• vCenter OIDC authentication using KeyCloak

    vCenter OIDC authentication using KeyCloak

    VMWare vCenter 7 adds support for OIDC single-sign on. Officially only ADFS is supported, but with some tweaks, KeyCloak can be used instead

  • ZFS testing on Sabayon

    At the time of writing, Sabayon ships the stable version of ZFS-on-Linux, 0.7.13. A new 0.8.0 release dropped a couple weeks ago, with some long-awaited features: Native ZFS encryption (including zero-knowledge send/recv support for off-site backups) SSD TRIM support Direct IO Given the major changes to the code and this is a point-zero release, Sabayon […]

  • Going Paperless: Revisited

    A few years ago, I wrote about a system I setup to automatically OCR and upload scanned documents to Google Drive. Since then I decommissioned the old server it used to run on. Rather than set this up again on the replacement server directly, I thought I’d package it up as a docker container. The […]

  • Managing volume usage in Bacula

    Overview I’ve been a user of Bacula for several years now, managing a large deployment for work. In this case, by large I mean multiple petabytes of data tracked by the catalog across tens of thousands of volume files. The past few years have seen several incremental improvements that now mean for the most part […]

  • Puppet custom type validation woes

    Since I’ve just lost a full day to troubleshooting this issue, I’m documenting it in case it hits anyone else. In at least puppet versions 4.7.0 and earlier, global type validation cannot be used to ensure the presence of paramters without breaking puppet resource. Simplified example type: This works fine to validate that in a […]

  • puppet-sabayon

    I’ve just uploaded my first puppet module to the forge, optiz0r-sabayon, which improves support for the Sabayon Linux distribution in puppet. This does the following things: Overrides the operatingsystem fact for Sabayon hosts Adds a provider for entropy package manager, and sets this as the default for Sabayon Adds a shim service provider, that marks systemd as the […]

  • Going Paperless

    Too much paper! My house is full of paperwork. Bank statements, invoices, letters about services. There’s far too much of it, and I’ve never been good at throwing it away in case I need it later on. But physically filing lots of paper requires lots of boxes to be organised, which takes up lots of […]

  • Removing stale facts from PuppetDB

    PuppetBoard and PuppetExplorer are both excellent tools but can be slowed down significantly if there are a very large number of facts in PuppetDB. I recently had an issue with some legacy facts tracking stats about mounted filesystems causing a significant amount of bloat, and this is how I cleaned them up. The problem A […]

  • Setting up hiera-eyaml-gpg

    It’s inevitable at some point while writing puppet manifests that you’ll need to manage some sensitive configuration; be that a database password, an SSH deploy key, etc. One way to deal with this is to lock down your puppet code so that only trusted developers can see the contents. Another approach is to encrypt the […]

  • ZFS on Sabayon

    Does ZFS work on Sabayon? Yes, very nicely 🙂 Here’s how: