diff --git a/.vscode/settings.json b/.vscode/settings.json
index 2391be4..194a586 100644
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -44,6 +44,7 @@
"makepkg",
"markdownlint",
"mktemp",
+ "mpiexec",
"nmap",
"nvme",
"ocsp",
@@ -60,6 +61,7 @@
"runcmd",
"scrollback",
"setfacl",
+ "slurm",
"sshpass",
"subvolume",
"tclsh",
diff --git a/examples/vagrant/beowulf cluster/Vagrantfile b/examples/vagrant/beowulf cluster/Vagrantfile
new file mode 100644
index 0000000..7444f87
--- /dev/null
+++ b/examples/vagrant/beowulf cluster/Vagrantfile
@@ -0,0 +1,60 @@
+Vagrant.configure("2") do |config|
+
+ # Requirements:
+ #
+ # - VirtualBox
+ # - A host-only virtual network ('VirtualBox Host-Only Ethernet Adapter',
+ # address space '192.168.56.0/24')
+ # - An SSH key pair (files 'id_ed25519' and 'id_ed25519.pub')
+ # - An SSH config file ('ssh_config.txt') configured like so:
+ #
+ # Host 192.168.56.*
+ # IdentityFile ~/.ssh/id_ed25519
+ # StrictHostKeyChecking no
+ #
+ # - A list of hosts for MPICH ('mpi_hosts.txt') containing the IP addresses
+ # of the workers
+
+ # When up, execute the command below and enjoy:
+ # vagrant ssh -c 'mpiexec -f mpi_hosts -n 3 hostname'
+
+ controller_hostname = "controller"
+ controller_ip = "192.168.56.101"
+
+ config.vm.provider "virtualbox" do |virtualbox|
+ virtualbox.customize ["modifyvm", :id, "--graphicscontroller", "vmsvga"]
+ virtualbox.memory = 1024
+ virtualbox.cpus = 1
+ end
+
+ config.vm.box = "ubuntu/focal64"
+
+ config.vm.provision "shell", inline: <<-SHELL
+ apt update
+ apt -y install mpich
+ SHELL
+
+ config.vm.define "controller", primary: true do |controller|
+ controller.vm.hostname = "#{controller_hostname}"
+
+ controller.vm.provision "file", source: "id_ed25519", destination: "~/.ssh/id_ed25519"
+ controller.vm.provision "file", source: "ssh_config.txt", destination: "~/.ssh/config"
+ controller.vm.provision "file", source: "mpi_hosts.txt", destination: "~/mpi_hosts"
+ controller.vm.provision "shell", inline: "chmod go-rwx /home/vagrant/.ssh/id*"
+
+ controller.vm.network "private_network", ip: "#{controller_ip}", name: "VirtualBox Host-Only Ethernet Adapter"
+ end
+
+ (1..3).each do |i|
+ config.vm.define "worker-#{i}" do |worker|
+ worker.vm.network "private_network", ip: "192.168.56.#{200+i}", name: "VirtualBox Host-Only Ethernet Adapter"
+ worker.vm.hostname = "worker-#{i}"
+ worker.vm.provision "file", source: "id_ed25519.pub", destination: "~/.ssh/id_ed25519.pub"
+ worker.vm.provision "shell", inline: <<-SHELL
+ echo #{controller_ip} #{controller_hostname} >> /etc/hosts
+ cat /home/vagrant/.ssh/id_ed25519.pub >> /home/vagrant/.ssh/authorized_keys
+ SHELL
+ end
+ end
+
+end
diff --git a/examples/vagrant/multi-machine/Vagrantfile b/examples/vagrant/multi-machine/Vagrantfile
new file mode 100644
index 0000000..bcefe3c
--- /dev/null
+++ b/examples/vagrant/multi-machine/Vagrantfile
@@ -0,0 +1,30 @@
+Vagrant.configure("2") do |config|
+
+ config.vm.box = "ubuntu/focal64"
+ config.vm.provider "virtualbox" do |virtualbox|
+ virtualbox.customize ["modifyvm", :id, "--graphicscontroller", "vmsvga"]
+ virtualbox.memory = 1024
+ virtualbox.cpus = 1
+ end
+ config.vm.provision "shell", inline: <<-SHELL
+ apt update
+ apt -y install parallel
+ SHELL
+
+ (1..3).each do |i|
+ config.vm.define "node-#{i}" do |node|
+ node.vm.hostname = "node-#{i}"
+ end
+ end
+
+ config.vm.define "special_node", primary: true do |special_node|
+ special_node.vm.network "private_network", ip: "192.168.56.101", name: "VirtualBox Host-Only Ethernet Adapter"
+ special_node.vm.hostname = "special_node"
+ special_node.vm.provider "virtualbox" do |virtualbox|
+ virtualbox.memory = 2048
+ virtualbox.cpus = 2
+ end
+ special_node.vm.provision "shell", inline: <<-SHELL
+ apt -y install tmux
+ SHELL
+ end
diff --git a/knowledge base/acronyms.md b/knowledge base/acronyms.md
index a80a0b0..9beaf92 100644
--- a/knowledge base/acronyms.md
+++ b/knowledge base/acronyms.md
@@ -1,63 +1,65 @@
# Acronyms index
-| Acronym | Expansion | Description |
-| ------- | ------------------------------------------------------ | ----------------------------------------------------------------------------------------- |
-| ACK | ACKnowledgement | |
-| ACL | Access Control List | |
-| APK | Alpine Package Keeper | Package manager used by Alpine Linux |
-| APT | Advanced Package Tool | Package manager used by Debian Linux |
-| ASCII | American Standard Code for Information Interchange | |
-| AV | AntiVirus | |
-| AVR | Audio/Video Receiver | |
-| AWS | Amazon Web Services | |
-| BASH | Bourne Again SHell | |
-| BIOS | Basic Input/Output System | |
-| BOINC | Berkeley Open Infrastructure for Network Computing | |
-| BSoD | Blue Screen of Death | |
-| BYOD | Bring Your Own Device | |
-| CLI | Command Line Interface | |
-| CMS | Content Management System | |
-| CN | Canonical Name | |
-| CN | Common Name | |
-| COTS | Commercial Off-The-Shelf | Available _as-is_, not optimized for specific scopes or objectives |
-| CSMA | Carrier-Sense Multiple Access | |
-| CSMA/CD | Carrier-Sense Multiple Access with Collision Detection | |
-| CSP | Cloud Service Provider | |
-| CSS | Cascading Style Sheets | |
-| CSS | Cross-Site Scripting | |
-| CVE | Common Vulnerabilities and Exposures | |
-| CVS | Concurrent Versioning System | |
-| DBMS | Data Base Management System | |
-| DKIM | DomainKeys Identified Mail | |
-| EEPROM | Electronically Erasable Programmable Read-Only Memory | |
-| FIFO | First In First Out | |
-| FILO | First In Last Out | |
-| FS | FileSystem | |
-| FW | FireWall | |
-| GNU | Gnu is Not Unix | |
-| GPG | Gnu Privacy Guard | |
-| GUI | Graphical User Interface | |
-| IaC | Infrastructure as Code | |
-| IP | Internet Protocol | |
-| IPvX | Internet Protocol version X | |
-| ISP | Internet Service Provider | |
-| JDK | Java Development Kit | |
-| JRE | Java Runtime Engine | |
-| LAN | Local Area Network | |
-| LED | Light Emitting Diode | |
-| LIFO | Last In First Out | |
-| M2COTS | Mass Market COTS | Widely available COTS products |
-| PGP | Pretty Good Privacy | |
-| ROM | Read-Only Memory | |
-| RPM | Revolutions Per Minute | |
-| RPM | RPM Package Manager | Package management system used by Linux distributions like Red Hat, (open)SuSE and Fedora |
-| SQL | Structured Query Language | |
-| TCP | Transport Control Protocol | |
-| UDP | User Datagram Protocol | |
-| UFW | Uncomplicated FireWall | |
-| USB | Universal Serial Bus | |
-| VIM | VI iMproved | |
-| WAN | Wide Area Network | |
-| WiMAX | Worldwide interoperability for Microwave Access | |
-| WLAN | Wireless Local Area Network | |
-| XML | eXtensible Markup Language | |
+| Acronym | Expansion | Description |
+| ------- | ------------------------------------------------------ | --------------------------------------------------------------------------------------------------- |
+| ACK | ACKnowledgement | |
+| ACL | Access Control List | |
+| APK | Alpine Package Keeper | Package manager used by Alpine Linux |
+| APT | Advanced Package Tool | Package manager used by Debian Linux |
+| ASCII | American Standard Code for Information Interchange | |
+| AV | AntiVirus | |
+| AVR | Audio/Video Receiver | |
+| AWS | Amazon Web Services | |
+| BASH | Bourne Again SHell | |
+| BIOS | Basic Input/Output System | |
+| BOINC | Berkeley Open Infrastructure for Network Computing | |
+| BSoD | Blue Screen of Death | |
+| BYOD | Bring Your Own Device | |
+| CLI | Command Line Interface | |
+| CMS | Content Management System | |
+| CN | Canonical Name | |
