Compare commits

...

14 commits

87 changed files with 304 additions and 169 deletions

View file

@ -7,52 +7,32 @@ description: "This is a new post about..."
featured: false
toc: true
comments: true
series: Tips # Projects, Code
categories: Tips # Backstage, ChromeOS, Code, Self-Hosting, VMware
tags:
- 3dprinting
- activedirectory
- android
- api
- automation
- availability
- caddy
- certs
- chat
- chrome
- chromeos
- cloud
- cluster
- containers
- crostini
- docker
- gcp
- homeassistant
- homelab
- hugo
- iac
- javascript
- kubernetes
- linux
- logs
- meta
- networking
- openssl
- packer
- powercli
- powershell
- python
- regex
- rest
- salt
- security
- selfhosting
- serverless
- shell
- tailscale
- tasker
- terraform
- vmware
- vpn
- windows
- wireguard
- wsl

View file

@ -58,7 +58,7 @@ enableInlineShortcodes = true
[taxonomies]
tag = "tags"
series = "series"
category = "categories"
[minify]
disableXML = true

View file

@ -5,21 +5,21 @@
# weight = 10
[[main]]
identifier = "projects"
name = "projects"
url = "/series/projects/"
identifier = "self-hosting"
name = "self-hosting"
url = "/categories/self-hosting/"
weight = 1
[[main]]
identifier = "tips"
name = "tips"
url = "/series/tips/"
url = "/categories/tips/"
weight = 1
[[main]]
identifier = "code"
name = "code"
url = "/series/code/"
url = "/categories/code/"
weight = 1
[[main]]

View file

@ -11,11 +11,11 @@ You've (somehow) managed to stumble upon my dark corner of the internet[^1].
I've enjoyed tinkering with computers and their code since discovering I could alter variable values in [`GORILLA.BAS`](https://en.wikipedia.org/wiki/Gorillas_%28video_game%29) on my dad's work computer to imbue the thrown bananas with enough explosive power to level the entire city. I thought, "hey, that's neat," and then spent much of my childhood free time learning how *else* I could bend computers to my will.
Once I grew up[^2], I found a career in system administration, and I leveraged my passion for coding to write scripts to help manage systems more efficiently. While managing a global-scale VMware environment, I was tasked with implementing [vRealize Automation](/series/vra8) (now called "Aria Automation"). I didn't realize it at the time but that was the start of my DevOps transformation. I started thinking about infrastructure-as-code, and began using [HashiCorp Packer](https://github.com/jbowdre/packer-vsphere-templates) and a CI/CD pipeline to automatically build fully-up-to-date VM templates on a weekly cadence.
Once I grew up[^2], I found a career in system administration, and I leveraged my passion for coding to write scripts to help manage systems more efficiently. While managing a global-scale VMware environment, I was tasked with implementing [vRealize Automation](/categories/vmware) (now called "Aria Automation"). I didn't realize it at the time but that was the start of my DevOps transformation. I started thinking about infrastructure-as-code, and began using [HashiCorp Packer](https://github.com/jbowdre/packer-vsphere-templates) and a CI/CD pipeline to automatically build fully-up-to-date VM templates on a weekly cadence.
I'm now part of a small platform engineering team within that same large corporation, focused on leveraging DevOps thinking and tools to help our internal customers modernize how they operate IT, build code, and ship products, while designing solutions to help them accomplish those goals. It's a great blend of my virtual infrastructure operations background, hobbyist development experience, and hunger for solving problems, and I really enjoy applying these skills to solve interesting challenges at scale.
On my off time, I tinker with new [projects](/series/projects) in my little homelab (and share some of those adventures here). I also help out on Google's product support forums as a [Product Expert](https://productexperts.withgoogle.com/what-it-is), where I support Pixel phones, earbuds, and watches, as well as Chromebooks (primarily with Linux-related queries). Helping users troubleshoot their issues scratches my problem-solving itch, and it keeps me connected with some really great like-minded tech enthusiasts.
On my off time, I tinker with new [projects](/categories/self-hosting) in my little homelab (and share some of those adventures here). I also help out on Google's product support forums as a [Product Expert](https://productexperts.withgoogle.com/what-it-is), where I support Pixel phones, earbuds, and watches, as well as Chromebooks (primarily with Linux-related queries). Helping users troubleshoot their issues scratches my problem-solving itch, and it keeps me connected with some really great like-minded tech enthusiasts.
On weekends, I race my daily-driven 2014 Subaru BRZ in local [autocross events](https://l.runtimeterror.dev/my-autox-vids) or wrench on my 1974 Volkswagen Karmann Ghia.

View file

@ -0,0 +1,5 @@
---
title: Backstage
description: >
A peek behind the scenes at what it takes to run this site.
---

View file

@ -0,0 +1,5 @@
---
title: "ChromeOS"
description: >
My Chromebook is a lot more than just a browser.
---

View file

@ -0,0 +1,5 @@
---
title: Code
description: >
I did a programming and I wanted you to see.
---

View file

@ -0,0 +1,5 @@
---
title: Self-Hosting
description: >
Never met an app I didn't want to deploy.
---

View file

@ -0,0 +1,5 @@
---
title: Tips
description: >
I learned something the hard way so that you wouldn't have to.
---

View file

@ -0,0 +1,4 @@
---
title: "VMware"
description: "vSphere, vCenter, vRealize, vTanzu, vBroadcom..."
---

View file

@ -3,6 +3,7 @@ date: "2020-09-14T08:34:30Z"
thumbnail: qDTXt1jp3.png
featureImage: qDTXt1jp3.png
usePageBundles: true
categories: ChromeOS
tags:
- linux
- chromeos

View file

@ -1,5 +1,5 @@
---
series: Tips
categories: Tips
date: "2020-09-24T08:34:30Z"
thumbnail: fmLDUWjia.png
usePageBundles: true

View file

@ -1,5 +1,5 @@
---
series: vRA8
categories: VMware
date: "2021-06-01T08:34:30Z"
thumbnail: -Fuvz-GmF.png
usePageBundles: true
@ -11,7 +11,7 @@ tags:
title: Adding VM Notes and Custom Attributes with vRA8
---
*In [past posts](/series/vra8), I started by [creating a basic deployment infrastructure](/vra8-custom-provisioning-part-one) in Cloud Assembly and using tags to group those resources. I then [wrote an integration](/integrating-phpipam-with-vrealize-automation-8) to let vRA8 use phpIPAM for static address assignments. I [implemented a vRO workflow](/vra8-custom-provisioning-part-two) for generating unique VM names which fit an organization's established naming standard, and then [extended the workflow](/vra8-custom-provisioning-part-three) to avoid any naming conflicts in Active Directory and DNS. And, finally, I [created an intelligent provisioning request form in Service Broker](/vra8-custom-provisioning-part-four) to make it easy for users to get the servers they need. That's got the core functionality pretty well sorted, so moving forward I'll be detailing additions that enable new capabilities and enhance the experience.*
*In [past posts](/categories/vmware), I started by [creating a basic deployment infrastructure](/vra8-custom-provisioning-part-one) in Cloud Assembly and using tags to group those resources. I then [wrote an integration](/integrating-phpipam-with-vrealize-automation-8) to let vRA8 use phpIPAM for static address assignments. I [implemented a vRO workflow](/vra8-custom-provisioning-part-two) for generating unique VM names which fit an organization's established naming standard, and then [extended the workflow](/vra8-custom-provisioning-part-three) to avoid any naming conflicts in Active Directory and DNS. And, finally, I [created an intelligent provisioning request form in Service Broker](/vra8-custom-provisioning-part-four) to make it easy for users to get the servers they need. That's got the core functionality pretty well sorted, so moving forward I'll be detailing additions that enable new capabilities and enhance the experience.*
In this post, I'll describe how to get certain details from the Service Broker request form and into the VM's properties in vCenter. The obvious application of this is adding descriptive notes so I can remember what purpose a VM serves, but I will also be using [Custom Attributes](https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vcenterhost.doc/GUID-73606C4C-763C-4E27-A1DA-032E4C46219D.html) to store the server's Point of Contact information and a record of which ticketing system request resulted in the server's creation.

