Public Documentation

Welcome to Muchtall's Bookstack

Nothing much here to begin with, but eventually you will find pages for public consumption in the Public Documentation area.

Ubuntu Template Image Preparation and Cloning

About

Just some documentation I use to keep track of how to provision a new, fresh Ubuntu VM template on my homelab. Some values are going to differ in your environment, such as:

Fresh Install of VM

Fresh Ubuntu Installation

Post-install Ubuntu Configuration

VIM Tweaks

While cool, some of the newer VIM plugins that come with Ubuntu can cause unexpected weirdness. Lets tweak the room VIM config so that it's less of a pain when doing a sudo vi

Apparently `sudoedit` is a thing. That loads your personal .vimrc while executing edits as root. In which case, if you use sudoedit, you may want to add these tweaks to your personal ~/.vimrc

Template Image Prep

Set up OpenSSH Key Reconfiguration

If you simply clone an Ubuntu image without resetting the OpenSSH server host keys, an attacker can take those host keys and perform a MITM SSH attack on any system that was cloned from the same image. So we have to make sure those are reset before we make the image, and then automatically regenerated on the next boot.

Clear the Machine ID

Genericize the netplan config

Clear the Bash, VIM, and other history

Shutdown

Create the Template or Image

XCP-NG

Using XOA Xen Orchestra

Cloning to a New VM

XCP-NG

Using XOA Xen Orchestra

Post-Cloning Configuration

Installing Docker on Ubuntu

Install

Per-admin first-time setup

For each local user you want to grant docker access (such as your own user)...

Optional Install of Portainer

Gives users an approachable GUI to manage containers

Debian Template Image Preparation and Cloning

ROUGH DRAFT

Fresh Install of VM

Fresh Debian Installation

To be documented

Post-install Ubuntu Configuration

VIM Tweaks

Template Image Prep

Set up OpenSSH Key Reconfiguration

If you simply clone a Debian image without resetting the OpenSSH server host keys, an attacker can take those host keys and perform a MITM SSH attack on any system that was cloned from the same image. So we have to make sure those are reset before we make the image, and then automatically regenerated on the next boot.

Clear the Machine ID

Genericize the interface config

Clear the Bash, VIM, and other history

Shutdown

Create the Template or Image

XCP-NG

Using XOA Xen Orchestra

A Comparison of Common ESPHome-Compatible MMWave Prescence Sensors

Models

DFRobot C4001 (SEN0609 Variant)

Not personally evaluated, but seems to be a strong contender, especially for larger spaces

image.png

LD2450

AKA: HLK-LD2450

image.png

* May be an ESPHome implementation-specific limitation that can be overcome by tweaking the lambdas

LD1125H

AKA: HLK-LD1125H-24G

image.png

Getting AWS SSO to work with KeePass and Kee

The AWS SSO login page (such as those that come after the custom "acmeco.awsapps.com" domains) tend to be a bit problematic for full integration with Kee/KeePass2/. Here's my working configuration...