+| CN | Common Name | |
+| COTS | Commercial Off-The-Shelf | Available _as-is_, not optimized for specific scopes or objectives |
+| CSMA | Carrier-Sense Multiple Access | |
+| CSMA/CD | Carrier-Sense Multiple Access with Collision Detection | |
+| CSP | Cloud Service Provider | |
+| CSS | Cascading Style Sheets | |
+| CSS | Cross-Site Scripting | |
+| CVE | Common Vulnerabilities and Exposures | |
+| CVS | Concurrent Versioning System | |
+| DBMS | Data Base Management System | |
+| DKIM | DomainKeys Identified Mail | |
+| EEPROM | Electronically Erasable Programmable Read-Only Memory | |
+| FIFO | First In First Out | |
+| FILO | First In Last Out | |
+| FS | FileSystem | |
+| FW | FireWall | |
+| GNU | Gnu is Not Unix | |
+| GPG | Gnu Privacy Guard | |
+| GUI | Graphical User Interface | |
+| HA | High Availability | Characteristic of a system which aims to ensure better or longer availability for its services |
+| HPC | High Performance Computing | Collections of systems and tools used to achieve a greater processing capacity than the single unit |
+| IaC | Infrastructure as Code | |
+| IP | Internet Protocol | |
+| IPvX | Internet Protocol version X | |
+| ISP | Internet Service Provider | |
+| JDK | Java Development Kit | |
+| JRE | Java Runtime Engine | |
+| LAN | Local Area Network | |
+| LED | Light Emitting Diode | |
+| LIFO | Last In First Out | |
+| M2COTS | Mass Market COTS | Widely available COTS products |
+| PGP | Pretty Good Privacy | |
+| ROM | Read-Only Memory | |
+| RPM | Revolutions Per Minute | |
+| RPM | RPM Package Manager | Package management system used by Linux distributions like Red Hat, (open)SuSE and Fedora |
+| SQL | Structured Query Language | |
+| TCP | Transport Control Protocol | |
+| UDP | User Datagram Protocol | |
+| UFW | Uncomplicated FireWall | |
+| USB | Universal Serial Bus | |
+| VIM | VI iMproved | |
+| WAN | Wide Area Network | |
+| WiMAX | Worldwide interoperability for Microwave Access | |
+| WLAN | Wireless Local Area Network | |
+| XML | eXtensible Markup Language | |
diff --git a/knowledge base/beowulf cluster.md b/knowledge base/beowulf cluster.md
index f99206d..f7fd6e7 100644
--- a/knowledge base/beowulf cluster.md
+++ b/knowledge base/beowulf cluster.md
@@ -11,19 +11,90 @@ Beowulf clusters behave more like a single machine rather than many workstations
Beowulf is no more than a technology of clustering computers to form a parallel, virtual supercomputer. One can build a Beowulf class machine using a standard Linux distribution without any additional software; two networked computers sharing a folder via NFS and which trust each other to execute remote shells can be considered a two node Beowulf machine.
+## Table of contents
+
+1. [Scheduler](#scheduler)
+1. [Create a quick and dirty cluster](#create-a-quick-and-dirty-cluster)
1. [Further readings](#further-readings)
1. [Sources](#sources)
+## Scheduler
+
+Takes care of scheduling the jobs and juggling the resources in the cluster.
+The most used one at the time of writing is [Slurm].
+
+## Create a quick and dirty cluster
+
+Uses [MPICH] on Linux.
+Just follow this procedure:
+
+1. prepare at least 2 Linux hosts
+1. assign a fixed, known IP address to all the hosts
+1. create a file on the **server** node listing the IP addresses of all the **client** nodes (e.g. `machines_file`)
+1. install, enable and start SSH on all the hosts
+1. configure SSH on all the hosts to let the **server** node connect to all the **client** nodes **without** using a password
+1. install [MPICH] on all the hosts, possibly the same version
+1. test the installation:
+ ```sh
+ # execute `hostname` on all hosts
+ mpiexec -f 'machines_file' -n 'number_of_processes' 'hostname'
+ ```
+
+See the [Vagrant example].
