Posts

References Kasm Documentation Kasm System Requirements Kasm GPU Install Prerequisites Install Docker Tutorial Swap Space Installation NOTE: check for the latest version cd /tmp curl -O https://kasm-static-content.s3.amazonaws.com/kasm_release_1.18.1.tar.gz tar -xf kasm_release_1.18.1.tar.gz sudo bash kasm_release/install.sh --accept-eula --swap-size 8192 GPU Setup The Nvidia container setup instructions, and standard GPU driver installation threw an error: nvidia runtime not found. The script on Kasm’s site worked. #!/bin/bash # Check for NVIDIA cards if ! lspci | grep -i nvidia > /dev/null; then echo "No NVIDIA GPU detected" exit 0 fi add-apt-repository -y ppa:graphics-drivers/ppa curl -fsSL https://nvidia.github.io/libnvidia-container/gpgkey | sudo gpg --dearmor -o /usr/share/keyrings/nvidia-container-toolkit-keyring.gpg \ && curl -s -L https://nvidia.github.io/libnvidia-container/stable/deb/nvidia-container-toolkit.list | \ sed 's#deb https://#deb [signed-by=/usr/share/keyrings/nvidia-container-toolkit-keyring.gpg] https://#g' | \ sudo tee /etc/apt/sources.list.d/nvidia-container-toolkit.list apt update apt install -y ubuntu-drivers-common # Run ubuntu-drivers and capture the output DRIVER_OUTPUT=$(ubuntu-drivers list 2>/dev/null) # Extract server driver versions using grep and regex # Pattern looks for nvidia-driver-XXX-server SERVER_VERSIONS=$(echo "$DRIVER_OUTPUT" | grep -o 'nvidia-driver-[0-9]\+-server' | grep -o '[0-9]\+' | sort -n) # Check if any server versions were found if [ -z "$SERVER_VERSIONS" ]; then echo "Error: No NVIDIA server driver versions found." >&2 exit 1 fi # Find the highest version number LATEST_VERSION=$(echo "$SERVER_VERSIONS" | tail -n 1) # Validate that the version is numeric if ! [[ "$LATEST_VERSION" =~ ^[0-9]+$ ]]; then echo "Error: Invalid version number: $LATEST_VERSION" >&2 exit 2 fi # Output only the version number echo "Latest version is: $LATEST_VERSION" ubuntu-drivers install "nvidia:$LATEST_VERSION-server" apt install -y "nvidia-utils-$LATEST_VERSION-server" # Install NVIDIA toolkit + configure for docker apt-get install -y nvidia-container-toolkit nvidia-ctk runtime configure --runtime=docker Egress Setup: NordVPN Get service credentials for the VPN: Available on the VPN dashboard Download desired OpenVPN configuration files: Available on the VPN dashboard On Kasm Administrator dashboard, select Egress (Infrastructure > Egress) Add the egress provider: Configure VPN type: Add egress gateways: On the Workspaces > Workspace page, select the workspace to allow it to use the VPN, click edit and add the egress provider on the Egress tab. On the Egress Credentials tab, add in the service credentials for the VPN

Resources askubuntu.com redhat.com Instructions Identify partitions with the lsblk command Determine the volume group you want to extend using the vgs and vgdisplay commands Determine the logical volumes using lvs command Determine the mapping of the logical volume (/dev/[VG-NAME]/[lv name]) Extend the partition (cfdisk) Extend the physical volume: pvresize /dev/sd[your partition] Extend the logical volume :``` lvextend -r -l +100%FREE /dev/mapper/VG-NAME --lv NAME (Possibly) Extend the file system (varies by file system type): XFS: xfs_growfs /dev/mapper/VG-NAME --lv name Extend a Proxmox VM Disk In the virtual machine hardware tab, select the disk you wish to resize and click “Disk Action” then “Resize”

Description Portainer is a web-based Docker management interface that allows users to easily manage their Docker containers, networks, and volumes. It provides a simple and intuitive way to view and interact with your Docker environment. Installation Install Docker Create the Portainer server database: docker volume create portainer_data Download and install Portainer-CE docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest Things I’ve Learned To update the container’s name in the yaml file, use the container_name: variable If a stack is unable to be deleted, it’s likely because the /var/lib/docker/volumes/portiner_data/_data/compose file is missing. You’ll have to recreate that numbered file and a docker-compose.yml in the directory in order to delete the stack. After Setup remove the 8000 port bind docker run -d -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest See also: Setup automatic updates with [[Watchtower]] or [[Shepherd]]. References Portainer-CE Container Names

