- 86
- 339 619
SysEng Quick
United States
Приєднався 1 бер 2018
This channel is dedicated to quick tips for making things work on linux and windows systems.
Podman Containers in WSL
Short tutorial on using podman to run containers in WSL instead of docker.
Переглядів: 278
Відео
Custom Linux Distributions in WSL
Переглядів 1503 місяці тому
How to add custom linux distros to WSL. Docker Brew Fedora GitHub Repo - github.com/fedora-cloud/docker-brew-fedora/tree/40/x86_64 Fedora Container Base Package - kojipkgs.fedoraproject.org/packages/Fedora-Container-Base/40/20240222.n.0/images/ Jeff Bowman's Article on Installing Fedora 37 in WSL - dev.to/bowmanjd/install-fedora-on-windows-subsystem-for-linux-wsl-4b26 00:00 - Intro 01:45 - Fedo...
Ansible Tutorial 21 - Project 1: Finalizing the HashiCorp Vault Setup
Переглядів 1574 місяці тому
To kick off June, I'm starting our first ansible full ansible project. Over the next few videos, we'll build a fedora 40 VM on proxmox using ansible. We'll then configure it to act as a masquerading NAT router for our lxc containers using nftables. We'll firewall the host at the same time. Finally, we'll use podman to deploy a hashicorp vault container to store secrets and see how to use that w...
Ansible Tutorial 20 - Project 1: HashiCorp Vault in Podman
Переглядів 1454 місяці тому
To kick off June, I'm starting our first ansible full ansible project. Over the next few videos, we'll build a fedora 40 VM on proxmox using ansible. We'll then configure it to act as a masquerading NAT router for our lxc containers using nftables. We'll firewall the host at the same time. Finally, we'll use podman to deploy a hashicorp vault container to store secrets and see how to use that w...
Ansible Tutorial 19 - Project 1: Ansible Handlers: Triggered by Change
Переглядів 674 місяці тому
To kick off June, I'm starting our first ansible full ansible project. Over the next few videos, we'll build a fedora 40 VM on proxmox using ansible. We'll then configure it to act as a masquerading NAT router for our lxc containers using nftables. We'll firewall the host at the same time. Finally, we'll use podman to deploy a hashicorp vault container to store secrets and see how to use that w...
Ansible Tutorial 18 - Project 1: Building a Custom Filter Plugin
Переглядів 994 місяці тому
To kick off June, I'm starting our first ansible full ansible project. Over the next few videos, we'll build a fedora 40 VM on proxmox using ansible. We'll then configure it to act as a masquerading NAT router for our lxc containers using nftables. We'll firewall the host at the same time. Finally, we'll use podman to deploy a hashicorp vault container to store secrets and see how to use that w...
Ansible Tutorial 17 - Project 1: Building a Custom Lookup Plugin
Переглядів 594 місяці тому
To kick off June, I'm starting our first ansible full ansible project. Over the next few videos, we'll build a fedora 40 VM on proxmox using ansible. We'll then configure it to act as a masquerading NAT router for our lxc containers using nftables. We'll firewall the host at the same time. Finally, we'll use podman to deploy a hashicorp vault container to store secrets and see how to use that w...
Ansible Tutorial 16 - Project 1: Parameterizing The VM Creation Role
Переглядів 544 місяці тому
To kick off June, I'm starting our first ansible full ansible project. Over the next few videos, we'll build a fedora 40 VM on proxmox using ansible. We'll then configure it to act as a masquerading NAT router for our lxc containers using nftables. We'll firewall the host at the same time. Finally, we'll use podman to deploy a hashicorp vault container to store secrets and see how to use that w...
Ansible Tutorial 15 - Project 1: Refactoring the Proxmox Collection
Переглядів 624 місяці тому
To kick off June, I'm starting our first ansible full ansible project. Over the next few videos, we'll build a fedora 40 VM on proxmox using ansible. We'll then configure it to act as a masquerading NAT router for our lxc containers using nftables. We'll firewall the host at the same time. Finally, we'll use podman to deploy a hashicorp vault container to store secrets and see how to use that w...