+
## Further readings
- [Protogonus: The FINAL Labs™ HPC Cluster]
+- [A simple Beowulf cluster]
+- Building a Beowulf cluster from old MacBooks:
+ - [part 1][building a beowulf cluster from old macbooks - part 1]
+ - [part 2][building a beowulf cluster from old macbooks - part 2]
+ - [Parallel computing with custom Beowulf cluster]
+- [Engineering a Beowulf-style compute cluster]
+- [Parallel and distributed computing with Raspberry Pi clusters]
+- [Sequence analysis on a 216-processor Beowulf cluster]
+- [Setting up an MPICH2 cluster in Ubuntu]
+- [The Beowulf howto]
+- [BOINC]
+- [Folding@Home]
## Sources
+- [beowulf.org][beowulf]
- [Wikipedia]
+[apptainer]: https://github.com/apptainer/apptainer
+[beowulf]: https://beowulf.org/overview/
+[hkube]: https://hkube.io/
+[mpi4py]: https://mpi4py.readthedocs.io/en/stable/
+[mpich]: https://www.mpich.org/
+[openmpi]: https://www.open-mpi.org/doc/current/
+[pvm]: https://en.wikipedia.org/wiki/Parallel_Virtual_Machine
+[singularity]: https://github.com/gmkurtzer/singularity
+[slurm]: https://slurm.schedmd.com/
+
+[boinc]: boinc.md
+[vagrant example]: ../examples/vagrant/beowulf%20cluster/Vagrantfile
+
+[a container for hpc]: https://www.admin-magazine.com/HPC/Articles/Singularity-A-Container-for-HPC
+[a simple beowulf cluster]: http://www.kerrywong.com/2008/11/04/a-simple-beowulf-cluster/
+[building a beowulf cluster from old macbooks - part 1]: https://jondeaton.wordpress.com/2017/10/01/building-a-beowulf-cluster-from-old-macbooks-part-1/
+[building a beowulf cluster from old macbooks - part 2]: https://jondeaton.wordpress.com/2017/10/08/building-a-beowulf-cluster-from-old-macbooks-part-2/
+[building a simple beowulf cluster with ubuntu]: https://www-users.york.ac.uk/~mjf5/pi_cluster/src/Building_a_simple_Beowulf_cluster.html
+[container orchestration on hpc systems through kubernetes]: https://journalofcloudcomputing.springeropen.com/articles/10.1186/s13677-021-00231-z
+[engineering a beowulf-style compute cluster]: https://webhome.phy.duke.edu/~rgb/Beowulf/beowulf_book/beowulf_book/index.html
+[folding@home]: https://foldingathome.org/
+[hpc on the cloud: slurm cluster vs kubernetes]: https://www.matecdev.com/posts/cloud-hpc-kubernetes-vs-slurm.html
+[kubernetes meets high-performance computing]: https://kubernetes.io/blog/2017/08/kubernetes-meets-high-performance/
+[kubernetes, containers and hpc]: https://www.hpcwire.com/2019/09/19/kubernetes-containers-and-hpc/
+[parallel and distributed computing with raspberry pi clusters]: https://opensource.com/article/23/3/parallel-distributed-computing-raspberry-pi-clusters
+[parallel computing with custom beowulf cluster]: https://jondeaton.wordpress.com/2017/12/04/parallel-computing-with-custom-beowulf-cluster/
[protogonus: the final labs™ hpc cluster]: https://www.final-labs.org/dev/protogonus
+[sequence analysis on a 216-processor beowulf cluster]: https://www.usenix.org/legacy/publications/library/proceedings/als00/2000papers/papers/full_papers/michalickova/michalickova.pdf
+[setting up an mpich2 cluster in ubuntu]: https://help.ubuntu.com/community/MpichCluster
+[shifter: bringing linux containers to hpc]: https://www.nersc.gov/research-and-development/user-defined-images/
+[the beowulf howto]: https://tldp.org/HOWTO/Beowulf-HOWTO/index.html
[wikipedia]: https://en.wikipedia.org/wiki/Beowulf_cluster
diff --git a/knowledge base/boinc.md b/knowledge base/boinc.md
index 783b0d0..58055c2 100644
--- a/knowledge base/boinc.md
+++ b/knowledge base/boinc.md
@@ -118,6 +118,7 @@ usermod --append --groups 'vboxusers' 'boinc'
## Further readings
+- [Website]
- [BOINC Manager]
- [boinccmd] for the bare CLI utility
- [boinctui] for a TUI manager
diff --git a/knowledge base/mac os x.md b/knowledge base/mac os x.md
index 6dccbb0..d7b494f 100644
--- a/knowledge base/mac os x.md
+++ b/knowledge base/mac os x.md
@@ -1,27 +1,29 @@
# Mac OS X
1. [TL;DR](#tldr)
-2. [Xcode CLI tools](#xcode-cli-tools)
+1. [Xcode CLI tools](#xcode-cli-tools)
1. [Headless installation](#headless-installation)
- 2. [Removal](#removal)
- 3. [Upgrade](#upgrade)
-3. [Hidden settings](#hidden-settings)
-4. [Resize an image from CLI](#resize-an-image-from-cli)
-5. [Boot keys cheatsheet](#boot-keys-cheatsheet)
-6. [Update the OS from CLI](#update-the-os-from-cli)
-7. [Keychain access from CLI](#keychain-access-from-cli)
-8. [Use TouchID to authenticate in the terminal](#use-touchid-to-authenticate-in-the-terminal)
+ 1. [Removal](#removal)
+ 1. [Upgrade](#upgrade)
+1. [Hidden settings](#hidden-settings)
+1. [Resize an image from CLI](#resize-an-image-from-cli)
+1. [Boot keys cheatsheet](#boot-keys-cheatsheet)
+1. [Update the OS from CLI](#update-the-os-from-cli)
+1. [Keychain access from CLI](#keychain-access-from-cli)
+1. [Use TouchID to authenticate in the terminal](#use-touchid-to-authenticate-in-the-terminal)
1. [Fix iTerm2](#fix-iterm2)
-9. [Further readings](#further-readings)
-10. [Sources](#sources)
+1. [Further readings](#further-readings)
+1. [Sources](#sources)
## TL;DR
```sh
-# Install a .pkg file from CLI.
