knowledgebase

Paritybit.ca Gemini-based Wiki
git clone https://git.sr.ht/~jbauer/knowledgebase
Log | Files | Refs | README

commit 0c163c94886510b1c56b09b05e9f40fc84c0dffe
parent 8c4176ceaece09b61ab2a235e03e929b33a9c470
Author: Jake Bauer <jbauer@paritybit.ca>
Date:   Mon, 11 Oct 2021 19:47:07 -0400

Update knowledgebase

Diffstat:
Ahomelab/openbsd-router.gmi | 153+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Mindex.gmi | 17+++++++++++++----
Arecipes/aloo-gobi.gmi | 44++++++++++++++++++++++++++++++++++++++++++++
Arecipes/barley-split-pea-stew.gmi | 35+++++++++++++++++++++++++++++++++++
Arecipes/bean-soup.gmi | 44++++++++++++++++++++++++++++++++++++++++++++
Arecipes/butternut-squash-soup.gmi | 40++++++++++++++++++++++++++++++++++++++++
Arecipes/overnight-oats.gmi | 22++++++++++++++++++++++
Arecipes/pancakes.gmi | 25+++++++++++++++++++++++++
Arecipes/red-lentil-stew.gmi | 47+++++++++++++++++++++++++++++++++++++++++++++++
Arecipes/sauces.gmi | 11+++++++++++
10 files changed, 434 insertions(+), 4 deletions(-)

diff --git a/homelab/openbsd-router.gmi b/homelab/openbsd-router.gmi @@ -0,0 +1,153 @@ +# OpenBSD Router + +## Hardware + +The hardware consists of an HP Compaq Pro 4300 SFF PC with the following specifications: + +* CPU: Intel Core i3-3220 +* RAM: 2x2GB DDR3 +* Storage: 120GB Crucial SSD +* 2x1GbE PCIe Ethernet Card +* 1x1GbE PCI Ethernet Card + +## Software + +There are three major software components to this router: + +* DHCP - dhcpd +* Firewall - pf +* DNS - unbound + +### DHCP + +DHCP is handled by dhcpd, configuration is in `/etc/dhcpd.conf`. + +This is the configuration: + +```/etc/dhcpd.conf +option domain-name "paritybit.ca"; + +subnet 10.0.0.0 netmask 255.255.255.0 { + option routers 10.0.0.1; + option domain-name-servers 10.0.0.1; + range 10.0.0.51 10.0.0.254; + host hades { + fixed-address 10.0.0.2; + hardware ethernet 70:85:c2:54:98:92; + } + host hecate { + fixed-address 10.0.0.3; + hardware ethernet a4:1f:72:61:f4:fc; + } + host cerberus { + fixed-address 10.0.0.4; + hardware ethernet b0:83:fe:9b:8a:e3; + } + host eurynomos { + fixed-address 10.0.0.5; + hardware ethernet f8:bc:12:87:39:93; + } +} +subnet 10.0.1.0 netmask 255.255.255.0 { + option routers 10.0.1.1; + option domain-name-servers 10.0.1.1; + range 10.0.1.3 10.0.1.254; +} +``` + +There are two subnets, one for LAN (10.0.0.0/24) and one for WLAN (10.0.1.0/24). + +There are reserved addresses for hades (my desktop), hecate (my test server), cerberus (my main server), and eurynomos (my NAS). The reserved addresses range for the LAN network is probably larger than it needs to be, but I won't have anywhere close to 200 devices/services anyways. + +### Firewall + +The firewall is handled by pf which stores its configuration at `/etc/pf.conf`. + +This is the basic configuration, with port-forwarding rules appended if needed: + +```/etc/pf.conf +WAN = "em0" +LAN = "em1" +WLAN = "bge0" + +table <martians> { 0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16 \ + 172.16.0.0/12 192.0.0.0/24 192.0.2.0/24 224.0.0.0/3 \ + 192.168.0.0/16 198.18.0.0/15 198.51.100.0/24 \ + 203.0.113.0/24 } + +# Set basic firewall settings +set block-policy drop +set loginterface egress +set skip on lo0 + +# Normalize incoming packets and perform NAT translation +match in all scrub (no-df random-id max-mss 1440) +match out on egress inet from !