Ansible Tutorial 14 - Project 1: Building a NAT Router / Container Host on Proxmox with Fedora 40
Переглядів 1724 місяці тому
To kick off June, I'm starting our first ansible full ansible project. Over the next few videos, we'll build a fedora 40 VM on proxmox using ansible. We'll then configure it to act as a masquerading NAT router for our lxc containers using nftables. We'll firewall the host at the same time. Finally, we'll use podman to deploy a hashicorp vault container to store secrets and see how to use that w...
Ansible Tutorial 13 - Using Ansible Vault to Secure Secret Data
Переглядів 1274 місяці тому
In this video, we show how to use ansible vault to encrypt sensitive data while still allowing ansible to make use of it. GitHub Repo: github.com/sysengquick-yt/ansible
Full YAML Tutorial 2024
Переглядів 2074 місяці тому
Learn how to create YAML files. Learn about YAML files and documents. Learn about YAML node types (scalar, mapping, and sequence). Learn how to comment YAML files. Learn about explicit typing to fix YAML type interpreation. Learn every way to create YAML strings to get the exact string you want. Learn about YAML anchors to keep DRY and use merge keys to get the most out of it. Learn about JSON ...
Ansible Tutorial 12 - Writing Custom Modules in Python
Переглядів 1774 місяці тому
In this video, we show how to create custom modules to extend the functionality of ansible. GitHub Repo: github.com/sysengquick-yt/ansible
Ansible Tutorial 11 - Using Custom SSH Options
Переглядів 1414 місяці тому
Ansible Tutorial 11 - Using Custom SSH Options
Ansible Tutorial 10 - Jinja Filters, Tests, and Templates
Переглядів 2694 місяці тому
Ansible Tutorial 10 - Jinja Filters, Tests, and Templates
Ansible Tutorial 09 - Working with Ansible Variables
Переглядів 1175 місяців тому
Ansible Tutorial 09 - Working with Ansible Variables
Ansible Tutorial 08 - Privilege Escalation with Ansible Become
Переглядів 2135 місяців тому
Ansible Tutorial 08 - Privilege Escalation with Ansible Become
Ansible Tutorial 07 - Creating Ansible Roles
Переглядів 1275 місяців тому
Ansible Tutorial 07 - Creating Ansible Roles
Ansible Tutorial 06 - Creating Custom Ansible Collections
Переглядів 2885 місяців тому
Ansible Tutorial 06 - Creating Custom Ansible Collections
Ansible Tutorial 05 - Using Ansible Facts
Переглядів 1645 місяців тому
Ansible Tutorial 05 - Using Ansible Facts
Ansible Tutorial 04 - Working with Ansible Inventories
Переглядів 2155 місяців тому
Ansible Tutorial 04 - Working with Ansible Inventories
Ansible Tutorial 03 - Building Your First Ansible Playbook
Переглядів 2405 місяців тому
Ansible Tutorial 03 - Building Your First Ansible Playbook
Ansible Tutorial 02 - Building a Devcontainer for Ansible
Переглядів 5075 місяців тому
Ansible Tutorial 02 - Building a Devcontainer for Ansible
Ansible Tutorial 01 - Introduction to Ansible
Переглядів 4805 місяців тому
Ansible Tutorial 01 - Introduction to Ansible
Caching Docker Layers with GitHub Actions
Переглядів 4525 місяців тому
Caching Docker Layers with GitHub Actions
Building Docker Containers with GitHub Actions
Переглядів 1125 місяців тому
Building Docker Containers with GitHub Actions
Using SSH Smart Card Authentication in WSL
Переглядів 2966 місяців тому
Using SSH Smart Card Authentication in WSL
I wish it worked on vscode web
Great collection of videos. Thanks a lot for sharing I'd like to ask you what are the settings and extensions you use in these videos for vscode. They seem to be very confortable. One think I like specially are the anotations from git, but AFAIK they are provides by gitlens,a great extension.. but it's too big and it makes the vscode run a little slowler at the beginning.
This is quite useful. Thanks! Finally got running my first dev-container in my local home-lab. I thought you had to make the connection to the remote docker from the host machine instead of making it from the remote server
The amount of information you've packed into a short video is incredible. Thank you so much for this quick but deep overview of install and setup.
