Idk

config/linux-servers/debian.md

@@ -41,6 +41,7 @@ breadcrumbs:
 1. Check the system status:
     - Check for failed services: `systemctl --failed`
     - Check that AppArmor is operational: `apparmor_status`
+1. Update the root password: `passwd`
 1. Localization:
     - Check current locale:
         - `locale` should return `en_US.UTF-8`.
@@ -199,7 +200,7 @@ Everything here is optional.
     - Add an ASCII art (or Unicode art) logo to `/etc/logo`, using e.g. [TAAG](http://patorjk.com/software/taag/).
     - (Optional) Add a MOTD to `/etc/motd`.
     - (Optional) Clear or change the pre-login message in `/etc/issue`.
-    - Test it (as a normal user): `bash /etc/profile.d/dmotd.sh`
+    - Test it: `su - <some-normal-user>`
 1. Monitor free disk space:
     - Download [disk-space-checker.sh](https://github.com/HON95/scripts/blob/master/server/linux/general/disk-space-checker.sh) either to `/cron/cron.daily/` or to `/opt/bin` and create a cron job for it.
     - Example cron job (15 minutes past every 4 hours): `15 */4 * * * root /opt/bin/disk-space-checker`

config/linux-servers/proxmox-ve.md

@@ -38,6 +38,7 @@ Follow the instructions for [Debian server basic setup](../debian-server/#initia
     1. In `/etc/apt/sources.list.d/pve-enterprise.list`, comment out the Enterprise repo.
     1. In `/etc/apt/sources.list`, add the PVE No-Subscription repo: `deb http://download.proxmox.com/debian/pve buster pve-no-subscription`
     1. More info: [Proxmox VE: Package Repositories](https://pve.proxmox.com/wiki/Package_Repositories#sysadmin_no_subscription_repo)
+1. Don't install any of the firmware packages, it will remove the PVE firmware packages.
 1. Update network config and hostname:
     1. Do NOT manually modify the configs for network, DNS, NTP, firewall, etc. as specified in the Debian guide.
     1. Install `ifupdown2`.

config/linux-servers/storage.md

@@ -345,12 +345,12 @@ Some guides recommend using backport repos, but this way avoids that.
     1. Reboot and test. It may fail due to dependency/boot order stuff.
 - Create a password encrypted pool: `zpool create -O encryption=aes-128-gcm -O keyformat=passphrase ...`
 - Create a raw key encrypted pool:
-    - Generate the key: `dd if=/dev/random of=/root/keys/zfs/<tank> bs=32 count=1`
-    - Create the pool: `zpool create -O encryption=aes-128-gcm -O keyformat=raw -O keylocation=file:///root/keys/zfs/<tank> ...`
+    - Generate the key: `dd if=/dev/random of=/root/.credentials/zfs/<tank> bs=32 count=1`
+    - Create the pool: `zpool create -O encryption=aes-128-gcm -O keyformat=raw -O keylocation=file:///root/.credentials/zfs/<tank> ...`
 - Encrypt an existing dataset by sending and receiving:
     1. Rename the old dataset: `zfs rename <dataset> <old-dataset>`
     1. Snapshot the old dataset: `zfs snapshot -r <dataset>@<snapshot>`
-    1. Command: `zfs send [-R] <old-dataset> | zfs recv -o encryption=aes-128-gcm -o keyformat=raw -o keylocation=file:///root/keys/zfs/<tank> <new-dataset>`
+    1. Command: `zfs send [-R] <old-dataset> | zfs recv -o encryption=aes-128-gcm -o keyformat=raw -o keylocation=file:///root/.credentials/zfs/<tank> <new-dataset>`
     1. Test the new dataset.
     1. Delete the snapshots and the old dataset.
     - All child datasets will be encrypted too (if `-r` and `-R` were used).