 cosillas_router.md | 12 ------------
 dirty_little.md    |  7 -------
 to_access.md       |  3 ---
 3 files changed, 22 deletions(-)
 delete mode 100644 cosillas_router.md
 delete mode 100644 dirty_little.md
 delete mode 100644 to_access.md

diff --git a/cosillas_router.md b/cosillas_router.md
deleted file mode 100644
index d305063..0000000
--- a/cosillas_router.md
+++ /dev/null
@@ -1,12 +0,0 @@
-# Router RMQiP
-
-Las cosillas que siempre me olvido:
-
-- Se accede en 192.168.1.1
-- El usuario es 1234
-- La clave es noesfacilvivirsinpi
-
-# Establecer IP fija en la red local
-
-- Ir al menu Network > LAN > DHCP Binding
-- Pegar MAC del dispositivo e IP a asignar
diff --git a/dirty_little.md b/dirty_little.md
deleted file mode 100644
index 16e0588..0000000
--- a/dirty_little.md
+++ /dev/null
@@ -1,7 +0,0 @@
-
-
-navaja pablo pass -> noesfacilvivirenunmundocentralizado
-banky pablo pass -> noesfacilvivirenunmundocentralizado
-umbrel pass -> noesfacilvivirenunmundocentralizado
-oli pablo pass -> Cdcbvpt8
-noesfacilvivirsinemail en gmail punto com -> noesfacilvivirsinpin
\ No newline at end of file
diff --git a/to_access.md b/to_access.md
deleted file mode 100644
index 82f9878..0000000
--- a/to_access.md
+++ /dev/null
@@ -1,3 +0,0 @@
-noesfacilvivirenunmundocentralizado
-
-

From 92d08fd29fdfd091e3ea3f4d6b74dff93bd1f5b0 Mon Sep 17 00:00:00 2001
From: pablo <pablomartincalvo@gmail.com>
Date: Sun, 26 Feb 2023 00:28:34 +0100
Subject: [PATCH 02/10] BUg on tailscaled hostinger

---
 tailscale.md | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/tailscale.md b/tailscale.md
index bdcee9c..98833cd 100644
--- a/tailscale.md
+++ b/tailscale.md
@@ -24,4 +24,17 @@ sudo tailscale up
 # your credentials.
 
 tailscale ip -4
-```
\ No newline at end of file
+```
+
+
+## TUN
+
+The first time I tried to run tailscale on a Hostinger VPS, I got the following
+error: `failed to connect to local tailscaled; it doesn't appear to be running 
+(sudo systemctl start tailscaled ?)`
+
+I read something about some stuff called `TUN` on a forum, and realised that
+the VPS panel in hostinger had a switch with the title: `TUN/TAP Adapter: It's 
+a virtual network adapter that will allow you to set up a VPN on your server.
+`. I activated it (comes off by default) and that did the trick.
+

From 56685189eeb3cbb69e5770305bcfca87f5c74d36 Mon Sep 17 00:00:00 2001
From: counterweight <counterweightoperator@protonmail.com>
Date: Wed, 1 Nov 2023 20:00:56 +0100
Subject: [PATCH 03/10] Some details on the NAS idea.

---
 ArgentoNAS/README.md | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 ArgentoNAS/README.md

diff --git a/ArgentoNAS/README.md b/ArgentoNAS/README.md
new file mode 100644
index 0000000..585e6ae
--- /dev/null
+++ b/ArgentoNAS/README.md
@@ -0,0 +1,22 @@
+# ArgentoNAS
+
+ArgentoNAS is my NAS server deployed in my parents place.
+
+
+## Hardware
+
+I'm looking at a humble desktop PC and starting out with a small NVME SSD for OS and 2x4TB HDDs for storage. I might expand at some point in the future.
+
+I made this hardware selection in Neobyte: www.neobyte.es/configurador-pc?conf=1af724d758b67
+Or this alternative in PCComponentes: https://www.pccomponentes.com/configurador/48Cc976dA
+
+## OS
+
+I'm gonna use TrueNAS just because it looks solid and is what apparently everyone out there is using.
+
+## Videos
+
+Here are some good videos explaining interesting stuff:
+
+- Super in depth explainer on ZFS RAID set ups: https://www.youtube.com/watch?v=-AnkHc7N0zM
+- How to replace failed drives in TrueNAS: https://www.youtube.com/watch?v=TvaK2I3LY68
\ No newline at end of file

From 7a09b6f811653b41db09a6b03c6b57316582a8eb Mon Sep 17 00:00:00 2001
From: pablo <pablomartincalvo@gmail.com>
Date: Thu, 2 Nov 2023 15:14:10 +0000
Subject: [PATCH 04/10] Actualizar 'ArgentoNAS/README.md'

---
 ArgentoNAS/README.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ArgentoNAS/README.md b/ArgentoNAS/README.md
index 585e6ae..611218c 100644
--- a/ArgentoNAS/README.md
+++ b/ArgentoNAS/README.md
@@ -8,7 +8,8 @@ ArgentoNAS is my NAS server deployed in my parents place.
 I'm looking at a humble desktop PC and starting out with a small NVME SSD for OS and 2x4TB HDDs for storage. I might expand at some point in the future.
 