I tried installing this on vmware workstation, a lot of apps does not open, for example, kitty, font-manager, vscode, all do not open a window, for some reason, still this tutorial is amazing, nice job man
except if you have docker, a transparent proxy don't work because of dockers messed up iptables setup... so you can't have docker and do this
This is awesome! Got my kubernetes cluster up and running and seems to be working. Tho I cannot reach Rancher. Not sure how to make it work with hostname, but I get "404 not found" when trying to access through IP. Any idea why and how to fix it?
The cluster is exposing traefik on ports 80 and 443, not rancher. The way I had it set up, you need to proxy rancher with traefik, which needs a hostname. You can make a fake hostname like rancher.example.com and add that host to your /etc/hosts file (on Windows in C:\Windows\System32\drivers\etc\hosts). Another option would be to create a NodePort service for rancher, though I don't remember the syntax for this off the top of my head. I'd try faking the hostname part in /etc/hosts first. Nobody "owns" the example.xyz domains, so anyone can use them and they won't ever mask something that's on the public internet.
awesome
I don't understand why to do that since you still can use Docker from WSL without Docker Docker desktop.
why do you use Docker while you have an opensource alternative?
Attempted to use your example, first error I received was attempting to run "turnup" - "ERROR! the playbook: sysengquick.k3s.deploy_k3s could not be found". I verified the playbook is there in collections, but not sure what to do at this point.
It sounds like ansible is not finding the collection. You mighty have to symlink it or install it in the ~/.ansible directory. You can try going into the collection directory on the cli and running ansible-galaxy collection install . (that dot is intentional and part of the command).
nice
Even if it might not be relevant in this context, the filename should be re-escaped here. It's as easy as `re.escape(filename)` - no excuse.
but if you are not showing all the files clearly this video is litteraly useless!
dpkg-buildpackage -rfakeroot -b -d Error - configure: exit 1 dh_auto_configure: error: ./configure --build=x86_64-linux-gnu --prefix=/usr --includedir=\${prefix}/include --mandir=\${prefix}/share/man --infodir=\${prefix}/share/info --sysconfdir=/etc --localstatedir=/var --disable-option-checking --disable-silent-rules --libdir=\${prefix}/lib/x86_64-linux-gnu --runstatedir=/run --disable-maintainer-mode --disable-dependency-tracking "BUILDCXXFLAGS=-g -O2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -ffile-prefix-map=/squid-5.7=. -flto=auto -ffat-lto-objects -fstack-protector-strong -fstack-clash-protection -Wformat -Werror=format-security -fcf-protection -fdebug-prefix-map=/squid-5.7=/usr/src/squid-5.7-1ubuntu3 -Wno-error=deprecated-declarations -Wdate-time -D_FORTIFY_SOURCE=3 -Wl,-Bsymbolic-functions -flto=auto -ffat-lto-objects -Wl,-z,relro -Wl,-z,now " BUILDCXX=g\+\+ --with-build-environment=default "--enable-build-info=Ubuntu linux" --datadir=/usr/share/squid --sysconfdir=/etc/squid --libexecdir=/usr/lib/squid --mandir=/usr/share/man --enable-inline --disable-arch-native --enable-async-io=8 --enable-storeio=ufs,aufs,diskd,rock --enable-removal-policies=lru,heap --enable-delay-pools --enable-cache-digests --enable-icap-client --enable-follow-x-forwarded-for --enable-auth-basic=DB,fake,getpwnam,LDAP,NCSA,PAM,POP3,RADIUS,SASL,SMB --enable-auth-digest=file,LDAP --enable-auth-negotiate=kerberos,wrapper --enable-auth-ntlm=fake,SMB_LM --enable-external-acl-helpers=file_userip,kerberos_ldap_group,LDAP_group,session,SQL_session,time_quota,unix_group,wbinfo_group --enable-security-cert-validators=fake --enable-storeid-rewrite-helpers=file --enable-url-rewrite-helpers=fake --enable-eui --enable-esi --enable-icmp --enable-zph-qos --enable-ecap --enable-ssl --enable-ssl-crtd --with-openssl --disable-translation --with-swapdir=/var/spool/squid --with-logdir=/var/log/squid --with-pidfile=/run/squid.pid --with-filedescriptors=65536 --with-large-files --with-default-user=proxy --enable-linux-netfilter --with-systemd --with-gnutls returned exit code 1 make[1]: *** [debian/rules:85: override_dh_auto_configure] Error 255 make[1]: Leaving directory '/squid-5.7' make: *** [debian/rules:77: build] Error 2 dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2 Need some pointers to resolve this Anychanges that I need to make in debian/rules - Line 77 and 85 ? or anything that I have missed out .. please suggest
I didnt see anything after putting in the command to check the extensions. May I please ask how to solve the issue?