View file

@ -1,5 +1,5 @@
---
series: Projects
categories: Self-Hosting
date: "2021-05-27T08:34:30Z"
thumbnail: HRRpFOKuN.png
usePageBundles: true

View file

@ -1,5 +1,5 @@
---
series: Projects
categories: Code
date: "2020-11-24T08:34:30Z"
lastmod: "2021-03-12"
thumbnail: Ki7jo65t3.png
@ -37,7 +37,7 @@ It's important to use the [open-source](https://github.com/schwabe/ics-openvpn)
### OpenVPN config file
You can find instructions for configuring the OpenVPN client to work with ProtonVPN [here](https://protonvpn.com/support/android-vpn-setup/) but I'll go ahead and hit the highlights. You'll probably want to go ahead and do all this from your phone so you don't have to fuss with transferring files around, but hey, *you do you*.
1. Log in to your ProtonVPN account (or sign up for a new free one) at https://account.protonvpn.com/login.
1. Log in to your ProtonVPN account (or sign up for a new free one) at https://account.protonvpn.com/login.
2. Use the panel on the left side to navigate to **[Downloads > OpenVPN configuration files](https://account.protonvpn.com/downloads#openvpn-configuration-files)**.
3. Select the **Android** platform and **UDP** as the protocol, unless you have a [particular reason to use TCP](https://protonvpn.com/support/udp-tcp/#:~:text=When%20to%20use%20UDP%20vs.%20TCP).
4. Select and download the desired config file:
@ -49,7 +49,7 @@ You can find instructions for configuring the OpenVPN client to work with Proton
Feel free to download more than one if you'd like to have different profiles available within the OpenVPN app.
ProtonVPN automatically generates a set of user credentials to use with a third-party VPN client so that you don't have to share your personal creds. You'll want to make a note of that randomly-generated username and password so you can plug them in to the OpenVPN app later. You can find the details at **[Account > OpenVPN / IKEv2 username](https://account.protonvpn.com/account#openvpn)**.
ProtonVPN automatically generates a set of user credentials to use with a third-party VPN client so that you don't have to share your personal creds. You'll want to make a note of that randomly-generated username and password so you can plug them in to the OpenVPN app later. You can find the details at **[Account > OpenVPN / IKEv2 username](https://account.protonvpn.com/account#openvpn)**.
**Now that you've got the profile file, skip on down to [The Update](#update) to import it into OpenVPN Connect.**
@ -67,7 +67,7 @@ Now what you've got the config file(s) and your client credentials, it's time to
Success!
I don't like to have a bunch of persistent notification icons hanging around (and Android already shows a persistent status icon when a VPN connection is active). If you're like me, long-press the OpenVPN notification and tap the gear icon. Then tap on the **Connection statistics** category and activate the **Minimized** slider. The notification will still appear, but it will collapse to the bottom of your notification stack and you won't get bugged by the icon.
I don't like to have a bunch of persistent notification icons hanging around (and Android already shows a persistent status icon when a VPN connection is active). If you're like me, long-press the OpenVPN notification and tap the gear icon. Then tap on the **Connection statistics** category and activate the **Minimized** slider. The notification will still appear, but it will collapse to the bottom of your notification stack and you won't get bugged by the icon.
![Notification settings](WWuHwVvrk.png)
@ -76,21 +76,21 @@ Open up Tasker and get ready to automate! We're going to wind up with at least t
Let's start with a profile to track whether or not we're connected to one of our preferred/trusted WiFi networks:
#### Trusted WiFi
#### Trusted WiFi
1. Tap the '+' sign to create a new profile, and add a new **State > Net > Wifi Connected** context. This profile will become active whenever your phone connects to WiFi.
2. Tap the magnifying glass next to the **SSID** field, which will pop up a list of all detected nearby network identifiers. Tap to select whichever network(s) you'd like to be considered "safe". You can also manually enter the SSID names, separating multiple options with a `/` (ex, `FBI Surveillance Van/TellMyWifiLoveHer/Pretty fly for a WiFi`). Or, for more security, identify the networks based on the MACs instead of the SSIDs - just be sure to capture the MACs for any extenders or mesh nodes too!
3. Once you've got your networks added, tap the back button to move *forward* to the next task (Ah, Android!): configuring the *action* which will occur when the context is satisfied.
4. Tap the **New Task** option and then tap the check mark to skip giving it a name (no need).
3. Once you've got your networks added, tap the back button to move *forward* to the next task (Ah, Android!): configuring the *action* which will occur when the context is satisfied.
4. Tap the **New Task** option and then tap the check mark to skip giving it a name (no need).
5. Hit the '+' button to add an action and select **Variables > Variable Set**.
6. For **Name**, enter `%TRUSTED_WIFI` (all caps to make it a "public" variable), and for the **To** field just enter `1`.
7. Hit back to save the action, and back again to save the profile.
6. For **Name**, enter `%TRUSTED_WIFI` (all caps to make it a "public" variable), and for the **To** field just enter `1`.
7. Hit back to save the action, and back again to save the profile.
8. Back at the profile list, long-press on the **Variable Set...** action and then select **Add Exit Task**.
9. We want to un-set the variable when no longer connected to a trusted WiFi network so add a new **Variables > Variable Clear** action and set the name to `%TRUSTED_WIFI`.
10. And back back out to admire your handiwork. Here's a recap of the profile:
```
Profile: Trusted Wifi
State: Wifi Connected [ SSID:FBI Surveillance Van/TellMyWifiLoveHer/Pretty fly for a WiFi MAC:* IP:* Active:Any ]
Enter: Anon
Enter: Anon
A1: Variable Set [ Name:%TRUSTED_WIFI To:1 Recurse Variables:Off Do Maths:Off Append:Off Max Rounding Digits:0 ]
Exit: Anon
A1: Variable Clear [ Name:%TRUSTED_WIFI Pattern Matching:Off Local Variables Only:Off Clear All Variables:Off ]
@ -103,7 +103,7 @@ This profile will kick in if the phone connects to a WiFi network which isn't on
1. It starts out the same way by creating a new profile with the **State > Net > Wifi Connected** context but this time don't add any network names to the list.
2. For the action, select **Plugin > OpenVpn Tasker Plugin**, tap the pencil icon to edit the configuration, and select your VPN profile from the list under **Connect using profile**
3. Back at the Action Edit screen, tap the checkbox next to **If** and enter the variable name `%TRUSTED_WIFI`. Tap the '~' button to change the condition operator to **Isn't Set**. So while this profile will activate every time you connect to WiFi, the action which connects to the VPN will only fire if the WiFi isn't a trusted network.
4. Back out to the profile list and add a new Exit Task.
4. Back out to the profile list and add a new Exit Task.
5. Add another **Plugin > OpenVpn Tasker Plugin** task and this time configure it to **Disconnect VPN**.
To recap:
@ -149,7 +149,7 @@ After installing and launching the official [OpenVPN Connect app](https://play.g
![Creating a profile in OpenVPN Connect](KjGOX8Yiv.png)
#### Tasker profiles
Go ahead and create the [Trusted Wifi profile](#trusted-wifi) as described above.
Go ahead and create the [Trusted Wifi profile](#trusted-wifi) as described above.
The condition for the [VPN on Strange Wifi profile](#vpn-on-strange-wifi) will be the same, but the task will be different. This time, add a **System > Send Intent** action. You'll need to enter the following details, leaving the other fields blank/default:
@ -176,4 +176,4 @@ Class: net.openvpn.unified.MainActivity
Target: Activity
```
All set! You can pop back up to the [Epilogue](#epilogue-working-with-googles-vpn) section to continue tweaking to avoid conflicts with Google's auto-connect VPN if you'd like.
All set! You can pop back up to the [Epilogue](#epilogue-working-with-googles-vpn) section to continue tweaking to avoid conflicts with Google's auto-connect VPN if you'd like.

View file

@ -1,5 +1,5 @@
---
series: Code
categories: Code
date: "2021-04-29T08:34:30Z"
usePageBundles: true
thumbnail: 20210723-script.png
@ -11,7 +11,7 @@ title: Automatic unattended expansion of Linux root LVM volume to fill disk
toc: false
---
While working on my [vRealize Automation 8 project](/series/vra8), I wanted to let users specify how large a VM's system drive should be and have vRA apply that without any further user intervention. For instance, if the template has a 60GB C: drive and the user specifies that they want it to be 80GB, vRA will embiggen the new VM's VMDK to 80GB and then expand the guest file system to fill up the new free space.
While working on my [vRealize Automation 8 project](/categories/vmware), I wanted to let users specify how large a VM's system drive should be and have vRA apply that without any further user intervention. For instance, if the template has a 60GB C: drive and the user specifies that they want it to be 80GB, vRA will embiggen the new VM's VMDK to 80GB and then expand the guest file system to fill up the new free space.
I'll get into the details of how that's implemented from the vRA side #soon, but first I needed to come up with simple scripts to extend the guest file system to fill the disk.

