sainthilarious.dev

Brian's personal website

Installing Gentoo Linux with RAID Arrays

This week I had the pleasure of reinstalling Gentoo Linux on Dvorak, my trusty desktop server PC since 2021. The reason for the reinstall is that I had gotten too busy working for clients in recent months or even years, and had regrettably neglected the maintenance of my own systems. It had gotten so bad, that a simple reinstall became much more feasible than a gigantic emerge update, especially with the new Python and Portage versions that have come along since the last time… Besides, I wanted to hone my skills in the Gentoo install process, and I also noticed that there were numerous new changes to the Gentoo handbook…

One particular challenge that I faced is the fact that my hardware consists of RAID arrays. 2 mirrored SSDs of ca. 220 GB each, and 2 mirrored HDDs of 1 TB each. This required some special consideration, which I outline below. I hope that someone else finds this helpful, and this might also save me some trouble the next time I have to do this.

Most sysadmins installing Gentoo will follow along with the Gentoo handbook: https://wiki.gentoo.org/wiki/Handbook:Main_Page

Those who are installing on a RAID array will also want to have the “Tips and Tricks Page” open: https://wiki.gentoo.org/wiki/Gentoo_installation_tips_and_tricks

Those pages outline in detail what needs to be done, but to summarize:

Preparing the disks:

In the live boot environment, load the kernel module for RAID: modprobe raid1

When partitioning the disks, make sure to set the partition type to Linux RAID (or something like that). With fdisk you can change the partition type of a selected partition with the t command.

Create the metadevice nodes with the mknod command. Something like:

  • mknod /dev/md1 b 9 1
  • mknod /dev/md2 b 9 2

Use mdadm to create /etc/mdadm.conf:

  • mdadm --create --verbose /dev/md1 --level=1 --raid-devices=2 --metadata=0.90 /dev/sda1 /dev/sdb1
  • mdadm --create --verbose /dev/md2 --level=1 --raid-devices=2 --metadata=0.90 /dev/sda2 /dev/sdb2
  • Wait until the metadevices are created. Monitor the file /proc/mdstat (tail -f won’t work, do something like watch cat /proc/mdstat instead.)
  • Once it’s done, dump the configuration to /etc/mdadm.conf: mdadm --detail --scan > /etc/mdadm.conf

From now on, every time the handbook says something like /dev/sda1, you actually need /dev/md1

Before chrooting, make sure to copy /etc/mdadm.conf into /mnt/gentoo/etc/

Kernel configuration

The astute sysadmin, who has the Gentoo handbook and the “Tips and Tricks Page” open, will now want to also open another page containing additional documentation for RAID arrays: https://wiki.gentoo.org/wiki/User:SwifT/Complete_Handbook/Software_RAID

The Gentoo handbook outlines several options for configuring and building the kernel. I have found that I need to use genkernel for this step.

To make the RAID arrays work, I had to give the genkernel command a few additional parameters. Here is the full command that worked for me: genkernel --menuconfig --busybox --mdadm --all-ramdisk-modules --dmraid --mountboot --install all (Depending on how many CPUs you have to compile with, you might also want to pass in something like for example --makeopts=-j28)

Now a text based menu will open, in which you configure the kernel. You need to compile the RAID support directly into the kernel, and not as a module. The needed configuration is found under Device Drivers -> Multiple devices driver support -> RAID support. See https://wiki.gentoo.org/wiki/User:SwifT/Complete_Handbook/Software_RAID for the exact configuration.

Exit out of genkernel’s configuration menu, and enjoy watching the Linux kernel compile.

Setting up /etc/fstab

Finally, you just need to find out the UUIDs of the metadevice nodes, and add those to your /etc/fstab

So do something like this: lsblk -f

That will print information about your block devices, along with the required UUIDs. You can write the output to a temporary file, and then, when editing /etc/fstab with vim, you can yank the required values into the file. It’s important that you use the UUIDs of the metadevice nodes, and not the underlying disks.

And that is basically it. The full Gentoo installation process is superbly documented in the handbook, and if you need to install it on a RAID array, you just need to observe these few additional steps outlined here.

LAMP stacks with Lampsible

Lampsible – short for LAMP stacks with Ansible – leverages the power of Ansible, and wraps it up into a simple CLI application that you can use to automate the deployment of a classic infrastructure setup, the LAMP stack: Linux, Apache, MySQL, PHP, to be exact.

Real life examples: Got an Ubuntu VPS and want a fresh, production-ready WordPress site, with valid SSL certificate, custom wp-admin credentials and other configs? Lampsible does this all in one command. How about a virtual machine in your local network, and you need an Apache webserver with customized virtual hosts and set of PHP extensions? Again, Lampsible sets it all up with one CLI command.

td;dr: https://github.com/saint-hilaire/lampsible

Here’s what it looks like:

Like Ansible, the powerful automation framework that it uses under the hood, Lampsible is written in Python, and can be installed with Pip:

python3 -m pip install lampsible

Of course, you can also download the code and build from source, and if you’re into that, you’ll likely want to do it in a virtual environment as well:

git clone https://github.com/saint-hilaire/lampsible
cd lampsible
python3 -m venv .venv
. .venv/bin/activate
python3 -m pip install .