(egress:network) to any nat-to (egress:0) + +# Protect from spoofed addresses and block traffic to/from non-routables +block in from no-route +block in quick from urpf-failed +block in quick on egress from <martians> to any +block return out quick on egress from any to <martians> + +# Default deny incoming traffic +block all + +# Block all DNS requests not addressed to this router +block return in quick on $LAN proto { udp tcp } to ! $LAN port { 53 853 } +block return in quick on $WLAN proto { udp tcp } to ! $WLAN port { 53 853 } + +# Allow all outbound traffic +pass out quick inet + +# Allow internal LAN/WLAN traffic +pass in on { $LAN $WLAN } inet +``` + +### DNS + +DNS is provided by unbound which keeps its configuration at `/var/unbound/etc/unbound.conf`. + +Here is the configuration: + +```/var/unbound/etc/unbound.conf +server: + interface: 10.0.0.1 + interface: 10.0.1.1 + interface: 127.0.0.1 + + access-control: 127.0.0.1/8 allow + access-control: 10.0.0.0/24 allow + access-control: 10.0.1.0/24 allow + do-not-query-localhost: no + + hide-identity: yes + hide-version: yes + + cache-min-ttl: 3600 + prefetch: yes + + # Perform DNSSEC validation. + auto-trust-anchor-file: "/var/unbound/db/root.key" + val-log-level: 2 + + # Synthesize NXDOMAINs from DNSSEC NSEC chains. + # https://tools.ietf.org/html/rfc8198 + aggressive-nsec: yes + +forward-zone: + name: "." + forward-addr: 1.1.1.1 + +remote-control: + control-enable: yes + control-interface: /var/run/unbound.sock +``` + +Note that, because the WAN address is acquired with DHCP, the following is required in `/etc/dhclient.conf`: + +```/etc/dhclient.conf +interface "em0" { + ignore domain-name-servers; +} +``` diff --git a/index.gmi b/index.gmi @@ -15,13 +15,13 @@ **Note:** Any information contained in this knowledge base should not be constituted advice; it is simply information and notes I keep for myself. -# List of Articles +# List of Pages ## Homelab/Home Services => /homelab/openbsd-router.gmi OpenBSD Router -=> /homelab/freebsd-nas.gmi FreeBSD NAS => /homelab/freebsd-jail-based-server.gmi FreeBSD Jail-based Server +=> /homelab/freebsd-nas.gmi FreeBSD NAS => /homelab/backups Backups ## JadeRune.net @@ -31,9 +31,17 @@ ## Recipes -All recipes below are vegan and free of tree nuts unless otherwise noted (NV). +All recipes below are vegan and free of tree nuts unless otherwise noted. => /recipes/vinaigrettes.gmi Vinaigrettes +=> /recipes/sauces.gmi Sauces +=> /recipes/aloo-gobi.gmi Aloo Gobi +=> /recipes/bean-soup.gmi Bean Soup +=> /recipes/butternut-squash-soup.gmi Butternut Squash Soup +=> /recipes/red-lentil-stew.gmi Red Lentil Stew +=> /recipes/barley-split-pea-stew.gmi Barley and Split Pea Stew +=> /recipes/pancakes.gmi Pancakes +=> /recipes/overnight-oats.gmi Overnight Oats ## Other Notes @@ -43,6 +51,7 @@ Nothing here yet. ================================================================================ ``` -All content on this wiki is licensed under the Unlicense. +Unless otherwise noted, all content on this site is licensed under the CC0, Unlicense or equivalent applicable license. Attribution is appreciated, but not expected. => /unlicense.gmi Text of the Unlicense +=> https://creativecommons.org/publicdomain/zero/1.0/legalcode Text of the CC0 license diff --git a/recipes/aloo-gobi.gmi b/recipes/aloo-gobi.gmi @@ -0,0 +1,44 @@ +# Aloo Gobi + +## Tools & Cookware + +* Knife and cutting board +* Stirring implement +* Large pot + +## Ingredients + +* 3 Tbsp neutral-flavour oil (canola, vegetable, etc.) +* ½ tsp cumin seed +* 1 small onion +* 2 chile peppers +* 1 tsp ginger paste +* 2 tsp ground coriander +* ¼ tsp paprika +* ½ tsp turmeric powder +* ½ tsp cayenne pepper +* ½ tsp garam masala +* 2 medium baking potatoes +* 1 tsp salt +* ½ head cauliflower +* 2 tsp lemon juice + +## Preparation + +* Quarter and slice the onion +* Mince the chile peppers +* Peel and cut the potatoes into 2-3cm pieces +* Cut the cauliflower head into florets + +## Instructions + +* Heat 2 Tbsp oil over medium-high heat in the large pot +* Fry cumin