View file

@ -8,7 +8,7 @@ alias: automating-security-camera-notifications-with-home-assistant-and-ntfy
toc: true
comments: true
thumbnail: thumbnail.png
series: Projects
categories: Self-Hosting
tags:
- api
- automation

View file

@ -1,5 +1,5 @@
---
series: Projects
categories: Self-Hosting
date: "2018-09-26T08:34:30Z"
lastmod: "2022-03-06"
thumbnail: i0UKdXleC.png

View file

@ -14,7 +14,7 @@ usePageBundles: true
thumbnail: "code.png" # Sets thumbnail image appearing inside card on homepage.
# shareImage: "share.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
series: Code
categories: Code
tags:
- vmware
- powercli

View file

@ -1,5 +1,5 @@
---
series: Tips
categories: ChromeOS
date: "2020-12-23T08:34:30Z"
thumbnail: -lp1-DGiM.png
usePageBundles: true

View file

@ -14,7 +14,7 @@ usePageBundles: true
# thumbnail: "thumbnail.png" # Sets thumbnail image appearing inside card on homepage.
# shareImage: "share.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
series: Tips # Projects, Code, vRA8, K8s on vSphere
categories: Tips # Projects, Code, vRA8, K8s on vSphere
tags:
- linux
- shell

View file

@ -1,5 +1,5 @@
---
series: Projects
categories: Self-Hosting
date: "2021-10-28T00:00:00Z"
thumbnail: 20211028_wireguard_in_the_cloud.jpg
usePageBundles: true

View file

@ -14,7 +14,7 @@ usePageBundles: true
thumbnail: "thumbnail.png" # Sets thumbnail image appearing inside card on homepage.
# shareImage: "share.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
series: Projects
categories: ChromeOS
tags:
- linux
- chromeos

View file

@ -1,5 +1,5 @@
---
series: vRA8
categories: VMware
date: "2021-08-13T00:00:00Z"
lastmod: "2022-01-18"
usePageBundles: true

View file

@ -5,7 +5,7 @@ description: "I moved my homelab from VMware vSphere to Proxmox VE, and my only
featured: false
toc: true
comments: true
series: Tips # Projects, Code
categories: Tips # Projects, Code
tags:
- homelab
- linux

View file

@ -2,6 +2,7 @@
date: "2020-09-22T08:34:30Z"
thumbnail: 8p-PSHx1R.png
usePageBundles: true
categories: Tips
tags:
- docker
- windows

View file

@ -6,7 +6,7 @@ description: "Deploying and configuring a self-hosted pub-sub notification handl
featured: false
toc: true
comments: true
series: Projects
categories: Self-Hosting
tags:
- android
- api

View file

@ -0,0 +1,46 @@
---
title: "Enabling FIPS Compliance Fixes Aria Lifecycle 8.14"
date: 2024-01-19
# lastmod: 2024-01-19
description: "Never in my life have I seen enabling FIPS *fix* a problem - until now."
featured: false
comments: true
categories: VMware
tags:
- vmware
---
This week, VMware posted [VMSA-2024-0001](https://www.vmware.com/security/advisories/VMSA-2024-0001.html) which details a critical (9.9/10) vulnerability in <s>vRealize</s> *Aria* Automation. While working to get our environment patched, I ran into an interesting error on our Aria Lifecycle appliance:
```log
Error Code: LCMVRAVACONFIG590024
VMware Aria Automation hostname is not valid or unable to run the product specific commands via SSH on the host. Check if VMware Aria Automation is up and running.
VMware Aria Automation hostname is not valid or unable to run the product specific commands via SSH on the host. Check if VMware Aria Automation is up and running.
com.vmware.vrealize.lcm.drivers.vra80.exception.VraVaProductNotFoundException: Either provided hostname: <VMwareAriaAutomationFQDN> is not a valid VMware Aria Automation hostname or unable to run the product specific commands via SSH on the host.
at com.vmware.vrealize.lcm.drivers.vra80.helpers.VraPreludeInstallHelper.getVraFullVersion(VraPreludeInstallHelper.java:970)
at com.vmware.vrealize.lcm.drivers.vra80.helpers.VraPreludeInstallHelper.checkVraApplianceAndVersion(VraPreludeInstallHelper.java:978)
at com.vmware.vrealize.lcm.drivers.vra80.helpers.VraPreludeInstallHelper.getVraProductDetails(VraPreludeInstallHelper.java:754)
at com.vmware.vrealize.lcm.plugin.core.vra80.task.VraVaImportEnvironmentTask.execute(VraVaImportEnvironmentTask.java:145)
at com.vmware.vrealize.lcm.platform.automata.service.Task.retry(Task.java:158)
at com.vmware.vrealize.lcm.automata.core.TaskThread.run(TaskThread.java:60)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.base/java.lang.Thread.run(Unknown Source)
```
Digging further into the appliance logs revealed some more details:
```log
Session.connect: java.security.spec.InvalidKeySpecException: key spec not recognized
```
That seems like a much more insightful error than "the hostname is not valid, dummy."
Anyhoo, searching for the error took me to a VMware KB on the subject:
- [VMware Aria Suite Lifecycle 8.14 Patch 1 Day 2 operations fail for VMware Aria Automation with error code LCMVRAVACONFIG590024 (96243)](https://kb.vmware.com/s/article/96243)
> After applying VMware Aria Suite Lifecycle 8.14 Patch 1, you may encounter deployment and day-2 operation failures, attributed to the elimination of weak algorithms in Suite Lifecycle. To prevent such issues, it is recommended to either turn on FIPS in VMware Aria Suite Lifecycle or implement the specified workarounds on other VMware Aria Products, as outlined in the article Steps for Removing SHA1 weak Algorithms/Ciphers from all VMware Aria Products.
That's right. According to the KB, the solution for the untrusted encryption algorithms is to *enable* FIPS compliance. I was skeptical: I've never seen FIPS enforcement fix problems, it always causes them.
But I gave it a shot, and *holy crap it actually worked!* Enabling FIPS compliance on the Aria Lifecycle appliance got things going again.
I feel like I've seen everything now.

View file

@ -14,7 +14,7 @@ usePageBundles: true
thumbnail: "tanzu-completion.png" # Sets thumbnail image appearing inside card on homepage.
# shareImage: "share.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
series: Tips
categories: VMware
tags:
- vmware
- linux

View file

@ -14,7 +14,7 @@ featureImage: "quartz64.jpg" # Sets featured image on blog post.
thumbnail: "quartz64.jpg" # Sets thumbnail image appearing inside card on homepage.
# shareImage: "share.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
series: Projects
categories: VMware
tags:
- vmware
- linux

View file

@ -1,5 +1,5 @@
---
series: Projects
categories: Self-Hosting
date: "2021-06-28T00:00:00Z"
thumbnail: 2xe34VJym.png
usePageBundles: true

View file

@ -1,5 +1,5 @@
---
series: Tips
categories: Tips
date: "2020-09-13T08:34:30Z"
usePageBundles: true
tags:

View file

@ -1,5 +1,5 @@
---
series: vRA8
categories: VMware
date: "2021-11-05T00:00:00Z"
thumbnail: 20211105_ssc_403.png
usePageBundles: true

View file

@ -2,6 +2,7 @@
date: "2020-10-07T08:34:30Z"
thumbnail: MnmMuA0HC.png
usePageBundles: true
categories: Tips
tags:
- windows
- linux
@ -11,15 +12,15 @@ title: Fixing WSL2 connectivity when connected to a VPN with wsl-vpnkit
toc: false
---
I was pretty excited to get [WSL2 and Docker working on my Windows 10 1909](/docker-on-windows-10-with-wsl2) laptop a few weeks ago, but I quickly encountered a problem: WSL2 had no network connectivity when connected to my work VPN.
I was pretty excited to get [WSL2 and Docker working on my Windows 10 1909](/docker-on-windows-10-with-wsl2) laptop a few weeks ago, but I quickly encountered a problem: WSL2 had no network connectivity when connected to my work VPN.
Well, that's not *entirely* true; Docker worked just fine, but nothing else could talk to anything outside of the WSL environment. I found a few open issues for this problem in the [WSL2 Github](https://github.com/microsoft/WSL/issues?q=is%3Aissue+is%3Aopen+VPN) with suggested workarounds including modifying Windows registry entries, adjusting the metrics assigned to various virtual network interfaces within Windows, and manually setting DNS servers in `/etc/resolv.conf`. None of these worked for me.
I eventually came across a solution [here](https://github.com/sakai135/wsl-vpnkit) which did the trick. This takes advantage of the fact that Docker for Windows is already utilizing `vpnkit` for connectivity - so you may also want to be sure Docker Desktop is configured to start at login.
The instructions worked well for me so I won't rehash them all here. When it came time to modify my `/etc/resolv.conf` file, I added in two of the internal DNS servers followed by the IP for my home router's DNS service. This allows me to use WSL2 both on and off the corporate network without having to reconfigure things.
The instructions worked well for me so I won't rehash them all here. When it came time to modify my `/etc/resolv.conf` file, I added in two of the internal DNS servers followed by the IP for my home router's DNS service. This allows me to use WSL2 both on and off the corporate network without having to reconfigure things.
All I need to do now is execute `sudo ./wsl-vpnkit` and leave that running in the background when I need to use WSL while connected to the corporate VPN.
All I need to do now is execute `sudo ./wsl-vpnkit` and leave that running in the background when I need to use WSL while connected to the corporate VPN.
![Successful connection via wsl-vpnkit](MnmMuA0HC.png)

View file

@ -1,5 +1,5 @@
---
series: Projects
categories: Self-Hosting
date: "2021-08-20T00:00:00Z"
lastmod: 2022-02-03
usePageBundles: true

View file

@ -14,7 +14,7 @@ usePageBundles: true
thumbnail: "thumbnail.png" # Sets thumbnail image appearing inside card on homepage.
# shareImage: "share.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
series: vRA8 # Projects, Code, vRA8
categories: VMware # Projects, Code, vRA8
tags:
- vmware
- vra

View file

@ -14,7 +14,7 @@ usePageBundles: true
thumbnail: "gitea-logo.png" # Sets thumbnail image appearing inside card on homepage.
# shareImage: "share.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
series: Projects
categories: Self-Hosting
tags:
- caddy
- linux

View file

@ -16,6 +16,7 @@ shareImage: "/hugo-logo-wide.png"
# shareImage: "/images/path/share.png" # Designate a separate image for social media sharing.
codeMaxLines: 10 # Override global value for how many lines within a code block before auto-collapsing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
categories: Backstage
tags:
- meta
- hugo

View file

@ -6,7 +6,7 @@ timeless: true
description: There are no dumb questions - but there are smarter (and dumber) ways to ask them.
featured: true
aliases: ["how2ask"]
series: Tips
categories: Tips
---
I spend a lot of my time and energy answering technical questions, both professionally and "for fun" as a way to scratch that troubleshooting itch. How a question is asked plays a big factor in how effectively I'll be able to answer it.

View file

@ -1,5 +1,5 @@
---
series: vRA8
categories: VMware
date: "2021-02-22T08:34:30Z"
lastmod: 2022-07-25
thumbnail: 7_QI-Ti8g.png

View file

@ -1,5 +1,5 @@
---
series: vRA8
categories: VMware
date: "2021-07-21T00:00:00Z"
thumbnail: 20210721-successful-ad_machine.png
usePageBundles: true

View file

@ -14,7 +14,7 @@ usePageBundles: true
thumbnail: "thumbnail.jpg" # Sets thumbnail image appearing inside card on homepage.
# shareImage: "share.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
series: K8s on vSphere
categories: VMware
tags:
- vmware
- linux

View file

@ -14,7 +14,7 @@ usePageBundles: true
thumbnail: "ldaps_test.png" # Sets thumbnail image appearing inside card on homepage.
shareImage: "ldaps_test.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
series: K8s on vSphere
categories: VMware
tags:
- vmware
- kubernetes

View file

@ -14,7 +14,7 @@ featureImage: "tanzu.png" # Sets featured image on blog post.
thumbnail: "tanzu.png" # Sets thumbnail image appearing inside card on homepage.
# shareImage: "share.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
series: Tips
categories: VMware
tags:
- vmware
- kubernetes

View file

@ -1,5 +1,5 @@
---
series: Code
categories: Code
date: "2020-09-16T08:34:30Z"
thumbnail: LJOcy2oqc.png
usePageBundles: true

View file

@ -14,7 +14,7 @@ usePageBundles: true
thumbnail: "nessus_login.png" # Sets thumbnail image appearing inside card on homepage.
# shareImage: "share.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
series: Tips # Projects, Code, vRA8
categories: Self-Hosting
tags:
- vmware
- kubernetes

View file

@ -1,5 +1,5 @@
---
series: vRA8
categories: VMware
date: "2021-08-25T00:00:00Z"
usePageBundles: true
tags:
@ -13,7 +13,7 @@ title: Notes on vRA HA with NSX-ALB
This is going to be a pretty quick recap of the steps I recently took to convert a single-node instance of vRealize Automation 8.4.2 into a 3-node High-Availability vRA cluster behind a standalone NSX Advanced Load Balancer (without NSX being deployed in the environment). No screenshots or specific details since I ran through this in the lab at work and didn't capture anything along the way, and my poor NUC homelab struggles enough to run a single instance of memory-hogging vRA.
### Getting started with NSX-ALB
I found a lot of information on how to use NSX-ALB as a component of a broader NSX-equipped environment, but not a lot of detail on how to use the ALB *without* NSX - until I found [Rudi Martinsen's blog on the subject](https://rudimartinsen.com/2021/06/25/load-balancing-with-nsx-alb/). That turned out to be a great reference for the ALB configuration so be sure to check it out if you need more details than what I provide in this section.
I found a lot of information on how to use NSX-ALB as a component of a broader NSX-equipped environment, but not a lot of detail on how to use the ALB *without* NSX - until I found [Rudi Martinsen's blog on the subject](https://rudimartinsen.com/2021/06/25/load-balancing-with-nsx-alb/). That turned out to be a great reference for the ALB configuration so be sure to check it out if you need more details than what I provide in this section.
#### Download
NSX-ALB is/was formerly known as the Avi Vantage Controller, and downloads are available [here](https://portal.avipulse.vmware.com/software/vantage). You'll need to log in with your VMware Customer Connect account to access the download, and then grab the latest VMware Controller OVA. Be sure to make a note of the default password listed on the right-hand side since you'll need that to log in post-deployment.
@ -45,7 +45,7 @@ Then go back to **Infastructure > Clouds**, edit the Cloud, and select the IPAM
Navigate to **Infrastructure > Cloud Resources > Service Engine Group** and edit the *Default-Group*. I left everything on the *Basic Settings* tab at the defaults. On the *Advanced* tab, I specified which vSphere cluster the Service Engines should be deployed to. And I left everything else with the default settings.
#### SSL Certificate
Hop over to **Templates > Security > SSL/TLS Certificates** and click **Create > Application Certificate**. Give the new cert a name and change the **Type** to `CSR` to generate a new signing request. Enter the **Common Name** you're going to want to use for the load balancer VIP (something like `vra`, perhaps?) and all the usual cert fields. Use the **Subject Alternate Name (SAN)** section at the bottom to add all the other components, like the individual vRA cluster members by both hostname and FQDN. I went ahead and included those IPs as well for good measure.
Hop over to **Templates > Security > SSL/TLS Certificates** and click **Create > Application Certificate**. Give the new cert a name and change the **Type** to `CSR` to generate a new signing request. Enter the **Common Name** you're going to want to use for the load balancer VIP (something like `vra`, perhaps?) and all the usual cert fields. Use the **Subject Alternate Name (SAN)** section at the bottom to add all the other components, like the individual vRA cluster members by both hostname and FQDN. I went ahead and included those IPs as well for good measure.
| Name |
|----------------------|
@ -60,14 +60,14 @@ Hop over to **Templates > Security > SSL/TLS Certificates** and click **Create >
| `vra03` |
| `192.168.1.43` |
Click **Save**.
Click **Save**.
Click **Create** again, but this time select **Root/Intermediate CA Certificate** and upload/paste your CA's cert so it can be trusted. Save your work.
Back at the cert list, find your new application cert and click the pencil icon to edit it. Copy the **Certificate Signing Request** field and go get it signed by your CA. Be sure to grab the certificate chain (base64-encoded) as well if you can. Come back and paste in / upload your shiny new CA-signed certificate file.
#### Virtual Service
Now it's finally time to create the Virtual Service that will function as the load balancer front-end. Pop over to **Applications > Virtual Services** and click **Create Virtual Service > Basic Setup**. Give it a name and set the **Application Type** to `HTTPS`, which will automatically set the port and bind a default self-signed certificate.
Now it's finally time to create the Virtual Service that will function as the load balancer front-end. Pop over to **Applications > Virtual Services** and click **Create Virtual Service > Basic Setup**. Give it a name and set the **Application Type** to `HTTPS`, which will automatically set the port and bind a default self-signed certificate.
Click on the **Certificate** field and select the new cert you created above. Be sure to remove the default cert.
@ -81,12 +81,12 @@ Now that the Virtual Service is created, make a note of the IP address assigned
Log into LifeCycle Manager in a new browser tab/window. Make sure that you've mapped an *Install* product binary for your current version of vRA; the upgrade binary that you probably used to do your last update won't cut it. It's probably also a good idea to go make a snapshot of your vRA and IDM instances just in case.
#### Adding new certificate
In LCM, go to **Locker > Certificates** and select the option to **Import**. Switch back to the NSX-ALB tab and go to **Templates > Security > SSL/TLS Certificates**. Click the little down-arrow-in-a-circle "Export" icon next to the application certificate you created earlier. Copy the key section and paste that into LCM. Then open the file containing the certificate chain you got from your CA, copy its contents, and paste it into LCM as well. Do *not* try to upload a certificate file directly to LCM; that will fail unless the file includes both the cert and the private key and that's silly.
In LCM, go to **Locker > Certificates** and select the option to **Import**. Switch back to the NSX-ALB tab and go to **Templates > Security > SSL/TLS Certificates**. Click the little down-arrow-in-a-circle "Export" icon next to the application certificate you created earlier. Copy the key section and paste that into LCM. Then open the file containing the certificate chain you got from your CA, copy its contents, and paste it into LCM as well. Do *not* try to upload a certificate file directly to LCM; that will fail unless the file includes both the cert and the private key and that's silly.
Once the cert is successfully imported, go to the **Lifecycle Operations** component of LCM and navigate to the environment containing your vRA instance. Select the vRA product, hit the three-dot menu, and use the **Replace Certificate** option to replace the old and busted cert with the new HA-ready one. It will take a little bit for this to get applied. Don't move on until vRA services are back up.
#### Scale out vRA
Still on the vRA product page, click on the **+ Add Components** button.
Still on the vRA product page, click on the **+ Add Components** button.
On the **Infrastructure** page, tell LCM where to put the new VRA VMs.