After that, the rest is quite simple. For example, to install a production-ready WordPress site, all you have to is:

lampsible youruser@yourhost.com wordpress \
    --ssl-certbot --email-for-ssl you@yourdomain.com

All the important stuff that you omit, you’ll be prompted for, or offered a default value. Of course, you can also pass in things like --wordpress-site-title or --wordpress-admin-email, or even fancier things like --php-version, --wordpress-version, --php-extensions, --test-cert, or a bunch of other stuff. Just run the --help flag to see all the currently supported features (current version at time of writing: 1.0)

A more advanced feature might be installing Apache and PHP on a virtual machine in your local network, and passing in some more fine tuned Apache virtual host configurations, and a custom set of PHP extensions that you require. That might look like this:

lampsible someuser@192.168.123.123 lamp-stack \
    --ask-remote-sudo \
    --ssl-selfsigned \
    --database-username dbuser \
    --database-name testdb \
    --php-version 8.1 \
    --apache-vhost-name some-legacy-app \
    --apache-document-root /var/www/html/some-legacy-app/some-dir/public \
    --php-extensions mysql,xml,mbstring,xdebug,gd

I’m well aware that “professional” web services these days all run in containers on Kubernetes, and I fully understand why, though I know that it’s not without its drawbacks. In the end, however, Lampsible is intended to be an homage to the old-school. As such, some features I might implement in the future include the automated deployment of other old school classics, such as Drupal, Joomla, Zend apps, and so on. Of course, if you want to help me implement these things, please feel free to reach out! 😉

A Dark Omen

I recently had a disturbing dream, which I absolutely must write down.

Last night, or to be exact, in the early morning of January 22nd, 2024, I had this dream:

I was on my routine morning walk, when I was overcome by an unwelcome, dark omen. Indeed, things became increasingly dark, to the point of being unbearable. Quickly, I ran into the shelter of the doorway of one of the houses I that I always pass by (a beautiful house, by the way). When I looked back, I saw nothing less than the apocalypse itself, raining down its deafening and indiscriminate fury, tons upon tons of black, upheaved earth, launched into the sky from miles away, crashing down to bury this tiny creature that I am.

There was no escaping this. This was it. That feeling of hopelessness is difficult to describe. It was simply time to answer to my maker. Accepting my own imminent and merciless destruction was the only solace to be had in those few seconds of doom.

However, that is not what disturbed me the most.

What disturbed me the most is something that occurred roughly 12 hours later, in my waking day, or rather in the evening.

Catching up on some news, I read about this: https://earthsky.org/space/small-asteroid-to-hit-earth-no-danger-meteorites-january-21-2024/

That asteroid must have hit at about the same time and place at which I had that dream. Are we men and women possibly so sensitive to the heavens? Did others have similar dreams that night? One thing is clear to me now: I ought to give a lot more respect to the awesome powers wielded by the heavens above.

PS: I did a quick internet search to find an image to match what the dream felt like. The attached image fits quite well. Just imagine that those are not rain clouds, but literally mountains of earth and soil about to come crashing down.

Launching this website

After years of unsuccessfully trying to advertise my services as a freelance software developer with a website that didn’t land me a single new client and only created costs, which I came to neglect more and more, because I was unhappy maintaining it… I have decided to switch gears and make things more personal.

So this is now my personal website. I will use this site as a creative outlet, and share various things that I hold dear. I look forward to running this site, I think it will be a lot of fun.

In the state of today’s internet, we need personal homepages more than ever. There was a lot of potential in the early days of the internet, and much of this potential has not been tapped into, even to this day. A free and open cyberspace… where each individual could craft their own unique identity, and lay claim to their very own personal webspace, maintaining it as they please… this was envisioned in the early internet.

Instead of that, vast regions of cyberspace have been taken over by large corporations, who redistribute it to the common folk in the form of social media platforms and the like. Because there is a certain barrier to entry in the internet (maintaining a web server is not common knowledge – unfortunately!), the average individual has no choice but to accept the prepackaged little plot of cyberspace that is sold back to them when they download Instagram or Twitter from the Play Store (though the download is free, users pay by means of the blatant surveillance to which they are subjected).

The companies running these platforms dictate who they deem acceptable, and who gets censored. Those who have been silenced for expressing their thoughts, if they are not somewhat tech-savvy, could be essentially excluded from the internet entirely – so much so, that human rights discussions around social media bans have surfaced. Is the use of Twitter a human right? I actually disagree. The company can decide for itself, to whom it sells its product. The problem is that we have created a society, in which the average person has been tricked into thinking that they must buy the product in the first place, in order to participate in discussion. Publishing your thoughts on some kind of publicly reachable web server; that is a human right.

Furthermore, social media platforms have changed how we think and behave, in a deep-rooted and unhealthy way. A personal online presence, whether a homepage or a social media profile, is something that ought to be maintained and taken care of. Similar to a garden or a shrine, in which we must make the effort to trim the weeds and sweep the floor, simply to maintain the energy of cleanliness and order, so too, must a website be maintained. A social media platform, on the other hand, is a mass produced commodity, funded by advertising and surveillance, sold to the user, fueling the narcissistic trait, that we have come to know as social media addiction.

For this reason, and probably other reasons as well, I have decided to start this web site. By the way, all this thinking about how the internet used to be, and how it ought to be, has made me very nostalgic for the old “Web 1.0”. For this reason, I built a small Web 1.0 inspired WordPress theme, with the goal of creating the look and feel of a website from the early internet, which this site is currently powered by. If you are also running a website, and feel like I do, or even if you don’t – feel free to use it for your site: https://github.com/saint-hilaire/web1-0-wp-theme