-# 'target' needs to be a device, not a path.
-installer -pkg /path/to/non-root-package.pkg -target CurrentUserHomeDirectory
-sudo installer -pkg /path/to/root-needed-package.pkg -target /
+# Keep the system awake.
+caffeinate
+caffeinate -t 600
+
+# Do a network speed test.
+networkquality -sv
# Install Xcode CLI tools.
xcode-select --install
@@ -42,6 +44,11 @@ softwareupdate --install --recommended --restart --agree-to-license
# Download (but not install) recommended updates.
softwareupdate --download --recommended
+# Install a .pkg file from CLI.
+# 'target' needs to be a device, not a path.
+installer -pkg /path/to/non-root-package.pkg -target CurrentUserHomeDirectory
+sudo installer -pkg /path/to/root-needed-package.pkg -target /
+
# Add a password to the default keychain.
# The password needs to be left last.
security add-generic-password -a johnny -s github -w 'b.good'
@@ -179,21 +186,21 @@ sips -Z '1000' -o 'resized.jpg' 'IMG_20190527_013903.jpg'
To use any of these key combinations, press and hold the keys immediately after pressing the power button to turn on your Mac, or after your Mac begins to restart. Keep holding until the described behavior occurs.
-Combination | Behaviour
----|---
-`⌥ Option` or `Alt` | Start to _Startup Manager_, which allows you to choose other available startup disks or volumes. If your Mac is using a firmware password, you're prompted to enter the password
-`⌥ Option` + `⌘ Command` + `P` + `R` | Reset the NVRAM or PRAM. If your Mac is using a firmware password, it ignores this key combination or starts up from _Recovery_
-`⇧ Shift` | Start in _safe_ mode. Disabled when using a firmware password
-`⌘ Command` + `R` | Start from the built-in _Recovery_ system
-`⌥ Option` + `⌘ Command` + `R` or `⇧ Shift` + `⌥ Option` + `⌘ Command` + `R` | Start from _Recovery_ over the Internet. It installs different versions of macOS, depending on the key combination you use while starting up. If your Mac is using a firmware password, you're prompted to enter the password
-`⏏ Eject` or `F12` or `mouse button` or `trackpad button` | Eject a removable media, such as an optical disc. Disabled when using a firmware password
-`T` | Start in _target disk_ mode. Disabled when using a firmware password
-`⌘ Command` + `V` | Start in verbose mode. Disabled when using a firmware password
-`D` | Start to _Apple Diagnostics_
-`⌥ Option` + `D` | Start to _Apple Diagnostics_ over the Internet. Disabled when using a firmware password
-`N` | Start from a NetBoot server, if your Mac supports network startup volumes. Disabled when using a firmware password
-`⌥ Option` + `N` | Start from a NetBoot server and use the default boot image on it. Disabled when using a firmware password
-`⌘ Command` + `S` | Start in _single-user_ mode. Disabled in macOS Mojave or later, or when using a firmware password
+| Combination | Behaviour |
+| ---------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `⌥ Option` or `Alt` | Start to _Startup Manager_, which allows you to choose other available startup disks or volumes. If your Mac is using a firmware password, you're prompted to enter the password |
+| `⌥ Option` + `⌘ Command` + `P` + `R` | Reset the NVRAM or PRAM. If your Mac is using a firmware password, it ignores this key combination or starts up from _Recovery_ |
+| `⇧ Shift` | Start in _safe_ mode. Disabled when using a firmware password |
+| `⌘ Command` + `R` | Start from the built-in _Recovery_ system |
+| `⌥ Option` + `⌘ Command` + `R` or `⇧ Shift` + `⌥ Option` + `⌘ Command` + `R` | Start from _Recovery_ over the Internet. It installs different versions of macOS, depending on the key combination you use while starting up. If your Mac is using a firmware password, you're prompted to enter the password |
