Skip to content

Blog

  • 7 min read

Linting Code

Linting is running documented checks to statically analyze code for common mistakes and errors.

It can also be a great way to learn a new programming language as you'll be pointed to coding conventions, often in the form of the problematic code snippet, suggestions on how to refactor it, and the reasoning behind why.

Not every language has a standard linter, and some languages have multiple linters that are popular to use.

This guide is meant to get you started with linting, from "how to install" to "how to use" linters. It contains examples for both interactive CLI and automated CI/CD-focused workflows in Python, bash, PowerShell, Ansible, Packer, Terraform, with more to be added over time.

Additional Resources

The following resources will be useful if you're getting started with linting or CI/CD.

  • 17 min read

KVM (Kernel-based Virtual Machine)

KVM is a type 1 hypervisor technology built into the Linux kernel, using components like QEMU, libvirt, and virt-manager to orchestrate virtual machines. This reference aims to cover everything you'd need to have a basic understanding of KVM and QEMU, how to use virt-manager, networking configuration options, and the various components such as SPICE.

What is KVM?

  • virt-manager acts as one possible GUI / CLI frontend to managing VM's.
  • qemu is the virtualization / emulation technology that technologies like virt-manager call to run VM's.
  • QEMU can be used via the CLI on its own.

KVM relates to QEMU when you run VM's with hardware acceleration rather than pure software emulation, KVM provides the hardware translation and acceleration component. This is the difference when starting VM's with kvm instead of qemu-system-x86_64.

kvm is the equivalent of running qemu-system-x86_64 -machine accel=kvm:tcg (see man kvm).

libvirt is an API, daemon, and management tool that ties all of the components you want to use together, and is used by KVM, Xen, VMware ESXi, and QEMU when performing virtualization tasks.

  • 14 min read

nzyme x [Raspberry Pi, Proxmox, Tailscale]

This guide walks through deploying nzyme on a Raspberry Pi (4B or 5) leveraging autoconfiguration tools available on each system. For Raspberry Pi OS this includes writing additional files into the bootfs and rootfs partitions. For Ubuntu server images cloud-init or Ansible could be used.

The result is nzyme running as either a stand-alone system, or as a distributed node + tap where the nzyme-node lives on a server like Proxmox with the nzyme-tap sending data back to it from the external Raspberry Pi. Tailscale is also brought into focus for secure remote access.

This guide doesn't offer anything new in terms of nzyme usage that the official documentation doesn't already answer, but more of what you might run into and steps on how to achieve certain deployments if your goal is anything like what's described below.

  • 14 min read

Proxmox

Get started with Proxmox. Installation considerations, networking, disk encryption options, and migrating existing virtual machines.

Everything's presented in a useful order to follow if you're used to Hyper-V, VMware Workstation, or VirtualBox and want to jump in by moving to a Proxmox server.

What's most interesting about Proxmox is the Web UI gives you full console and GUI (yes, GUI desktop) access to your VM's through either noVNC or SPICE, even via a smart phone.

  • 39 min read

Wazuh all your things with Tailscale

This guide shows you how to get a Wazuh instance running over Tailscale on both Windows and Linux, using Sysmon(+forLinux), auditd, and all the tweaks you'll want to get started. This is ideal for a low resource, low budget, or lab scenario. You could eventually migrate this Wazuh data to a distributed cluster (proxmox), or real hardware if you grow with it.

  • 20 min read

BIND9 DNS

How to install, maintain, and run a BIND9 DNS server (named). Covers building from source, configuring, hardening, and DNS over TLS as well as DNSSEC.

Updated on 2024/07/23.

  • 21 min read

Atomic Red Team x Unix Artifacts Collector

An overview of spinning up a test environment, and extracting evidence from any unix-like endpoint. This is mostly for personal reference, as it's just pointing to all the existing (and vast) documentation in a sequence that's useful for me -- and hopefully for you as well.

Updated on 2024/07/12.

  • 23 min read

OpenSCAP Practical Usage

Install OpenSCAP, pull compliance profiles from GitHub/ComplianceAsCode, debug policies with Ansible's -C and -D options, apply, test, and maintain policies with Ansible tags.

Updated on 2024/07/10.

  • 87 min read

Windows

Various configuration settings and notes for Microsoft Windows operating systems.

Updated on 2024/07/23.

  • 24 min read

OpenWrt

This guide includes details for installing and running OpenWrt on UniFi AP's as well as Raspberry Pis and even as a virtual machine.

Because it's so flexible in its deployment, there are examples for different use cases included. For instance Tailscale can be leveraged for easy remote administration from anywhere including your mobile device thanks to the Web UI if that's important to you. Generally this guide approaches OpenWrt as a way to provide WiFi to networks where pfSense (or another upstream device) is the primary firewall router.

There's a detailed list of reference links at the top to keep in mind as you read through, and each step tries to include useful copy-and-paste ready commands for operations you may need to repeat every time you go through the process being described.

Updated on 2024/12/14.