What is poetry?
poetry is a packaging tool and dependency manager for python.
@@sysengquickthanks
Good content, clear presentation.
Very clear and down to details explanation. Just clicked subscribe button, thx!
debian links in description are stale
Yeah, not sure what happened to those, only that they are gone. Might be time for a video update. Debian Stretch is pretty old at this point.
I have to use VirGL-GPU even thought i dont have external GPU? And what to use with iGPU?
virgl is for accelerated graphics. it is not the same as pci passthru. it's a newer way to share the graphics card with a guest OS. use virgl whether you have iGPU or add-on card.
Tanks a lot!Keep it up
Thanks. Appreciate it!
Wish I could give @SysEngQuick 2 thumbs up!!
Thanks. It means a lot.
thank you for the clear, structured, instrumental review
Glad it was helpful!
Brilliant video, thanks One issue I have though is my mouse appears inverted in the Hyprland VM, any ideas?
This is a known problem. I forget the details, but something about VM software messes things up. I was annoyed by this myself.
@@sysengquick no worries I got it working in the end. But for the life of me can't remember what I did! 😊
This series covers a lot of use cases often skipped by other content creators! Great work, John!
Thanks. I appreciate the positive feedback. I also find UA-cam content lacking at times. I try to make content based on the things I wish I knew when I was starting out. I want to demonstrate things I would actually do and avoid contrived examples just to illustrate a concept.
Hi Bro can you please make a video explaining the structure/syntax of Ansible & Terraform step by step in layman terms how to write a playbook for Ansible & how to write main.tf for Terraform I am new to both & don't have experience in programming its confusing how the indentation like Spacings, Comma's, Curly brackets, Variables, loops etc are used. Please its a request
Making a video on YAML is an interesting idea. I really like YAML, but there are a lot of nuances in how it's written, especially with strings, and I've seen a lot of people struggle with it. Maybe I'll do that soon. I'm afraid I've never used terraform though, so I cannot help you with that.
What do you recommend doing in production to overcome the accept key prompt? 12:15
Most ideas involve verifying the key in some manner other than just saying 'yes' and adding that to your known hosts file. You could have someone login to the console and verify manually and then accept the keys. The server could register its generated keys with a central keyserver and that could be the place known_hosts is pulled from. The deployment could generate the key instead of letting the server create one. There are probably other solutions.
Gotcha, I figured it was worth asking since the name of the game is production. 😂 @@sysengquick
I could be wrong but I think you skipped how you like to bootstrap your lxc and vm hosts with Ansible. *I am really liking your approach in the series.
Thanks. Glad you're liking the series. We haven't done anything with the lxc containers yet. The ones I'm using now were set up manually in my proxmox server. In episode 8, we'll use ansible to configure a non-root account so ansible doesn't use root anymore. Every Friday, Saturday, and Sunday in May will have a new ansible video, so that one will be out this Saturday. In June, I'll be starting an ansible project series where we'll do more complicated things with ansible that aren't focused on demonstrating a particular concept. The first project will create a VM and fully configure it using ansible. I'll be doing the deployment to proxmox, but the bootstrapping and setup for the host is the same regardless of how the server was deployed, so it doesn't matter if someone is using something else (e.g. VirtualBox, VMWare, Hyper-V, OpenStack, Xen, libvirt, et. al)
Im not understand it sorry. Is there any further step by step explaination in website or video. Can i do it in Ventoy method since my usb is loaded with other distro. Thanks in advance
Can you update the link for the preeseed file again, the old link is not working
I'll have to look into that. I think a problem I encountered when merging my github accounts caused this file to be lost. Let me see if I can recover it and I'll update the link.