 I made this hardware selection in Neobyte: www.neobyte.es/configurador-pc?conf=1af724d758b67
-Or this alternative in PCComponentes: https://www.pccomponentes.com/configurador/48Cc976dA
+
+Or this alternative in PCComponentes: https://www.pccomponentes.com/configurador/A1A888766
 
 ## OS
 

From 91f9627a9bf0556a5f6016ba191b49444cdb9c31 Mon Sep 17 00:00:00 2001
From: counterweight <counterweightoperator@protonmail.com>
Date: Mon, 20 Nov 2023 15:31:58 +0100
Subject: [PATCH 05/10] Stuff

---
 mounting_with_sshfs.md         | 30 ++++++++++++++++++++++++++
 proxmox_test_cluster/README.md | 39 ++++++++++++++++++++++++++++++++++
 2 files changed, 69 insertions(+)
 create mode 100644 mounting_with_sshfs.md
 create mode 100644 proxmox_test_cluster/README.md

diff --git a/mounting_with_sshfs.md b/mounting_with_sshfs.md
new file mode 100644
index 0000000..f74fa6e
--- /dev/null
+++ b/mounting_with_sshfs.md
@@ -0,0 +1,30 @@
+
+
+If you ever get this error when mounting:
+
+```
+fuse: failed to open mountpoint for reading: Too many levels of symbolic links
+```
+
+The solution is (got it from here https://blog.luukhendriks.eu/2019/01/25/sshfs-too-many-levels-of-symbolic-links.html)
+
+    I've found using sshfs for network mounts to be quite convenient. Especially on
+    my laptop, which I'm using on various places (i.e. outside of my own home, thus
+    outside of my own network): mounting `mydomain.nl:/some/path/on/my/server' will
+    be available to me everywhere, securely, because SSH.
+    
+    However, in certain situations sshfs can throw an error that left me puzzled
+    for quite some time, multiple times already.
+    
+    too many levels of symbolic links
+    
+    In my case, a fresh key pair on the server turned out to be the cause. The
+    sshfs was mounted by root (though as a normal user), but root had not connect
+    to the server after the key refresh. Ergo, the new fingerprint was not seen
+    before. How this results in an error about symbolic links is beyond me, but it
+    did. The Arch wiki points this caveat out as well:
+    
+    And most importantly, use each sshfs mount at least once manually while root so
+    the host's signature is added to the /root/.ssh/known_hosts file.
+    
+    Hope this saves someone from the headache it caused me.
diff --git a/proxmox_test_cluster/README.md b/proxmox_test_cluster/README.md
new file mode 100644
index 0000000..04511f2
--- /dev/null
+++ b/proxmox_test_cluster/README.md
@@ -0,0 +1,39 @@
+My notes on setting up a shitty 3-machines cluster to mess around with Proxmox clusters and HA.
+
+## Router issues
+
+Connecting three extra devices to the home network through wired connections is gonna get complicated because I'm running out of slots in my home router. From what I've read, I should buy a switch. There are "managed" switches (which offer config possibilities) and "unmanaged" or dumb switches that just... connect stuff. From what I've seen, I think I'm only gonna buy a dumb switch for now. 
+
+Today I tried to connect XQ1 to my network, but something is odd. When I tried to look for it's IP in the DHCP server of my router, I couldn't find it listed there. I have noticed that the config page of the DHCP server mentions that the IP range goes from `192.168.1.128` to `192.168.1.254`. I also remember vaguely that there was some config thingie about IPs when configuring proxmox during the install. I didn't paid any kind of attention when setting that up and just went ahead in full 'meh, whatever' style. So I probably fucked it up.
+
+I'm gonna reconfigure Proxmox again and pay attention this time. I probably need to set those network details right in proxmox so that the device is discoverable by the network.
+
+Okay, here's what I did:
+- For DNS server and Default Gateway fields: the right values can be found in the DHCP server of the router config webpage.
+- As for the IP: I set an IP within the DHCP server. I saw in a video that this might become a problem because if the DHCP server assigns another IP to that address a conflict can appear, but yeah, whatevah.
+- Once everything is set up, the device is reachable at the IP that was configured in Proxmox EVEN THOUGH it doesn't appear in the device list of the DHCP devices. From the little I understand, the Proxmox box sets it's own IP and does not rely on the router providing an IP for it, so that's the reason it doesn't appear there.
+
+
+To make the proxmox box reachable by name instead of IP, I had to:
+- Create an entry in the DNS Server of the router
+- Follow these instructions to add the router DNS server so that Oli's Ubuntu would pick it up and use it: https://askubuntu.com/questions/1280277/how-to-change-dns-server-permanently-on-ubuntu-20-04
+
+
+Today I decided I wanna change the IP of xq1 to put it outside of my router's DHCP server range. My planned set up would be the following:
+
+- xq1: 192.168.1.11  
+- xq2: 192.168.1.12
+- xq3: 192.168.1.13
+
+
+## Node name issues
+
+Okay, another fuck up: all my nodes have the same hostname and apparently changing the hostname of an existing node is a complete and utter mess.
+
+I'm gonna reinstall proxmox once again on each node and add a proper hostname on each.
+
+## Links
+
+Links:
+- Full Proxmox Course: https://www.youtube.com/watch?v=5j0Zb6x_hOk&list=PLT98CRl2KxKHnlbYhtABg6cF50bYa8Ulo&index=1&pp=iAQB
+- Add DNS server in Ubuntu permanently: https://askubuntu.com/questions/1280277/how-to-change-dns-server-permanently-on-ubuntu-20-04
\ No newline at end of file