View file

@ -14,7 +14,7 @@ usePageBundles: true
thumbnail: "PowerCLI.png" # Sets thumbnail image appearing inside card on homepage.
# shareImage: "share.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
series: Code
categories: Code
tags:
- vmware
- powercli

View file

@ -14,7 +14,7 @@ usePageBundles: true
# thumbnail: "thumbnail.png" # Sets thumbnail image appearing inside card on homepage.
# shareImage: "share.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
series: Code
categories: Code
tags:
- powershell
- windows

View file

@ -1,5 +1,5 @@
---
series: Tips
categories: VMware
date: "2021-01-30T08:34:30Z"
thumbnail: XTaU9VDy8.png
usePageBundles: true

View file

@ -14,7 +14,7 @@ usePageBundles: true
# thumbnail: "thumbnail.png" # Sets thumbnail image appearing inside card on homepage.
# shareImage: "share.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
series: Tips # Projects, Code, vRA8, K8s on vSphere
categories: VMware # Projects, Code, vRA8, K8s on vSphere
tags:
- vmware
- powershell

View file

@ -6,7 +6,7 @@ description: "Exploring Cloudflare Tunnel as an alternative to Tailscale Funnel
featured: false
toc: true
comments: true
series: Tips # Projects, Code
categories: Self-Hosting
tags:
- cloud
- containers

View file

@ -1,5 +1,5 @@
---
series: Tips
categories: Backstage
date: "2021-07-24T16:46:00Z"
thumbnail: 20210724-series-navigation.png
usePageBundles: true
@ -9,12 +9,12 @@ tags:
title: Recreating Hashnode Series (Categories) in Jekyll on GitHub Pages
---
I recently [migrated this site](/virtually-potato-migrated-to-github-pages) from Hashnode to GitHub Pages, and I'm really getting into the flexibility and control that managing the content through Jekyll provides. So, naturally, after finalizing the move I got to work recreating Hashnode's "Series" feature, which lets you group posts together and highlight them as a collection. One of the things I liked about the Series setup was that I could control the order of the collected posts: my posts about [building out the vRA environment in my homelab](/series/vra8) are probably best consumed in chronological order (oldest to newest) since the newer posts build upon the groundwork laid by the older ones, while posts about my [other one-off projects](/series/projects) could really be enjoyed in any order.
I recently [migrated this site](/virtually-potato-migrated-to-github-pages) from Hashnode to GitHub Pages, and I'm really getting into the flexibility and control that managing the content through Jekyll provides. So, naturally, after finalizing the move I got to work recreating Hashnode's "Series" feature, which lets you group posts together and highlight them as a collection. One of the things I liked about the Series setup was that I could control the order of the collected posts: my posts about [building out the vRA environment in my homelab](/categories/vmware) are probably best consumed in chronological order (oldest to newest) since the newer posts build upon the groundwork laid by the older ones, while posts about my [other one-off projects](/categories/self-hosting) could really be enjoyed in any order.
I quickly realized that if I were hosting this pretty much anywhere *other* than GitHub Pages I could simply leverage the [`jekyll-archives`](https://github.com/jekyll/jekyll-archives) plugin to manage this for me - but, alas, that's not one of the [plugins supported by the platform](https://pages.github.com/versions/). I needed to come up with my own solution, and being still quite new to Jekyll (and this whole website design thing in general) it took me a bit of fumbling to get it right.
### Reviewing the theme-provided option
The Jekyll theme I'm using ([Minimal Mistakes](https://github.com/mmistakes/minimal-mistakes)) comes with [built-in support](https://mmistakes.github.io/mm-github-pages-starter/categories/) for a [category archive page](/series), which (like the [tags page](/tags)) displays all the categorized posts on a single page. Links at the top will let you jump to an appropriate anchor to start viewing the selected category, but it's not really an elegant way to display a single category.
The Jekyll theme I'm using ([Minimal Mistakes](https://github.com/mmistakes/minimal-mistakes)) comes with [built-in support](https://mmistakes.github.io/mm-github-pages-starter/categories/) for a [category archive page](/categories), which (like the [tags page](/tags)) displays all the categorized posts on a single page. Links at the top will let you jump to an appropriate anchor to start viewing the selected category, but it's not really an elegant way to display a single category.
![Posts by category](20210724-posts-by-category.png)
It's a start, though, so I took a few minutes to check out how it's being generated. The category archive page lives at [`_pages/category-archive.md`](https://raw.githubusercontent.com/mmistakes/mm-github-pages-starter/master/_pages/category-archive.md):
@ -144,7 +144,7 @@ Since I can't use a plugin to automatically generate pages for each series, I'll
---
title: "Adventures in vRealize Automation 8"
layout: series
permalink: "/series/vra8"
permalink: "/categories/vmware"
tag: vRA8
sort_order: reverse
author_profile: true
@ -155,9 +155,9 @@ header:
*Follow along as I create a flexible VMware vRealize Automation 8 environment for provisioning virtual machines - all from the comfort of my Intel NUC homelab.*
```
You can see that this page is referencing the series layout I just created, and it's going to live at `http://localhost/series/vra8` - precisely where this series was on Hashnode. I've tagged it with the category I want to feature on this page, and specified that the posts will be sorted in reverse order so that anyone reading through the series will start at the beginning (I hear it's a very good place to start). I also added a teaser image which will be displayed when I link to the series from elsewhere. And I included a quick little italicized blurb to tell readers what the series is about.
You can see that this page is referencing the series layout I just created, and it's going to live at `http://localhost/categories/vmware` - precisely where this series was on Hashnode. I've tagged it with the category I want to feature on this page, and specified that the posts will be sorted in reverse order so that anyone reading through the series will start at the beginning (I hear it's a very good place to start). I also added a teaser image which will be displayed when I link to the series from elsewhere. And I included a quick little italicized blurb to tell readers what the series is about.
Check it out [here](/series/vra8):
Check it out [here](/categories/vmware):
![vRA8 series](20210724-vra8-series.png)
The other series pages will be basically the same, just without the reverse sort directive. Here's `_pages/series-tips.md`:
@ -202,7 +202,7 @@ author_profile: true
```
### Fixing category links in posts
The bottom of each post has a section which lists the tags and categories to which it belongs. Right now, those are still pointing to the category archive page (`/series/#vra8`) instead of the series feature pages I created (`/series/vra8`).
The bottom of each post has a section which lists the tags and categories to which it belongs. Right now, those are still pointing to the category archive page (`/series/#vra8`) instead of the series feature pages I created (`/categories/vmware`).
![Old category link](20210724-old-category-link.png)
That *works* but I'd rather it reference the fancy new pages I created. Tracking down where to make that change was a bit of a journey.
@ -245,7 +245,7 @@ Okay, it looks like [`_include/category-list.html`](https://github.com/mmistakes
{% assign categories_sorted = page.categories | sort_natural %}
<p class="page__taxonomy">
<strong><i class="fas fa-fw fa-folder-open" aria-hidden="true"></i> {{ site.data.ui-text[site.locale].categories_label | default: "series:" }} </strong>
<strong><i class="fas fa-fw fa-folder-open" aria-hidden="true"></i> {{ site.data.ui-text[site.locale].categories_label | default: "categories:" }} </strong>
<span itemprop="keywords">
{% for category_word in categories_sorted %}
<a href="{{ category_word | slugify | prepend: path_type | prepend: site.category_archive.path | relative_url }}" class="page__taxonomy-item p-category" rel="tag">{{ category_word }}</a>{% unless forloop.last %}<span class="sep">, </span>{% endunless %}
@ -283,9 +283,9 @@ And, finally, I'll want to update the navigation links at the top of each page t
# torchlight! {"lineNumbers": true}
main:
- title: "vRealize Automation 8"
url: /series/vra8
url: /categories/vmware
- title: "Projects"
url: /series/projects
url: /categories/self-hosting
- title: "Code"
url: /series/code
- title: "Tips & Tricks"

View file

@ -14,7 +14,7 @@ featureImage: "basic-architecture.png" # Sets featured image on blog post.
thumbnail: "basic-architecture.png" # Sets thumbnail image appearing inside card on homepage.
# shareImage: "share.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
series: Tips # Projects, Code, vRA8
categories: VMware # Projects, Code, vRA8
tags:
- vmware
- vsphere

View file

@ -1,5 +1,5 @@
---
series: vRA8
categories: VMware
date: "2021-09-03T00:00:00Z"
thumbnail: 20210903_action_run_success.png
usePageBundles: true
@ -11,7 +11,7 @@ tags:
- vmware
title: Run scripts in guest OS with vRA ABX Actions
---
Thus far in my [vRealize Automation project](/series/vra8), I've primarily been handing the payload over to vRealize Orchestrator to do the heavy lifting on the back end. This approach works really well for complex multi-part workflows (like when [generating unique hostnames](/vra8-custom-provisioning-part-two#the-vro-workflow)), but it may be overkill for more linear tasks (such as just running some simple commands inside of a deployed guest OS). In this post, I'll explore how I use [vRA Action Based eXtensibility (ABX)](https://blogs.vmware.com/management/2020/09/vra-abx-flow.html) to do just that.
Thus far in my [vRealize Automation project](/categories/vmware), I've primarily been handing the payload over to vRealize Orchestrator to do the heavy lifting on the back end. This approach works really well for complex multi-part workflows (like when [generating unique hostnames](/vra8-custom-provisioning-part-two#the-vro-workflow)), but it may be overkill for more linear tasks (such as just running some simple commands inside of a deployed guest OS). In this post, I'll explore how I use [vRA Action Based eXtensibility (ABX)](https://blogs.vmware.com/management/2020/09/vra-abx-flow.html) to do just that.
### The Goal
My ABX action is going to use PowerCLI to perform a few steps inside a deployed guest OS (Windows-only for this demonstration):