Looking through the comments, I see mentions of NixOS. Which exists because people can't be bothered to write software correctly. If your software is written correctly, you only need two servers for the vast majority of businesses: One on the internal network requiring VPN to access and one in the DMZ or otherwise on the public Internet. And your correctly written software is also future-proofed against braindead upstream decisions. Upgrading the OS comes with upgraded packages. So what? You spend a little time doing a few changes here and there to correct a few bugs that pop up, improving future-proofing resiliency in the process. That's time well spent and improves the stability of your platform.
Ubuntu Server is S tier _because_ of the point release bugfix schedule. The server editions are all LTS, which means you get about 3 _years_ to perform an upgrade before you fall too far behind and they have optional extended release support that expands LTS to 10 years. The fixed release schedule is incredibly reliable for those in the know. For maximum stability, just wait for the .2 release to drop just in case there are still issues in the .1 release. Security updates in packages continue to be backported while LTS support is ongoing. I've seen orgs panic when the PHP or Apache version falls "out of support" upstream because they don't understand Debian/Ubuntu package management and their network scanning tools are yelling false positives at them.
This is a good argument. Thanks for sharing.
This contains a ton of very useful information in a very condensed video. Great work and thx for sharing!
This is by far the best tutorial on iptables I have found. Nice bite sized chunks and no waffling.
arch and gentoo below ubuntu??? garbage tier tier list
NixOS not even on this list... most ingenious distro i've used, lately
I need to try NixOS, but I stand by Arch and Gentoo's placement for SERVERs. I'd definitely rate them higher for a desktop distro tho.
@@sysengquick yeah .. i agree with that. i need to read better. your title even has servers in it.
@@xExekut3x Yeah, Arch and Gentoo are not fit for server environments. Unless you are a masochist who enjoys the pain of being roused at 2 am to an irate boss breathing fire down your neck about the server not being online and the business is losing a ton of money. Ubuntu Server is the "safe" option for nearly all workplace environments.
no nixos?
I've heard a lot of good things about NixOS, but I don't really know anything about it. I should check it out.
"Stability is just out of the question on Arch Linux" hahahaha thats is correct and so real I use archbtw and I can confirm this hahahaa
I daily drove Gentoo for years, but tapped out of arch after a few months. Too many things broke for me and I didn't really care about the latest version of anything. It just wasn't good ROI for me personally.
Its personal opinion at best 😂
F-tier tier-list: it doesn't cover the questions like "what the distro gives to me to make my administration easer" or "If I go to some sort of fortinet website, will there be releases of VPN client/server specifically for my distro or I have to hope there is something in distro which actually works, not outdated and patched" Why distros like gentoo or arch included and NixOS omitted? It definitely more suited for server than arch. Might as well include SteamOS 3. Why there is nothing about automation of sorts "I have handful of servers , how easy is to automate installation so I don't have to run SSH and run commands like I have nothing better to do"
I've never used NixOS and kinda forgot about it. Based on the comments, I need to check it out. All the auto install methods are pretty mid imo. Kickstart, Preseeding, cloud-init. Haven't tried the new Ubuntu thing that came out recently; maybe it's better. CoreOS uses Ignition, but again, haven't used it personally.
"These are my personal opinions based on my experience." "I have never used Suse or Core OS"
Yep, my experience is reading about them and knowing they exist. :)
@@sysengquick "Oh no, you just crashed an airplane! I thought you said you had experience in flying airplanes!" "Yep, my experience is reading about them and knowing they exist."
I wouldn't have considered those things comparable, but I have seen people play Microsoft Flight Simulator. Maybe I'll give that a try soon.
So you are saying that one can not have an opinion unless one have done it one self ?? What is your opinion on killing people ? What is your opinion on raping women ? What is your opinion on incest ? What is your opinion on pedophily ?