From d6b41b5e0f428aa5c2b4c2266c7c149632eb00f7 Mon Sep 17 00:00:00 2001
From: counterweight <counterweightoperator@protonmail.com>
Date: Sat, 23 Dec 2023 16:59:11 +0100
Subject: [PATCH 06/10] Stuff

---
 automatic_porkbun_cert_renewal/README.md | 21 +++++++++++++
 framework_screen_pains.md                | 39 ++++++++++++++++++++++++
 2 files changed, 60 insertions(+)
 create mode 100644 automatic_porkbun_cert_renewal/README.md
 create mode 100644 framework_screen_pains.md

diff --git a/automatic_porkbun_cert_renewal/README.md b/automatic_porkbun_cert_renewal/README.md
new file mode 100644
index 0000000..c3682dd
--- /dev/null
+++ b/automatic_porkbun_cert_renewal/README.md
@@ -0,0 +1,21 @@
+# Automatic Porkbun Cert Renewal
+
+I'm tired of manually setting up the certs on the Nginx server every 3 months.
+
+I've found this tool to do it: https://github.com/porkbundomains/certbun
+
+# How to deploy
+
+On navaja, clone this repo: https://github.com/porkbundomains/certbun
+
+Copy the `config.json.example` into a `config.json` file.
+
+Generate API keys following this: https://kb.porkbun.com/article/190-getting-started-with-the-porkbun-dns-api
+
+Set the right paths for the cert files
+
+For the web server reload command, I simply trigger a docker compose down and up since the Nginx is in a container.
+
+Run manually once to verify it all works fine.
+
+Afterwards, cron it.
diff --git a/framework_screen_pains.md b/framework_screen_pains.md
new file mode 100644
index 0000000..177bbbc
--- /dev/null
+++ b/framework_screen_pains.md
@@ -0,0 +1,39 @@
+# How to get the home office monitor working
+
+- Run the following commands
+
+```shell
+
+# Check output and note what's the name of the display
+xrandr --listmonitors
+DISPLAY_NAME="write_the_name_here"
+
+# Then run the following and copy what comes in the modeline after "Modeline"
+cvt 1920 1080 59.80
+
+# First generate a "modeline" by using cvt
+# Syntax is: cvt width height refreshrate
+
+cvt 1920 1080 59.80
+
+#this gives you:
+
+# 1920x1080 59.79 Hz (CVT) hsync: 66.96 kHz; pclk: 172.50 MHz
+Modeline "1920x1080_59.80"  172.50  1920 2048 2248 2576  1080 1083 1088 1120 -hsync +vsync
+
+# Now tell this to xrandr:
+
+xrandr --newmode "1920x1080_59.80"  172.50  1920 2048 2248 2576  1080 1083 1088 1120 -hsync +vsync
+
+# Then you can now add it to the table of possible resolutions of an output of your choice:
+
+xrandr --addmode ${DISPLAY_NAME} 1920x1080_59.80
+
+#The changes are lost after reboot, to set up the resolution persistently, create the file ~/.xprofile with the content:
+
+#!/bin/sh
+xrandr --newmode "1920x1080_59.80"  172.50  1920 2048 2248 2576  1080 1083 1088 1120 -hsync +vsync
+xrandr --addmode ${DISPLAY_NAME} 1920x1080_59.80
+
+
+```
\ No newline at end of file

From 6764e6d0941d3340c757ecc4105a1f0a7c92e8fe Mon Sep 17 00:00:00 2001
From: counterweight <counterweightoperator@protonmail.com>
Date: Sat, 23 Dec 2023 16:59:51 +0100
Subject: [PATCH 07/10] Stuff

---
 automatic_porkbun_cert_renewal/README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/automatic_porkbun_cert_renewal/README.md b/automatic_porkbun_cert_renewal/README.md
index c3682dd..cd0a6d0 100644
--- a/automatic_porkbun_cert_renewal/README.md
+++ b/automatic_porkbun_cert_renewal/README.md
@@ -19,3 +19,7 @@ For the web server reload command, I simply trigger a docker compose down and up
 Run manually once to verify it all works fine.
 