+| `⏏ Eject` or `F12` or `mouse button` or `trackpad button` | Eject a removable media, such as an optical disc. Disabled when using a firmware password |
+| `T` | Start in _target disk_ mode. Disabled when using a firmware password |
+| `⌘ Command` + `V` | Start in verbose mode. Disabled when using a firmware password |
+| `D` | Start to _Apple Diagnostics_ |
+| `⌥ Option` + `D` | Start to _Apple Diagnostics_ over the Internet. Disabled when using a firmware password |
+| `N` | Start from a NetBoot server, if your Mac supports network startup volumes. Disabled when using a firmware password |
+| `⌥ Option` + `N` | Start from a NetBoot server and use the default boot image on it. Disabled when using a firmware password |
+| `⌘ Command` + `S` | Start in _single-user_ mode. Disabled in macOS Mojave or later, or when using a firmware password |
## Update the OS from CLI
@@ -294,16 +301,22 @@ You can either:
- [Using Terminal to Find Your Mac's Network Name]
- [List of Xcode Command Line Tools]
- [Can Touch ID for the Mac Touch Bar authenticate sudo users and admin privileges?]
+- [Caffeinate your Mac]
+- [MacOS network quality tool]
-[pam_reattach]: https://github.com/fabianishere/pam_reattach
+
+[mac startup key combinations]: https://support.apple.com/en-us/HT201255
+
[boot a mac from usb drive]: https://www.wikihow.com/Boot-a-Mac-from-USB-Drive
+[caffeinate your mac]: https://www.theapplegeek.co.uk/blog/caffeinate
[can touch id for the mac touch bar authenticate sudo users and admin privileges?]: https://apple.stackexchange.com/questions/259093/can-touch-id-for-the-mac-touch-bar-authenticate-sudo-users-and-admin-privileges#306324
[command line access to the mac keychain]: https://blog.koehntopp.info/2017/01/26/command-line-access-to-the-mac-keychain.html
[how to update xcode from command line]: https://stackoverflow.com/questions/34617452/how-to-update-xcode-from-command-line#34617930
[installing .pkg with terminal?]: https://apple.stackexchange.com/questions/72226/installing-pkg-with-terminal#394976
+[launchctl man page]: https://www.unix.com/man-page/osx/1/launchctl
[list of xcode command line tools]: https://mac.install.guide/commandlinetools/8.html
-[mac startup key combinations]: https://support.apple.com/en-us/HT201255
+[macos network quality tool]: https://www.theapplegeek.co.uk/blog/networkquality
+[pam_reattach]: https://github.com/fabianishere/pam_reattach
[using terminal to find your mac's network name]: https://www.tech-otaku.com/networking/using-terminal-find-your-macs-network-name/
[xcode command line tools installation faq]: https://www.godo.dev/tutorials/xcode-command-line-tools-installation-faq
-[launchctl man page]: https://www.unix.com/man-page/osx/1/launchctl
diff --git a/knowledge base/powershell.md b/knowledge base/powershell.md
index c3b3d27..95da5ee 100644
--- a/knowledge base/powershell.md
+++ b/knowledge base/powershell.md
@@ -1,17 +1,25 @@
# Windows PowerShell
1. [TL;DR](#tldr)
-2. [Further readings](#further-readings)
-3. [Sources](#sources)
+1. [Further readings](#further-readings)
+1. [Sources](#sources)
## TL;DR
-```powershell
+```ps1
# Calculate the hash of a file.
CertUtil -hashfile path/to/file sha256
# Get super user privileges.
-powershell Start-Process powershell -Verb runAs
+Start-Process powershell -Verb runAs
+
+# List available features.
+Get-WindowsCapability -Online
+Get-WindowsCapability -Online | Where-Object Name -like 'OpenSSH*'
+
+# Install a feature.