View file

@ -1,5 +1,5 @@
---
series: Projects
categories: Code
date: "2020-11-14T08:34:30Z"
thumbnail: aeIOr8w6k.png
usePageBundles: true
@ -11,11 +11,11 @@ tags:
title: Safeguard your Android's battery with Tasker + Home Assistant
---
A few months ago, I started using the [AccuBattery app](https://play.google.com/store/apps/details?id=com.digibites.accubattery) to keep a closer eye on how I'd been charging my phones. The app has a handy feature that notifies you once the battery level reaches a certain threshold so you can pull the phone off the charger and extend the lithium battery's service life, and it even offers an estimate for what that impact might be. For instance, right now the app indicates that charging my Pixel 5 from 51% to 100% would cause 0.92 wear cycles, while stopping the charge at 80% would impose just 0.17 cycles.
A few months ago, I started using the [AccuBattery app](https://play.google.com/store/apps/details?id=com.digibites.accubattery) to keep a closer eye on how I'd been charging my phones. The app has a handy feature that notifies you once the battery level reaches a certain threshold so you can pull the phone off the charger and extend the lithium battery's service life, and it even offers an estimate for what that impact might be. For instance, right now the app indicates that charging my Pixel 5 from 51% to 100% would cause 0.92 wear cycles, while stopping the charge at 80% would impose just 0.17 cycles.
![AccuBattery screenshot](aeIOr8w6k.png)
But that depends on me being near my phone and conscious so I can take action when the notification goes off. That's often a big assumption to make - and, frankly, I'm lazy.
But that depends on me being near my phone and conscious so I can take action when the notification goes off. That's often a big assumption to make - and, frankly, I'm lazy.
I'm fortunately also fairly crafty, so I came up with a way to combine my favorite Android automation app with my chosen home automation platform to take my laziness out of the picture.
@ -25,7 +25,7 @@ I'm fortunately also fairly crafty, so I came up with a way to combine my favori
- [Tasker](https://play.google.com/store/apps/details?id=net.dinglisch.android.taskerm)
- [Home Assistant Plug-In for Tasker](https://play.google.com/store/apps/details?id=com.markadamson.taskerplugin.homeassistant)
I'm not going to go through how to install Home Assistant on the Pi or how to configure it beyond what's strictly necessary for this particular recipe. The official [getting started documentation](https://www.home-assistant.io/getting-started/) is a great place to start.
I'm not going to go through how to install Home Assistant on the Pi or how to configure it beyond what's strictly necessary for this particular recipe. The official [getting started documentation](https://www.home-assistant.io/getting-started/) is a great place to start.
### The Recipe
1. Plug the Wemo into a wall outlet, and plug a phone charger into the Wemo. Add the Belkin Wemo integration in Home Assistant, and configure the device and entity. I named mine `switchy`. Make a note of the Entity ID: `switch.switchy`. We'll need that later.
@ -37,7 +37,7 @@ For the Service field, you need to tell HA what you want it to do. We want it to
```json
{"entity_id": "switch.switchy"}
```
Tap Test Service to make sure it works - and verify that the switch does indeed turn off.
Tap Test Service to make sure it works - and verify that the switch does indeed turn off.
![Creating and testing the service](U3LfmEJ_7.png)
4. Hard part is over. Now we just need to set up a profile in Tasker to fire our new task. I named mine 'Charge Limiter'. I started with `State > Power > Battery Level` and set it to trigger between 81-100%., and also added `State > Power > Source: Any` so it will only be active while charging. I also only want this to trigger while my phone is charging at home, so I added `State > Net > Wifi Connected` and then specified my home SSID. Link this profile to the Task you created earlier, and never worry about overcharging your phone again.
![Tasker profile to kill power above 80%](h7tl6facr.png)

View file

@ -6,7 +6,7 @@ description: "A hasty Salt state to deploy netdata monitoring and publish it int
featured: false
toc: true
comments: true
series: Code
categories: Code
tags:
- homelab
- iac

View file

@ -15,7 +15,7 @@ thumbnail: "thumbnail.png" # Sets thumbnail image appearing inside card on homep
# shareImage: "/images/path/share.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
codeMaxLines: 30
series: Code
categories: Backstage
tags:
- hugo
- meta

View file

@ -1,5 +1,5 @@
---
series: Code
categories: Backstage
date: "2021-07-19T16:03:30Z"
usePageBundles: true
tags:

View file

@ -14,7 +14,7 @@ featureImageAlt: 'Tailscale Logo' # Alternative text for featured image.
thumbnail: "Tailscale-AppIcon.png" # Sets thumbnail image appearing inside card on homepage.
# shareImage: "share.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
series: Projects
categories: Self-Hosting
tags:
- vpn
- wireguard

View file

@ -1,5 +1,5 @@
---
series: Projects
categories: ChromeOS
date: "2020-10-27T08:34:30Z"
lastmod: "2021-05-20"
thumbnail: XtmaR9Z0J.png

View file

@ -4,6 +4,7 @@ thumbnail: P-x5qEg_9.jpeg
usePageBundles: true
tags:
- chromeos
categories: ChromeOS
title: 'Showdown: Lenovo Chromebook Duet vs. Google Pixel Slate'
---
@ -14,9 +15,9 @@ Okay, okay, this isn't actually going to be a comparison review between the two
### Background
Up until last week, I'd been using the Slate as my primary personal computing device for the previous 20 months or so, mainly in laptop mode (as opposed to tablet mode). I do a lot of casual web browsing, and I spend a significant portion of my free time helping other users on Google's product support forums as a part of the [Google Product Experts program](https://productexperts.withgoogle.com/what-it-is). I also work a lot with the [Chrome OS Linux (Beta) environment](/setting-up-linux-on-a-new-lenovo-chromebook-duet-bonus-arm64-complications), but I avoid Android apps as much as I can. And I also used the Slate for a bit of Stadia gaming when I wasn't near a Chromecast.
So the laptop experience is generally more important to me than the tablet one. I need to be able to work with a large number of browser tabs, but I don't typically need to do any heavy processing directly on the computer.
So the laptop experience is generally more important to me than the tablet one. I need to be able to work with a large number of browser tabs, but I don't typically need to do any heavy processing directly on the computer.
I was pretty happy with the Slate, but its expensive keyboard stopped working recently and replacements aren't really available anywhere. Remember, laptop mode is key for my use case so the Pixel Slate became instantly unusable to me.
I was pretty happy with the Slate, but its expensive keyboard stopped working recently and replacements aren't really available anywhere. Remember, laptop mode is key for my use case so the Pixel Slate became instantly unusable to me.
### Size
When you put these machines side by side, the first difference that jumps out is the size disparity. The 12.3" Pixel Slate is positively massive next to the 10.1" Lenovo Duet.
@ -24,14 +25,14 @@ When you put these machines side by side, the first difference that jumps out is
The Duet is physically smaller so the display itself is of course smaller. I had a brief moment of panic when I first logged in and the setup wizard completely filled the screen. Dialing Chrome OS's display scaling down to 80% strikes a good balance for me between fonts being legible while still displaying enough content to be worthwhile. It can get a bit tight when you've got windows docked side-by-side but I'm getting by okay.
Of course, the smaller size of the Duet also makes it work better as a tablet in my mind. It's comfortable enough to hold with one hand while you interact with the other, whereas the Slate always felt a little too big for that to me.
Of course, the smaller size of the Duet also makes it work better as a tablet in my mind. It's comfortable enough to hold with one hand while you interact with the other, whereas the Slate always felt a little too big for that to me.
![One-handing the Duet](qne9SybLi.jpeg)
### Keyboard
A far more impactful size difference is the keyboards though. The Duet keyboard gets a bit cramped, particularly over toward the right side (you know, those pesky braces and semicolons that are *never* needed when coding):
![The Duet's keyboard is MUCH smaller](CBziPHD8A.jpeg)
Getting used to typing on this significantly smaller keyboard has been the biggest adjustment so far. The pad on my pinky finger is wider than the last few keys at the right edge of the keyboard so I've struggled with accurately hitting the correct `[` or `]`, and also with smacking Return (and inevitably sending a malformed chat message) when trying to insert an apostrophe. I feel like I'm slowly getting the hang of it, but like I said, it's been an adjustment.
Getting used to typing on this significantly smaller keyboard has been the biggest adjustment so far. The pad on my pinky finger is wider than the last few keys at the right edge of the keyboard so I've struggled with accurately hitting the correct `[` or `]`, and also with smacking Return (and inevitably sending a malformed chat message) when trying to insert an apostrophe. I feel like I'm slowly getting the hang of it, but like I said, it's been an adjustment.
### Cover
![Cover up!](yiCW6XZbF.jpeg)
@ -39,7 +40,7 @@ The Pixel Slate's keyboard + folio cover is a single (floppy) piece. The keyboar
![Duet's fabric cover](9_Ze3zyBk.jpeg)
The Duet's rear cover has a fabric finish kind of similar to the cases Google offers for their phones, and it provides a great texture for holding the tablet. It sticks to the back of the Duet through the magic of magnets, and the lower half of it folds out to create a really sturdy kickstand. And it's completely separate from the keyboard which is great for when you're using the Duet as a tablet (either handheld or propped up for watching a movie or gaming with Stadia).
The Duet's rear cover has a fabric finish kind of similar to the cases Google offers for their phones, and it provides a great texture for holding the tablet. It sticks to the back of the Duet through the magic of magnets, and the lower half of it folds out to create a really sturdy kickstand. And it's completely separate from the keyboard which is great for when you're using the Duet as a tablet (either handheld or propped up for watching a movie or gaming with Stadia).
![Duet kickstand](nWRu2TB8i.jpeg)
@ -48,9 +49,9 @@ And this little kickstand can go *low*, much lower than the Slate. This makes it
![The Duet handily wins this limbo competition](BAf7knBk5.jpeg)
### Performance
The Duet does struggle a bit here. It's basically got a [smartphone processor](https://www.notebookcheck.net/Mediatek-Helio-P60T-Processor-Benchmarks-and-Specs.470711.0.html) and half the RAM of the Slate. Switching between windows and tabs sometimes takes an extra moment or two to catch up (particularly if said tab has been silently suspended in the background). Similarly, working with Linux apps is just a bit slower than you'd like it to be. Still, I've spent a bit more than a week now with the Duet as my go-to computer and it's never really been slow enough to bother me.
The Duet does struggle a bit here. It's basically got a [smartphone processor](https://www.notebookcheck.net/Mediatek-Helio-P60T-Processor-Benchmarks-and-Specs.470711.0.html) and half the RAM of the Slate. Switching between windows and tabs sometimes takes an extra moment or two to catch up (particularly if said tab has been silently suspended in the background). Similarly, working with Linux apps is just a bit slower than you'd like it to be. Still, I've spent a bit more than a week now with the Duet as my go-to computer and it's never really been slow enough to bother me.
That arm64 processor does make finding compatible Linux packages a little more difficult than it's been on amd64 architectures but a [little bit of digging](/setting-up-linux-on-a-new-lenovo-chromebook-duet-bonus-arm64-complications) will get past that limitation in most cases.
That arm64 processor does make finding compatible Linux packages a little more difficult than it's been on amd64 architectures but a [little bit of digging](/setting-up-linux-on-a-new-lenovo-chromebook-duet-bonus-arm64-complications) will get past that limitation in most cases.
The upside of that smartphone processor is that the battery life is *insane*. After about seven hours of light usage today I'm sitting at 63% - with an estimated nine hours remaining. This thing keeps going and going, even while Stadia-ing for hours. Being able to play Far Cry 5 without being tethered to a wall is so nice.