 Afterwards, cron it.
+
+# Quirky issues
+
+- Paths in crontab entry should be absolute, otherwise funky shit happens.
\ No newline at end of file

From 143ab7280dff4fd7a685648a8a5bba8f37906fca Mon Sep 17 00:00:00 2001
From: counterweight <counterweightoperator@protonmail.com>
Date: Sun, 14 Jan 2024 13:01:14 +0100
Subject: [PATCH 08/10] some stuff on vaultwarden

---
 vaultwarden/README.md | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/vaultwarden/README.md b/vaultwarden/README.md
index 5b6fc41..a0d612e 100644
--- a/vaultwarden/README.md
+++ b/vaultwarden/README.md
@@ -10,4 +10,11 @@ To prevent users from registering freely, activate the following env var:
 
 To activate the admin panel, you need to add the admin token as an env var, 
 like this: `ADMIN_TOKEN=<the-very-safe-token>`. Afterwards, you can enter the
-admin panel by adding `/admin` in the URL.
\ No newline at end of file
+admin panel by adding `/admin` in the URL.
+
+## How to create new users
+
+1. Go to the `docker-compose.yaml` and look for the env var `SIGNUPS_ALLOWED=false`.
+2. Turn it to `true` and restart the container.
+3. Have the user go to the web UI and create himself a user
+4. Harden the instance again by setting the env var back to false and rebooting the container.

From b035508c3ebd7b532962b0771d0acef56d364b97 Mon Sep 17 00:00:00 2001
From: counterweight <counterweightoperator@protonmail.com>
Date: Thu, 15 May 2025 12:25:08 +0200
Subject: [PATCH 09/10] stuff

---
 Radicale/setup.md | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100644 Radicale/setup.md

diff --git a/Radicale/setup.md b/Radicale/setup.md
new file mode 100644
index 0000000..8232cb9
--- /dev/null
+++ b/Radicale/setup.md
@@ -0,0 +1,37 @@
+# Radicale
+
+I'm tired of being held hostage by Google to have a calendar and contacts list.
+
+I've looked at options an decided to give it a shot at Radicale(https://radicale.org) as my selfhosted server and DAVx5 (https://www.davx5.com) as my android app.
+
+## Installing server
+
+I'll install the server on Frankie, redirect through Navaja.
+
+* I'm following these instructions: https://radicale.org/v3.html#simple-5-minute-setup
+- 
+
+I've crafted this nginx config:
+
+```
+    server {
+        listen 80;
+        server_name radicale.contrapeso.xyz;
+        return 301 https://$host$request_uri;
+    }
+
+    server {
+        listen 443 ssl;
+        server_name radicale.contrapeso.xyz;
+        ssl_certificate /certs/domain.cert.pem;
+        ssl_certificate_key /certs/private.key.pem;
+        ssl_trusted_certificate /certs/intermediate.cert.pem;
+
+    location / { # The trailing / is important!
+        proxy_pass        http://100.76.214.54:5232/radicale/; # The / is important!
+        proxy_set_header  X-Script-Name /radicale;
+        proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header  Host $http_host;
+        proxy_pass_header Authorization;
+    }
+```

From 5d92c7734f932d7122de0866243a646b808ed908 Mon Sep 17 00:00:00 2001
From: counterweight <counterweightoperator@protonmail.com>
Date: Thu, 15 May 2025 20:10:54 +0200
Subject: [PATCH 10/10] immich notes

---
 immich/setup.md | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 immich/setup.md

diff --git a/immich/setup.md b/immich/setup.md
new file mode 100644
index 0000000..310b6ce
--- /dev/null
+++ b/immich/setup.md
@@ -0,0 +1,11 @@
+# Immich setup
+
+* I'm following this:
+  + https://immich.app/docs/install/docker-compose
+* I've installed the project in the Barracuda HDD
+* Next I'm following this:
+  + https://immich.app/docs/install/post-install
+* Works just fine. I'll stick to the admin user for my own stuff
+* Next, I set up networking. The usual reverse proxy. Works fine.
+* Installed Android app, links easy.
+* Okay, only issue I had was that the backup from the graphene gallery to immich was failing silently. I quickly imagined it was an issue with nginx limiting upload sizes (I had a video that was 150Mb heavy). I changed the `client_max_body_size` in the `location` entry for Immich's `server` entry and raised it to 2gb. Then stuff works fine.