seeds until they turn golden brown and begin to pop +* Reduce heat to medium and stir in the onion; cook until lightly browned +* Stir in pepper and ginger; fry for 1 minute +* Add coriander, paprika, turmeric, cayenne, garam masala; mix and cook until fragrant (~30 seconds) +* Stir potatoes and salt into the pot, cover, and cook for 5-7 minutes +* Add cauliflower, cover, and cook 20 minutes or until cauliflower is tender +* Stir in lemon juice +* Pour remaining 1 Tbsp oil around the edges of the pot +* Increase heat to medium-high and fry 3-5 minutes, stirring gently diff --git a/recipes/barley-split-pea-stew.gmi b/recipes/barley-split-pea-stew.gmi @@ -0,0 +1,35 @@ +# Barley and Split Pea Stew + +## Tools & Cookware + +* Knife and cutting board +* Stirring implement +* Medium-large soup/stock pot + +## Ingredients + +* 1 Tbsp oil +* 4 cups vegetable broth +* 1 cup pearl barley +* ½ cup yellow split peas +* ½ cup green split peas +* 1 medium yellow onion +* 4 cloves garlic +* 1 28oz can of tomatoes +* thyme, salt, pepper, paprika to taste + +## Preparation + +* Wash barley and split peas +* Dice onion +* Crush garlic + +## Instructions + +* Add the oil to the pot and heat on medium-high heat +* Sauté onions and garlic until onions are transparent +* Add barley and split peas +* Add the broth and the can of tomatoes +* Add thyme and paprika; mix well +* Bring to a boil, cover, lower the heat and simmer for 60-90 minutes +* Season with salt and pepper to taste diff --git a/recipes/bean-soup.gmi b/recipes/bean-soup.gmi @@ -0,0 +1,44 @@ +# Bean Soup + +## Tools & Cookware + +* Knife and cutting board +* Stirring implement +* Large soup/stock pot +* String to tie herbs together + +## Ingredients + +* 0.5kg of dried beans (just about any kind works) +* 1 large yellow onion +* 2 large carrots +* 2 large celery stalks +* 2 tbsp olive oil +* 2 cloves garlic +* 4 sprigs thyme +* salt and pepper + +## Preparation + +* Soak the beans in water overnight, covering them by 2-3cm of water +* Chop the onion, carrots, and celery into bite-sized pieces +* Crush the garlic +* Tie the sprigs of thyme together + +## Instructions + +* Add the olive oil and heat until shimmering +* Add the onion, carrots, and celery; sauté until onion is transparent +* Drain the water from the beans and rinse them; add them to the pot and mix +* Add the thyme bundle, garlic, and fresh water to cover the beans by 2-3cm of water +* Bring to a boil, cover and lower heat to simmer for 4 hours or until beans are soft but not mushy +* Remove the thyme bundle and season the soup to taste (see suggested seasonings) + +## Suggested Seasonings + +Aside from salt and pepper: + +* Thyme and tarragon for a French-style soup +* Cumin for Mexican-style +* Italian herbs for Italian-style +* Vegan or non-vegan sausages for heartiness (cook for an extra 20 minutes) diff --git a/recipes/butternut-squash-soup.gmi b/recipes/butternut-squash-soup.gmi @@ -0,0 +1,40 @@ +# Butternut Squash Soup + +## Tools & Cookware + +* Knife and cutting board +* Stirring implement +* Large soup/stock pot +* Immersion or counter-top blender + +## Ingredients + +* 1 Tbsp olive oil +* 1 medium onion +* 3 cloves garlic +* 2 tsp grated fresh ginger +* (Optional) 2 Tbsp tomato paste +* salt and pepper to taste (1 teaspoon each to start) +* 1/2 tsp thyme leaves +* 1 medium butternut squash +* 4 cups vegetable stock +* 3/4 cup coconut milk or half of a crusty loaf of bread + +## Preparation + +* Dice the onion +* Mince the garlic +* Finely chop the thyme leaves +* Peel and cut the squash into 2-3cm cubes +* If using bread, cut into 2-3cm cubes + +## Instructions + +* Heat a large pot over medium heat and heat the oil +* Add the