View file

@ -14,7 +14,7 @@ usePageBundles: true
thumbnail: "snikket.png" # Sets thumbnail image appearing inside card on homepage.
# shareImage: "share.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
series: Projects
categories: Self-Hosting
tags:
- linux
- cloud

View file

@ -6,7 +6,7 @@ description: "Syntax highlighting powered by the Torchlight.dev API makes it eas
featured: false
toc: true
comments: true
series: Projects # Projects, Code
categories: Backstage
tags:
- javascript
- hugo

View file

@ -6,7 +6,7 @@ description: "Quick notes on using `systemctl edit` to override a systemd servic
featured: false
toc: false
comments: true
series: Tips # Projects, Code
categories: Tips # Projects, Code
tags:
- crostini
- linux

View file

@ -14,7 +14,7 @@ usePageBundles: true
thumbnail: "golinks.png" # Sets thumbnail image appearing inside card on homepage.
# shareImage: "share.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
series: Projects # Projects, Code, vRA8, K8s on vSphere
categories: Self-Hosting # Projects, Code, vRA8, K8s on vSphere
tags:
- docker
- vpn

View file

@ -14,7 +14,7 @@ usePageBundles: true
thumbnail: "Tailscale-AppIcon.png" # Sets thumbnail image appearing inside card on homepage.
# shareImage: "share.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
series: Tips # Projects, Code, vRA8, K8s on vSphere
categories: Tips # Projects, Code, vRA8, K8s on vSphere
tags:
- vmware
- linux

View file

@ -6,7 +6,7 @@ description: "Using Docker Compose to deploy containerized applications and make
featured: false
toc: true
comments: true
series: Projects
categories: Self-Hosting
tags:
- containers
- docker

View file

@ -6,7 +6,7 @@ description: "Exploring some of my favorite Tailscale addon features: SSH, Serve
featured: false
toc: true
comments: true
series: Tips # Projects, Code
categories: Tips # Projects, Code
tags:
- homelab
- networking

View file

@ -14,7 +14,7 @@ usePageBundles: true
thumbnail: "tanzu_community_edition.png" # Sets thumbnail image appearing inside card on homepage.
# shareImage: "share.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
series: K8s on vSphere
categories: VMware
tags:
- vmware
- linux

View file

@ -14,7 +14,7 @@ featureImage: "esxi8.png" # Sets featured image on blog post.
# thumbnail: "thumbnail.png" # Sets thumbnail image appearing inside card on homepage.
# shareImage: "share.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
series: Tips # Projects, Code, vRA8
categories: VMware # Projects, Code, vRA8
tags:
- vmware
- homelab

View file

@ -1,5 +1,5 @@
---
series: Code
categories: Code
date: "2021-04-29T08:34:30Z"
usePageBundles: true
tags:
@ -9,7 +9,7 @@ title: Using PowerShell and a Scheduled Task to apply Windows Updates
toc: false
---
In the same vein as [my script to automagically resize a Linux LVM volume to use up free space on a disk](/automatic-unattended-expansion-of-linux-root-lvm-volume-to-fill-disk), I wanted a way to automatically apply Windows updates for servers deployed by [my vRealize Automation environment](/series/vra8). I'm only really concerned with Windows Server 2019, which includes the [built-in Windows Update Provider PowerShell module](https://4sysops.com/archives/scan-download-and-install-windows-updates-with-powershell/). So this could be as simple as `Install-WUUpdates -Updates (Start-WUScan)` to scan for and install any available updates.
In the same vein as [my script to automagically resize a Linux LVM volume to use up free space on a disk](/automatic-unattended-expansion-of-linux-root-lvm-volume-to-fill-disk), I wanted a way to automatically apply Windows updates for servers deployed by [my vRealize Automation environment](/categories/vmware). I'm only really concerned with Windows Server 2019, which includes the [built-in Windows Update Provider PowerShell module](https://4sysops.com/archives/scan-download-and-install-windows-updates-with-powershell/). So this could be as simple as `Install-WUUpdates -Updates (Start-WUScan)` to scan for and install any available updates.
Unfortunately, I found that this approach can take a long time to run and often exceeded the timeout limits imposed upon my ABX script, causing the PowerShell session to end and terminating the update process. I really needed a way to do this without requiring a persistent session.

View file

@ -1,5 +1,5 @@
---
series: Tips
categories: Tips
date: "2021-02-18T08:34:30Z"
thumbnail: PPZu_UOGO.png
usePageBundles: true

View file

@ -14,7 +14,7 @@ featureImage: "vdt.png" # Sets featured image on blog post.
thumbnail: "pulse2.png" # Sets thumbnail image appearing inside card on homepage.
# shareImage: "share.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
series: Tips # Projects, Code, vRA8
categories: VMware # Projects, Code, vRA8
tags:
- vmware
- vsphere

View file

@ -2,6 +2,7 @@
date: "2021-07-20T22:20:00Z"
thumbnail: 20210720-jekyll.png
usePageBundles: true
categories: Backstage
tags:
- linux
- meta
@ -71,4 +72,4 @@ And there it is!
### `git push` time
Alright that's enough rambling for now. I'm very happy with this new setup, particularly with the automatically-generated Table of Contents to help folks navigate some of my longer posts. (I can't believe I was having to piece those together manually in this blog's previous iteration!)
I'll continue to make some additional tweaks in the coming weeks but for now I'll `git push` this post and get back to documenting my never-ending [vRA project](/series/vra8).
I'll continue to make some additional tweaks in the coming weeks but for now I'll `git push` this post and get back to documenting my never-ending [vRA project](/categories/vmware).

View file

@ -7,6 +7,7 @@ draft: false
description: "This blog has migrated from virtuallypotato.com to runtimeterror.dev."
toc: false
comments: true
categories: Backstage
tags:
- meta
---
@ -19,7 +20,7 @@ ln -s virtuallypotato.com runtimeterror.dev
If you've noticed that things look a bit different around here, you might *also* have noticed that my posts about VMware products had become less and less frequent over the past year or so. That wasn't intentional, but a side-effect of some shifting priorities with a new position at work. I'm no longer on the team responsible for our VMware environment and am now more focused on cloud-native technologies and open-source DevOps solutions. The new role keeps me pretty busy, and I'm using what free time I have to learn more about and experiment with the technologies I use at work.
That (unfortunately) means that I won't be posting much (if at all) about VMware-related things (including the [vRA8 series of posts](/series/vra8/))[^vra8] going forward. Instead, expect to see more posts about things like [containers](/tags/containers/), [infrastructure-as-code](/tags/iac/), [self-hosting](/tags/selfhosting/), and [miscellaneous tech projects](/series/projects/) that I play with.
That (unfortunately) means that I won't be posting much (if at all) about VMware-related things (including the [vRA8 series of posts](/categories/vmware/))[^vra8] going forward. Instead, expect to see more posts about things like [containers](/tags/containers/), [infrastructure-as-code](/tags/iac/), [self-hosting](/tags/selfhosting/), and [miscellaneous tech projects](/categories/self-hosting/) that I play with.
I decided to migrate, rebrand, and re-theme my blog to reflect this change in focus. virtuallypotato used a [theme heavily inspired by VMware design language](https://github.com/chipzoller/hugo-clarity), and I don't think it's a great fit for the current (and future) content anymore. That theme is also very feature-rich which provides a lot of capability out of the box but makes it a bit tricky to modify (and maintain) my personal tweaks. The new runtimeterror[^pun] site uses a [more minimal theme](https://github.com/joeroe/risotto) which takes cues from terminals and markdown formatting. It's also simpler and thus easier for me to tweak. I've done a lot of that already and anticipating doing a bit more in the coming weeks, but I wanted to go ahead and make this thing "live" for now.

View file

@ -1,5 +1,5 @@
---
series: vRA8
categories: VMware
date: "2021-02-05T08:34:30Z"
thumbnail: SIDah-Lag.png
usePageBundles: true

View file

@ -1,5 +1,5 @@
---
series: vRA8
categories: VMware
date: "2021-05-20T08:34:30Z"
thumbnail: wl-WPQpEl.png
usePageBundles: true

View file

@ -1,5 +1,5 @@
---
series: vRA8
categories: VMware
date: "2021-05-18T08:34:30Z"
lastmod: "2021-05-20"
thumbnail: hFPeakMxn.png

View file

@ -1,5 +1,5 @@
---
series: vRA8
categories: VMware
date: "2021-03-29T08:34:30Z"
thumbnail: VZaK4btzl.png
usePageBundles: true

View file

@ -1,5 +1,5 @@
---
series: vRA8
categories: VMware
date: "2021-04-19T08:34:30Z"
thumbnail: K6vcxpDj8.png
usePageBundles: true

View file

@ -1,5 +1,5 @@
---
series: vRA8
categories: VMware
date: "2021-04-02T08:34:30Z"
lastmod: "2022-03-23"
thumbnail: HXrAMJrH.png

19
content/uses.md Normal file
View file

@ -0,0 +1,19 @@
---
title: "Stuff I Use"
date: "2024-01-19T04:15:31Z"
# lastmod: {{ .Date | time.Format "2006-01-02" }}
description: "The hardware, software, and services which keep me going."
toc: true
draft: true
comments: true
timeless: true
---
Here's the stuff I use and how I use it.
### Hardware
- **[Framework Laptop Chromebook Edition](https://frame.work/products/laptop-chromebook-12-gen-intel)** (i5-1240P | 32GB RAM | 1TB NVMe). This is my primary personal computing device. Yep, it's an overpowered Chromebook, and I make full use of the [Linux Development Environment](https://www.chromium.org/chromium-os/developer-library/guides/containers/containers-and-vms/) to Do Things. I love it.
-
### Software
### Services

View file

@ -6,32 +6,58 @@
{{ if .IsHome }}
<h1>{{ site.Params.indexTitle | markdownify }}</h1>
{{ else }}
<h1>{{ .Title | markdownify }}{{ if eq .Kind "term" }}&nbsp;<a target="_blank" href="feed.xml" aria-label="Category RSS"><i class="fa-solid fa-square-rss"></i></a>&nbsp;</h1>{{ end }}
{{ end }}
<h1>{{ .Title | markdownify }}{{ if eq .Kind "term" }}&nbsp;<a target="_blank" href="feed.xml" aria-label="Category RSS"><i class="fa-solid fa-square-rss"></i></a>&nbsp;</h1>
{{ with .Description }}<i>{{ . }}</i><hr>{{ else }}<br>{{ end }}
{{ end }}{{ end }}
{{ .Content }}
</header>
{{- if ne .Title "Tags"}}
{{- range (.Paginate $pages).Pages }}
{{- $postDate := .Date.Format "2006-01-02" }}
{{- $updateDate := .Lastmod.Format "2006-01-02" }}
<article class="post">
<header class="post__header">
<h1><a href="{{ .Permalink }}">{{ .Title | markdownify }}</a></h1>
<p class="post__meta">
<span class="date">["{{- $postDate }}"{{- if ne $postDate $updateDate }}, "{{ $updateDate }}"{{ end }}]</span>
</p>
</header>
<section class="post__summary">
{{ .Summary }}
</section>
<br>
</article>
{{ end }}
{{- template "_internal/pagination.html" . }}
{{- if eq .Kind "taxonomy" }}
{{- if eq .Title "Tags" }}
<div class="tagsArchive">
{{- range $key, $value := .Site.Taxonomies }}
{{- $slicedTags := ($value.ByCount) }}
{{- range $slicedTags }}
{{- if eq $key "tags"}}
<div><a href='/{{ $key }}/{{ (replace .Name "#" "%23") | urlize }}/' title="{{ .Name }}">{{ .Name }}</a><sup>{{ .Count }}</sup></div>
{{- end }}
{{- end }}
{{- end }}
</div>
{{- else }}
{{- range .Pages.ByDate.Reverse }}
{{- $postDate := .Date.Format "2006-01-02" }}
{{- $updateDate := .Lastmod.Format "2006-01-02" }}
<article class="post">
<header class="post__header">
<h1><a href="{{ .Permalink }}">{{ .Title | markdownify }}</a></h1>
<p class="post__meta">
<span class="date">["{{- $postDate }}"{{- if ne $postDate $updateDate }}, "{{ $updateDate }}"{{ end }}]</span>
</p>
</header>
<section class="post__summary">
{{ .Description }}
</section>
<hr>
</article>
{{ end }}
{{- end }}
{{- else }}
{{- range .Pages.ByTitle }}
[<a href="{{ .Permalink }}">{{ .Title | markdownify }}</a>]
{{- end }}
{{- range (.Paginate $pages).Pages }}
{{- $postDate := .Date.Format "2006-01-02" }}
{{- $updateDate := .Lastmod.Format "2006-01-02" }}
<article class="post">
<header class="post__header">
<h1><a href="{{ .Permalink }}">{{ .Title | markdownify }}</a></h1>
<p class="post__meta">
<span class="date">["{{- $postDate }}"{{- if ne $postDate $updateDate }}, "{{ $updateDate }}"{{ end }}]</span>
</p>
</header>
<section class="post__summary">
{{ .Summary }}
</section>
<hr>
</article>
{{- end }}
{{- template "_internal/pagination.html" . }}
{{- end }}

View file

@ -27,10 +27,10 @@
{{- end }}
{{ end }}
{{ if isset .Params "series" }}
{{$related := where .Site.RegularPages ".Params.series" "eq" .Params.series }}
{{ if isset .Params "categories" }}
{{$related := where .Site.RegularPages ".Params.categories" "eq" .Params.categories }}
{{- $relatedLimit := default 8 .Site.Params.numberOfRelatedPosts }}
<h3>More {{ .Params.series }}</h3>
<h3>More {{ .Params.categories }}</h3>
<ul>
{{- range first $relatedLimit $related }}
<li>
@ -39,7 +39,7 @@
{{ end }}
{{ if gt (len $related) $relatedLimit }}
<li>
<a href="/series/{{ lower .Params.series }}/"><i>See all {{ .Params.series }}</i></a>
<a href="/categories/{{ lower .Params.categories }}/"><i>See all {{ .Params.categories }}</i></a>
</li>
{{ end }}
</ul>

View file

@ -253,4 +253,32 @@ form button {
border: none;
background-color: var(--off-bg);
color: var(--link);
}
/* tags list styling */
.tagsArchive {
display: grid;
grid-template-columns: repeat(auto-fit, minmax(12rem, 1fr));
grid-gap: 0.5rem;
/* justify-content: center; */
margin: 0.5rem 0;
}
.tagsArchive sup {
font-size: 0.75rem;
margin-left: 0.2rem;
margin-right: 0.5rem;
}
.date {
font-size: 0.8rem;
color: var(--off-fg);
}
/* blockquote styling */
blockquote {
font-style: italic;
border-left: 0.25rem solid var(--logo);
padding-left: 0.25rem;
}

View file

@ -59,7 +59,7 @@ module.exports = {
excludePatterns: [
'/node_modules/',
'/vendor/',
'/series/',
'/categories/',
'/tags/'
]
}