@@sidewind131258 Each question you asked is designed to evoke a response on moral judgement (which we can judge against a standard) rather than the experience of the process itself which are both two different things, and is clearly the case in the interaction between the video uploader and I. You are either being deliberately disingenuous or have poor reading comprehension.
I also always go with Debian on servers. Probably most pleasant, stable and predictable experience I had with Linux distros overall.
Where's truenas scale though
I hadn't even considered TrueNAS scale as a linux server OS. It strikes me more as an appliance for a NAS than a server. I know it's got docker and kubernetes, but it's not really designed to run general purpose workloads. It's there to serve plex or wireguard.
@@sysengquick sure, TrueNAS is designed to be a NAS os, it's in the name. But it's in no way worse than running Debian that it's based on by the way, it's just that it has additional functionality. If you don't need it - sure, but god damn the additional functionality is great
But since the base OS is not intended to be changed, it limits your options if you want anything not beyond the additional functionality. I'd still go straight Debian for a general purpose server. I can't deny the TrueNAS special sauce makes for a great NAS though. I used FreeNAS (later TrueNAS Core and TrueNAS Scale) for a long time. I even got my work to replace our mail server storage with one years ago.
Really nice! I 100% agree with your list. Personally, I use Ubuntu for desktop use and Debian for servers.
Like most engineers, I have the best and solely correct opinions. :)
NIXOS is the best choice for servers, and desktop ;)
agreed!
Wow, so many NixOS comments. I really gotta check that out.
@@sysengquick There is a lot to learn and is something completely different from normal Linux, but once you know it - you will never return to normal Linux. A couple of keywords you should familiarize yourself with: git, flakes, home-manager, nixos-anywhere. Good luck!
SUSE Leap and SLES have generally more uptodate packages compared with Red Hat.
I think I have heard that. Do you think it compares favorably with Debian or Ubuntu?
how is gentoo above arch lmao???
With gentoo you can at least set up a fixed working workflow with confidence if you're smart enough
Why should it not be?
@@VitisCZ thats not an answer
@@冗 that wasn't an answer but a question as to why do you think that
@@VitisCZ because I don’t use gentoo and I’m just wondering
WHY IN THE F**K you Americans keep pronouncing SUSE, like SUSA???? it's pronounced "SOO-ZEH" --- Same for PORSCHE, it is not PORSHA, it's pronounced POR-SH-EH
Probably for the same reason we say croissant or hermes differently. I could barely understand the automated voice on the subway in Paris when she mentioned the "Franklin Roosevelt" stop. All I can say is that's not how Americans would say his name.
I use openSUSE Tumbleweed it is one of the most stable rolling release Linux distro i have ever used with things that are done in the right way(out of the box) example root filesystem snapshots, secure boot things, yast2 administration tool(very use full ), etc.. and of course for server one should use openSUSE Leap. The debian is always the goat but i think the leap deserves at least A tier ranking.
I should probably have just marked it as A tier for the same reasons I gave A tier to CoreOS.
(also SuSE is pronounced like sooze) :)
SuSE Linux Enterprise Server is literally the gold standard in Linux server OS. It has Novell's directory services even. Should be S level. I would have placed Centos as A tier and RH and derivatives as B tier. Ubuntu maybe C, however i've never used Ubuntu "server" so maybe it's a bit better than desktop. Certainly not "A" tier in my books.
ubuntu is bloatware tier these days .. so much garbage baked in
Take away the Ubuntu desktop garbage and you're left with a pretty good server imo. Why rank CentOS above RH? They're basically the same.
@@sysengquick Mostly the commercial license and the proprietary Red Hat tools nudge it below the line for me. CentOS however is a great OS if you just want to run some web servers. it's quick and easy to setup a LAMP server for whatever CMS you need (or custom PHP websites) If I were going for backend infrastructure imho SuSE is much better than RHEL. So for me RHEL doesn't have a place, but I do recognize its history and importance for Linux overall.
The only time I ever voluntarily selected CentOS was for a freeipa server. The debian/ubuntu rebuilds were just...so broken. This was 7 years ago though, so maybe it's better now. There's probably a kubernetes operator now. I really dislike how out of date RHEL is, so that's my main objection to the entire RHEL ecosystem. The licensing is mostly just an annoyance to me.