onion, garlic, ginger, salt and pepper, and thyme; sauté until the onion is transparent +* (Optional) Add the tomato paste and mix +* Add the squash and mix +* Add the stock and mix (the liquid level should be slightly lower than the squash, adjust exact liquid amount as needed) +* Bring to a boil, cover and reduce heat to simmer the soup for 20 minutes, or until the squash is easily pierced by a fork +* Remove from the heat, add the coconut milk or bread (if using bread, mix well and let stand for 5 minutes, covered) +* Purée the soup with the immersion blender, or carefully scoop/pour into counter-top blender diff --git a/recipes/overnight-oats.gmi b/recipes/overnight-oats.gmi @@ -0,0 +1,22 @@ +# Overnight Oats + +## Tools & Cookware + +* A jar or bowl + +## Ingredients + +* ⅓ cup oats +* ¼ tsp cinnamon +* 1 tbsp chia seeds +* 1 tbsp peanut butter +* ½-⅓ cup oat milk +* ½ cup fresh or frozen fruit (blueberries work well) +* maple syrup + +## Instructions + +* Mix the dry ingredients together in the container +* Add the wet ingredients and the peanut butter and mix well +* Top with the fruit and a drizzle of maple syrup +* Cover and refrigerate overnight diff --git a/recipes/pancakes.gmi b/recipes/pancakes.gmi @@ -0,0 +1,25 @@ +# Pancakes + +## Tools & Cookware + +* Mixing bowl +* Stirring & spooning implement +* Non-stick/cast-iron pan + +## Ingredients + +* 1¼ cups all-purpose flour +* 2 tbsp sugar +* 2 tbsp baking soda +* ½ tsp salt +* 1¼ cups water +* 1 tbsp oil + +## Instructions + +* Mix the dry ingredients together +* Add the water and oil into the dry ingredients +* Mix until combined but still lumpy +* Heat the pan on medium-high heat +* Spoon 2-3 tbsp of the mixture into the pan and cook until done, flipping halfway through (this differs based on the heat and how much was added to the pan, trial and error) +* Repeat previous step until the batter is used up diff --git a/recipes/red-lentil-stew.gmi b/recipes/red-lentil-stew.gmi @@ -0,0 +1,47 @@ +# Red Lentil Stew + +This recipe is copyright Grimgrains/Hundred Rabbits © 2014-2021 CC-BY-NC-SA-4.0 + +=> http://grimgrains.com/site/red_lentil_stew.html Grimgrains Red Lentil Stew Recipe +=> https://creativecommons.org/licenses/by-nc-sa/4.0/ CC-BY-NC-SA-4.0 License + +This recipe has been condensed from the original to better match my needs. Under the terms of the CC-BY-NC-SA-4.0 license, this recipe is therefore copyright Jake Bauer © 2021 under the same license. + +## Tools & Cookware + +* Knife and cutting board +* Stirring implement +* Medium pot + +## Ingredients + +* 1 tbsp olive oil +* 1 medium yellow onion +* black pepper +* cumin seeds +* ground turmeric +* 1 medium carrot +* 2 medium potatoes +* ¼ head cabbage +* ½ cup red lentils +* 1½ cups vegetable broth +* salt to taste + +## Preparation + +* Dice the onion +* Chop the carrot into small cubes +* Chop the cabbage + +## Instructions + +* Add the oil to the pot and heat at medium heat +* Add the onion and sauté until transparent +* Add the pepper, whole cumin seeds, and turmeric powder +* Add the carrot, potatoes, cabbage and mix well +* Lower the heat, cover, and cook for 5-7 minutes (add a small amount of water if vegetables are sticking to the bottom of the pot) +* Mix in the red lentils and the vegetable broth +* Bring to a boil, cover, and lower heat to simmer for 10 minutes +* When ready, season with salt to taste + +Best served over basmati rice or flat bread. diff --git a/recipes/sauces.gmi b/recipes/sauces.gmi @@ -0,0 +1,11 @@ +# Sauces + +## Basic Stir Fry Sauce + +* 3 cloves garlic, minced +* 3 tbsp soy sauce +* 1 tbsp rice vinegar +* 1 tbsp brown sugar (regular sugar is fine) +* ½ cup broth or water +* 1½ tbsp corn starch +