https://mafyuh.com/ Recent content on Mafyuh's Blog Hugo -- gohugo.io en Thu, 22 Feb 2024 08:00:00 +0000 https://mafyuh.com/about/ Thu, 22 Feb 2024 08:00:00 +0000 https://mafyuh.com/about/ Hello! 👋 I’m Matt Reeves, a DevOps and GitOps enthusiast with a passion for self-hosting. Before diving into the world of DevOps and GitOps, I honed my skills as an advanced electronics repair technician, tackling complex challenges with multimeters, oscilloscopes, and soldering irons. From troubleshooting intricate circuits to mastering surface-mount technology (SMT), I thrived on solving problems and learning what’s possible in electronics. While I continue to stay up-to-date with hardware, my focus has shifted more towards the software side of things. https://mafyuh.com/contact/ Thu, 22 Feb 2024 08:00:00 +0000 https://mafyuh.com/contact/ Got questions, feedback, or just want to say hi? Feel free to reach out to me using the contact information below: Email: admin[at]mafyuh[dot]com Discord Resume If you’re interested in my professional experience, you can download my resume below: Download Resume https://mafyuh.com/posts/resize-ubuntu-vm-disk/ Tue, 06 Feb 2024 02:58:07 +0000 https://mafyuh.com/posts/resize-ubuntu-vm-disk/ 1st step: Increase/resize disk from GUI console 2nd step: Extend physical drive partition and check free space with: sudo growpart /dev/sda 3 sudo pvdisplay sudo pvresize /dev/sda3 sudo pvdisplay 3rd step: Extend Logical volume sudo lvdisplay sudo lvextend -l +100%FREE /dev/ubuntu-vg/ubuntu-lv sudo lvdisplay 4th step: Resize Filesystem sudo resize2fs /dev/ubuntu-vg/ubuntu-lv sudo fdisk -l https://mafyuh.com/posts/proton-mail-authentik-social-login-setup/ Sun, 12 Nov 2023 16:20:00 +0000 https://mafyuh.com/posts/proton-mail-authentik-social-login-setup/ This is just a quick guide on how to authenticate your authentik users with Proton using SimpleLogin OIDC. To accomplish this, first create a SimpleLogin acct by logging in with Proton. Once thats done go to https://app.simplelogin.io/developer and create a website. Give it your authentik URL. Then go to Oauth Settings and copy your client ID and secret for next step. add your authentik URL in redirect URL like this https://auth. https://mafyuh.com/posts/how-to-automate-jellyfin-issue-handling/ Sat, 11 Nov 2023 16:20:00 +0000 https://mafyuh.com/posts/how-to-automate-jellyfin-issue-handling/ I wanted a way to automate when users tell me a video on my Jellyfin server has an issue. After alot of trial and error, ChatGPT, Bard and I came up with this automation. Requirements My only requirements when making this was that it was free and self-hostable. Not even any NPM extensions are required in AP. Actual Software requirements are: Sonarr Radarr Overseerr/Jellyseerr Optional SMTP server or ability to send SMTP messages (can also use discord) ActivePieces or any other automation platform that supports TS. https://mafyuh.com/posts/how-to-authenticate-guacamole-authentik-nginxproxymanager/ Sun, 29 Oct 2023 16:20:00 +0000 https://mafyuh.com/posts/how-to-authenticate-guacamole-authentik-nginxproxymanager/ authentik’s docs have a guide already for Guacamole. You can find that here. Follow all the instructions there, (especially the part where you create a user in Guacamole with the USERNAME of your email. not just filling in the email), but if you are using Cloudflare as our DNS you may run into problems. Such as infinite redirect loop. Error 403 Forbidden While it was looping, I checked my Guacamole docker container logs in Portainer, and found the 403 Forbidden error. https://mafyuh.com/posts/how-to-authenticate-zammad-via-saml-with-nginx-proxy-manager/ Sun, 29 Oct 2023 16:20:00 +0000 https://mafyuh.com/posts/how-to-authenticate-zammad-via-saml-with-nginx-proxy-manager/ If you are getting error messages like: 422: the change you wanted was rejected. message from saml: actioncontroller::invalidauthenticitytoken Just make sure you set these in your Nginx Proxy Manager hosts Advanced field: location / { proxy_pass http://zammad:8080; # Replace proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Ssl on; proxy_set_header X-Forwarded-Port $server_port; proxy_set_header X-Forwarded-Host $host; } I spent way too long trying to figure this out, reading through Github issues, breaking my SAML provider and Zammad configs, starting over, when the whole time it was just good old nginx header issues. https://mafyuh.com/posts/how-to-authenticate-kasm-via-authentik/ Sat, 30 Sep 2023 16:20:00 +0000 https://mafyuh.com/posts/how-to-authenticate-kasm-via-authentik/ You could do this with OpenID as well but this method is using SAML. This guide assumes you already have running instances of Kasm Workspaces and authentik. The official authentik docs dont have a Kasm Integration listed at the time. So I thought I would help out anyone who is trying to integrate these services via SAML. authentik’s SAML docs can be found here. Setting up Kasm In the Kasm Workspaces admin, click Access Management - Authentication - SAML and create a new configuration. https://mafyuh.com/posts/network-traffic-map/ Thu, 31 Aug 2023 16:20:00 +0000 https://mafyuh.com/posts/network-traffic-map/ This is just a visual representations of how my current setup flows. I have some of the docker-compose files that make up this infra on my Gitea https://mafyuh.com/posts/software/ Sat, 26 Aug 2023 00:13:40 +0000 https://mafyuh.com/posts/software/ Just a straight forward list of pretty much everything that makes up my homelab. Or systems I’ve ran in the past. Operating Systems Ubuntu 23.04 Ubuntu 22.04 (primary on most systems) CentOS/Fedora 38 (only when Ubuntu doesnt play nice) Debian 11 Proxmox 8 Windows 10/11 TrueNAS Scale (virtualized) CasaOS (zimaboard) pfSense Applications/Containers Nginx Proxy Manager Nginx Apache2 Traefik Authentik Portainer Yacht AdGuardHome Pihole Wazuh Zabbix Uptime Kuma Ghost (this blog) Wordpress Hydroxide (proton mail bridge) Calibre Smokeping Openspeedtest Grafana Prometheus InfluxDB PostgresSQL MySQL Watchtower Apache Guacamole Ansible Terraform Packer Vaultwarden Kasm Workspaces Jellyfin Plex Twingate Tailscale Headscale Wireguard LinkStack N8N Gotify Nextcloud Immich AI https://mafyuh.com/posts/hardware/ Fri, 25 Aug 2023 00:13:40 +0000 https://mafyuh.com/posts/hardware/ Most of my infrastructure is hosted on my in-lab Proxmox server, along with a few new machines for dedicated services. Here are some of the specs of some of the in-lab machines. Proxmox Server CPU: Intel Core i7-9700K GPU: Nvidia GeForce GTX 1660 6GB RAM: 64GB DDR4 3000Mhz NVME SSD’s for storage 4x 4TB HDD’s (passthrough to NAS) Gaming PC CPU: Intel Core i7-13700K GPU: Nvidia GeForce RTX 3080 RAM: 64GB DDR5 6000 Mhz SSD: Samsung 980 Pro 2TB Mobo: MPG Z790 EDGE WIFI Windows 11 Pro Main PC used for everything.