+Add-WindowsCapability -Online -Name OpenSSH.Server
+Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0
# Test a network connection.
Test-NetConnection -Port 443 -ComputerName 192.168.0.1 -InformationLevel Detailed
@@ -19,6 +27,7 @@ Test-NetConnection -Port 443 -ComputerName 192.168.0.1 -InformationLevel Detaile
# Assign values to variables.
$variableName = 'value'
$response = Invoke-WebRequest -Uri 'https://jsonplaceholder.typicode.com/users'
+$env:PATH += ';C:\foo'
# Print the value of the PATH environment variable.
$env:PATH
@@ -84,7 +93,12 @@ kubectl get nodes -o json `
- [Retrieve JSON object by field value]
- [Select-Object of multiple properties]
- [Multiple -and -or in PowerShell Where-Object statement]
+- [Get started with OpenSSH for Windows]
+
+[get started with openssh for windows]: https://learn.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse?tabs=powershell
+
+
[how to print environment variables to the console in powershell?]: https://stackoverflow.com/questions/50861082/how-to-print-environment-variables-to-the-console-in-powershell#50861113
[json file to table]: https://stackoverflow.com/questions/31415158/powershell-json-file-to-table#31415897
[multiline commands]: https://shellgeek.com/powershell-multiline-command/
diff --git a/knowledge base/ssh.md b/knowledge base/ssh.md
index 3273703..3d0ea6f 100644
--- a/knowledge base/ssh.md
+++ b/knowledge base/ssh.md
@@ -1,6 +1,7 @@
# SSH
1. [TL;DR](#tldr)
+1. [Server installation on Windows](#server-installation-on-windows)
1. [Key Management](#key-management)
1. [Configuration](#configuration)
1. [Append domains to a hostname before attempting to check if they exist](#append-domains-to-a-hostname-before-attempting-to-check-if-they-exist)
@@ -23,6 +24,7 @@ ssh-keygen -t 'rsa' -b '4096'
ssh-keygen -t 'dsa'
ssh-keygen -t 'ecdsa' -b '521'
ssh-keygen -t 'ed25519' -f ~/.ssh/keys/id_ed25519 -C 'test@winzoz'
+ssh-keygen -f ~/.ssh/id_rsa -N '' -C 'batch-generated key with no password'
# Remove elements from the known hosts list.
ssh-keygen -R 'pi4.lan'
@@ -47,6 +49,54 @@ ssh-copy-id -i ~/.ssh/id_rsa.pub user@nas.lan
ssh -t 'bastion-host' ssh 'unreachable-host'
```
+## Server installation on Windows
+
+Needs Administrator privileges.
+Tested on Window 11 22H2.
+
+Via PowerShell:
+
+1. Install the server component:
+
+ ```ps1
+ Add-WindowsCapability -Online -Name OpenSSH.Server
+ ```
+
+1. Start and enable the service:
+
+ ```ps1
+ Start-Service sshd
+ Set-Service -Name sshd -StartupType 'Automatic'
+ ```
+
+1. Verify the firewall rule has been created automatically during the installation:
+
+ ```ps1
+ if (!(Get-NetFirewallRule -Name "OpenSSH-Server-In-TCP" -ErrorAction SilentlyContinue | Select-Object Name, Enabled)) {
+ Write-Output "Firewall Rule 'OpenSSH-Server-In-TCP' does not exist, creating it..."
+ New-NetFirewallRule -Name 'OpenSSH-Server-In-TCP' -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22
+ } else {
+ Write-Output "Firewall rule 'OpenSSH-Server-In-TCP' has been created and exists."
+ }
+ ```
+
+Via GUI:
+
+1. Open _Settings_ > _Apps_, then select _Optional features_
+1. Scan the list to see if the OpenSSH server is not already installed
+1. At the top of the page, select _View features_ in the _Add an optional feature_ field
+1. Find _OpenSSH Server_ and select _Install_
+1. Once the setup completes, return to _Apps_ > _Optional features_ and confirm OpenSSH is now listed
+1. Open the _Services_ desktop app:
+
+ 1. Select Start
+ 1. Type `services.msc` in the search box
+ 1. Select the _Services_ app or just press ENTER
+
+1. In the details panel, double-click _OpenSSH SSH Server_ to enter its properties
+1. On the _General_ tab, from the _Startup type_ drop-down menu, select _Automatic_ to enable the service
+1. In the same tab, select _Start_ to start the service
+
## Key Management
Create a new key:
@@ -231,6 +281,7 @@ Solution: update the SSH server.
- [How to enable SSH access using a GPG key for authentication]
- [How to perform hostname canonicalization]
- [How to reuse SSH connection to speed up remote login process using multiplexing]
+- [Get started with OpenSSH for Windows]
[ssh-agent]: https://www.ssh.com/academy/ssh/agent
@@ -240,6 +291,7 @@ Solution: update the SSH server.
[sshd_config]: ../examples/ssh/sshd_config
+[get started with openssh for windows]: https://learn.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse?tabs=gui
[how to enable ssh access using a gpg key for authentication]: https://opensource.com/article/19/4/gpg-subkeys-ssh
[how to list keys added to ssh-agent with ssh-add?]: https://unix.stackexchange.com/questions/58969/how-to-list-keys-added-to-ssh-agent-with-ssh-add
[how to perform hostname canonicalization]: https://sleeplessbeastie.eu/2020/08/24/how-to-perform-hostname-canonicalization/
diff --git a/knowledge base/vagrant.md b/knowledge base/vagrant.md
index 416b0f6..19ad4aa 100644
--- a/knowledge base/vagrant.md
+++ b/knowledge base/vagrant.md
@@ -1,5 +1,16 @@
# Vagrant
+1. [TL;DR](#tldr)
+1. [Usage](#usage)
+ 1. [Boxes management](#boxes-management)
+1. [Install shells' autocompletion](#install-shells-autocompletion)
+1. [Customize a Box](#customize-a-box)
+1. [Use environment variables in the provisioning script](#use-environment-variables-in-the-provisioning-script)
+1. [Specify the disk size](#specify-the-disk-size)
+1. [Reboot after provisioning](#reboot-after-provisioning)
+1. [Loop over VMs' definitions](#loop-over-vms-definitions)
+1. [Further readings](#further-readings)
+
## TL;DR
```sh
@@ -142,7 +153,7 @@ Vagrant.configure("2") do |config|
shell.env = {
"STATIC" => "set-in-config",
"FORWARDED" => ENV['HOST_VAR'],
- }
+ }
shell.inline = <<-SHELL
printenv STATIC FORWARDED
sudo -u vagrant --preserve-env=STATIC,FORWARDED printenv STATIC FORWARDED
@@ -180,6 +191,31 @@ config.vm.provision :shell do |shell|
end
```
+## Loop over VMs' definitions
+
+The inner portion of multi-machine definitions and provider overrides are lazy-loaded.
+This means the value of variables used in it cannot change (like in a `for` cycle).
+
+This works:
+
+```ruby
+(1..3).each do |i|
+ config.vm.define "node-#{i}" do |node|
+ node.vm.provision "shell", inline: "hostname"
+ end
+end
+```
+
+This does **not** work:
+
+```ruby
+for i in 1..3 do
+ config.vm.define "node-#{i}" do |node|
+ node.vm.provision "shell", inline: "hostname"
+ end
+end
+```
+
## Further readings
- [Getting started]
@@ -191,12 +227,14 @@ end
- [How do I reboot a Vagrant guest from a provisioner?]
- [Configuring Vagrant virtual machines with .env]
+
+[getting started]: https://learn.hashicorp.com/tutorials/vagrant/getting-started-index
+[multi-machine]: https://www.vagrantup.com/docs/multi-machine
+[tips & tricks]: https://www.vagrantup.com/docs/vagrantfile/tips
+
[configuring vagrant virtual machines with .env]: https://www.nickhammond.com/configuring-vagrant-virtual-machines-with-env/
-[getting started]: https://learn.hashicorp.com/tutorials/vagrant/getting-started-index
[how do i reboot a vagrant guest from a provisioner?]: https://superuser.com/questions/1338429/how-do-i-reboot-a-vagrant-guest-from-a-provisioner#1579326
[how to set vagrant virtualbox video memory]: https://stackoverflow.com/questions/24231620/how-to-set-vagrant-virtualbox-video-memory#24253435
[how to specify the disk size]: https://stackoverflow.com/questions/49822594/vagrant-how-to-specify-the-disk-size#60185312
-[multi-machine]: https://www.vagrantup.com/docs/multi-machine
[pass environment variables to vagrant shell provisioner]: https://stackoverflow.com/questions/19648088/pass-environment-variables-to-vagrant-shell-provisioner#37563822
-[tips & tricks]: https://www.vagrantup.com/docs/vagrantfile/tips
diff --git a/knowledge base/vboxmanage.md b/knowledge base/vboxmanage.md
new file mode 100644
index 0000000..183673d
--- /dev/null
+++ b/knowledge base/vboxmanage.md
@@ -0,0 +1,9 @@
+# VBoxManage
+
+## TL;DR
+
+```sh
+# Create host-only virtual networks.
+VBoxManage hostonlynet add --name='network_name' --enable \
+ --netmask='255.255.255.0' --lower-ip=192.168.12.100 --upper-ip=192.168.12.200
+```