Under Development There is an open bug in SmartOS that needs to be fixed for this all to work. These are development notes until this header is removed. Motivation I (still) don't run VMware but I do have a SmartOS machine (it's a little nicer than the one from a| Nahum Shalman
Happy New Year! The wireguard-go port is still sitting around in my fork. I don't know when I will have the energy for the next attempt to get it upstream. In the meantime, I've made some fun progress on the Tailscale side. Taildrive The Tailscale folks have shipped Taildrive (currently| Nahum Shalman
In July of 2021, in anticipation of the upcoming High Holy Days I purchased a copy of This Is Real and You Are Completely Unprepared: The Days of Awe as a Journey of Transformation by Rabbi Alan Lew, published in 2003. I was in fact completely unprepared to even read| Nahum Shalman
I spoke at Oxide's dtrace.conf(24) about a project I've been hacking on for the past couple weeks: Slides: OpenTelemetry Tracing for DropshotOpenTelemetry Tracing for Dropshot Nahum Shalman The QR code links to this presentation for anyone who wants to read the speaker notes or reread them later. 1| Nahum Shalman
This content can also be found as part of https://github.com/tinkerbell/ipxedust/pull/88 in DifficultHardware.md. Most modern hardware is capable of PXE booting just fine. Sometimes strange combinations of different NIC hardware / firmware connected to specific switches can misbehave. In those situations you might want to| Nahum Shalman
These notes are a riff on a post by Chris Short. The biggest difference is that I will use the Tailscale TLS support rather than using external DNS access and a custom DNS record. This removes the need for a sensitive DNS API key. Chris's post is definitely worth a| Nahum Shalman
Have you ever run ssh -D 9999 somehost? You might find the rest of this interesting. I'm not going to go into detail for the use cases of why you might want to use a SOCKS proxy with e.g. your web browser, but if, like me, you've ever done| Nahum Shalman
Someone on IRC in #smartos was asking [https://freenode.logbot.info/smartos/20210205#c6800202] about how to turn on NAT in lx branded zones. I was pretty sure it should be possible, and found myself nerd-sniped [https://xkcd.com/356/] into figuring out the exact solution. I don't think I| Nahum Shalman
A few weeks back I needed to migrate an entire ZFS pool from one machine to another. I used raw send to keep the stream compressed, and I used mbuffer to smooth out the send/receive (see the reference link at the bottom) First, prepare the receiving end by creating| Nahum Shalman
Some notes I took down as I stood up my new zone hosted by https://mnx.io.| Nahum Shalman
Just a heads-up that I have to migrate my domain off of the JPC and there will probably be a downtime of my blog and other services for an unknown duration (though I'll do my best to keep it as short as possible) to complete the migration. It might also| Nahum Shalman
Motivation There are a lot of blog posts and wiki pages about how to set up Wireguard [https://www.wireguard.com/], but I still had to do a bunch of trial and error to come up with a configuration that worked for me. I have two goals: 1. Secure all| Nahum Shalman
Message from 2018: I was going through my blog post drafts and found this post. I've made few small tweaks to it that seem to be what I was hoping to add before publishing. If you've ever wanted to replace your SSH access to a native branded zone with docker| Nahum Shalman
This is a follow up to my previous post outlining my chromebook setup [https://blog.shalman.org/chromebook-adventures/]. I managed to get IPMItool to compile in my Termux [https://termux.com/] environment. Here's how you can too. (So far I've only been able to get this to work on an| Nahum Shalman
A chromebook you say? I've been in need of a new personal laptop for a while and inspired by this post [https://blog.lessonslearned.org/building-a-more-secure-development-chromebook/] from @kennwhite [https://twitter.com/kennwhite] I decided that I would get a Chromebook. I put a couple of different models on a wishlist| Nahum Shalman
The first VM I wanted to build was OmniOS 014. While the system was able to see a virtio disk, the installer was not, so I did the initial installation on a virtual IDE drive. JSON spec for the installation VM: { "alias": "omnios", "autoboot": "false", "brand": "kvm", "ram": 2048, "vcpus"| Nahum Shalman
Current status: Up to date with Tailscale 1.24.2. My SMF manifest and build script are checked in to my branch. I've added notes on how to set up an exit node.| Nahum Shalman