This guide is a quick copy/paste on how to update Fedora Lunux. Update the Latest Packages sudo dnf upgrade --refresh Download the System Update sudo dnf system-upgrade download --releasever={LATEST RELEASE} Note: releasever can be changed easily, and incremented by 2 Reboot sudo dnf system-upgrade reboot (Optional) Further Updates sudo dnf install rpmconf && sudo rpmconf -a && sudo dnf install remove-retired-packages remove-retired-packages Clean and remove duplicate packages sudo dnf repoquery --duplicates && sudo dnf remove --duplicates && sudo dnf autoremove Clean gpg keys sudo dnf install clean-rpm-gpg-pubkey sudo clean-rpm-gpg-pubkey Clean symlinks Step 1: ...

Explanation: vrrp_instance: a virtual router state: master or backup priority: higher priority means that router gets chosen more often authentication: auth_type: can integrate with other ticket based authentication protocols auth_pass: IPv4 sub 8 character passwords, IPv6 allows for longer passwords virtual_ipaddress: the shared IP ranges for the virtual router (can be more than one) Setup Examples Manager: vrrp_instance VI_1 { state MASTER interface eth0 virtual_router_id 51 priority 10 advert_int 1 authentication { auth_type AH auth_pass adguard } virtual_ipaddress { 10.133.7.11/24 } } vrrp_instance VI_2 { state MASTER interface eth0 virtual_router_id 52 priority 10 advert_int 1 authentication { auth_type PASS auth_pass adgaurdhome } virtual_ipaddress { fd48:fb0a:cb3a:b8d4::1234/64 } } Backup: vrrp_instance VI_1 { state BACKUP interface eth0 virtual_router_id 51 priority 1 advert_int 1 authentication { auth_type AH auth_pass adguard } virtual_ipaddress { 10.133.7.11/24 } } vrrp_instance VI_2 { state BACKUP interface eth0 virtual_router_id 52 priority 1 advert_int 1 authentication { auth_type PASS auth_pass adgaurdhome } virtual_ipaddress { fd48:fb0a:cb3a:b8d4::1234/64 } } Notes: Separate setup for IPv4 and IPv6 addresses Can have multiple setup for different interfaces References: redhat arch wiki keepalived documentation

References: Shepherd Docker Compose Examples Shepherd Github Shepherd on hub.docker.com About Shepherd is a Docker swarm service for automatically updating your services whenever their base image is refreshed. Variables Default check time is every 5 minutes. Change this with the SLEEP_TIME variable. Control which services aren’t updated with the IGNORELIST_SERVICES variable. Ignored services should be in a space separated list of service names. As an alternative to ignore, use FILTER_SERVICES to specify which services you want updated. Notifications can be enabled through the appraise micro service and the APPRISE_SIDECAR_URL variable. Set the timezone with the TZ variable. Note, do not include quotations for the timezone. Clean up old services with IMAGE_AUTOCLEAN_LIMIT, the variable set keeps that number of old images. Setup: Docker Compose version: "3" services: app: image: containrrr/shepherd environment: APPRISE_SIDECAR_URL: notify:5000 TZ: Pacific/Honolulu IMAGE_AUTOCLEAN_LIMIT: 2 SLEEP_TIME: '360m' FILTER_SERVICES: "label=shepherd.autodeploy" VERBOSE: 'true' volumes: - /var/run/docker.sock:/var/run/docker.sock networks: - notification deploy: placement: constraints: - node.role == manager notify: image: mazzolino/apprise-microservice:latest environment: NOTIFICATION_URLS: discord:[add your URL here] networks: - notification networks: notification: Docker Run docker service create --name shepherd --constraint "node.role==manager" --mount type=bind,source=/var/run/docker.sock,target=/var/run/docker.sock,ro containrrr/shepherd Notes: Notifications runs through the apprise microservice which runs on Apprise. The format for discord notifications is: discord://webhook_id/webhook_token or discord://avatar@webhook_id/webhook_token.

References Watchtower Docs Watchtower Notifications Watchtower Configuration - smarthomebeginner Watchtower Docker Compose Examples All Arguments A Good Reddit Thread\ A Tutorial Setup Docker Compose: version: "3" services: watchtower: image: nickfedor/watchtower container_name: watchtower volumes: - /var/run/docker.sock:/var/run/docker.sock environment: # - WATCHTOWER_LABEL_ENABLE=true - WATCHTOWER_NOTIFICATIONS=shoutrrr - WATCHTOWER_NOTIFICATION_URL=discord:[add discord url] - WATCHTOWER_POLL_INTERVAL=21600 - WATCHTOWER_CLEANUP=true # labels: # - "com.centurylinklabs.watchtower.enable=true" command: homepage portainer hostname: watchtower restart: unless-stopped deploy: mode: global Docker Run: docker run -d --name watchtower --volume /var/run/docker.sock:/var/run/docker.sock containrrr/watchtower [NAMES OF THE CONTAINERS TO UPDATE] Notes Watchtower does not work with docker swarms, for that use case see Shepherd.

Links dash.cloudflare.com one.dash.cloudflare.com Installing the service Ubuntu curl -L --output cloudflared.deb https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb && sudo dpkg -i cloudflared.deb && sudo cloudflared service install [TUNNEL KEY] Red Hat curl -L --output cloudflared.rpm https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-x86_64.rpm && sudo yum localinstall -y cloudflared.rpm && sudo cloudflared service install [TUNNEL KEY] Docker docker run cloudflare/cloudflared:latest tunnel --no-autoupdate run --token [TUNNEL KEY] Docker Compose version: "3.8" services: cloudflared: image: cloudflare/cloudflared:latest restart: unless-stopped command: tunnel run network_mode: host environment: - "TUNNEL_TOKEN=[TUNNEL KEY]" deploy: mode: global placement: constraints: [node.platform.os == linux] Cloudflare as a Docker Sidecar Cloudflare can serve ports from other docker containers without actually exposing the container ports on the host device. See the compose example below: ...

References Ollama.com Installation curl -fsSL https://ollama.com/install.sh | sh Useful Commands sudo usermod -aG ollama $USER ollama pull llama3 llama2-uncensored godegemma gemma dolphin-mistral Service Configuration [Unit] Description=Ollama Service After=network-online.target [Service] ExecStart=/usr/local/bin/ollama serve User=ollama Group=ollama Restart=always RestartSec=3 Environment="PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin" Environment="OLLAMA_HOST=0.0.0.0" [Install] WantedBy=default.target Useful Plugins Obsidian: local gpt Openweb-UI Misc Information Service runs on port 11433 By default service only listens on local host

References: Open WebUI Open WebUI Troubleshooting Searxng Integration This is my error… Setup Main docker run -d -p 8080:8080 --add-host=host.docker.internal:host-gateway -v open-webui:/app/backend/data --name open-webui --restart always ghcr.io/open-webui/open-webui:main Latest docker run -d -p 8080:8080 --add-host=host.docker.internal:host-gateway -v open-webui:/app/backend/data --name open-webui --restart always ghcr.io/open-webui/open-webui:latest Docker Compose Yaml version: "3" services: open-webui: image: ghcr.io/open-webui/open-webui:latest container_name: open-webui volumes: - /home/mechanicus/open-webui:/app/backend/data restart: unless-stopped port: - "8080:8080" extra_hosts: - "host.docker.internal:host-gateway" Updates Pull the new image (make sure you pick main or latest based on your install) docker pull ghcr.io/open-webui/open-webui:latest Remove the old container docker rm --force open-webui Start the new container by rerunning the setup command docker run -d -p 8080:8080 --add-host=host.docker.internal:host-gateway -v open-webui:/app/backend/data --name open-webui --restart always ghcr.io/open-webui/open-webui:latest (Optional) Let [[Watchtower]] Do it docker run -d --name watchtower --volume /var/run/docker.sock:/var/run/docker.sock containrrr/watchtower open-webui Troubleshooting Resetting the admin password on a local instance - generate a new password hash htpasswd -bnBC 10 "" your-new-password | tr -d ':\n' Change the password using a new docker container - replace HASH with the new password hash you just generated. docker run --rm -v open-webui:/data alpine/socat EXEC:"bash -c 'apk add sqlite && echo UPDATE auth SET password='\''HASH'\'' WHERE email='\''admin@example.com'\''; | sqlite3 /data/webui.db'", STDIO Data needs to be directly in the base folder for a mapped volume (Docker volumes use _data within a volume folder). [[Searxng]] needs the following changes to searxng/settings.yml: search: safe_search: 0 autocomplete: "" default_lang: "" formats: - html - json