feat: server is vm

3 files changed, 245 insertions, 1 deletions

diff --git a/assets/covers/steve-kirk-thimbleweed-park.jpg b/assets/covers/steve-kirk-thimbleweed-park.jpg
new file mode 100644
index 0000000..523f4fd
--- /dev/null
+++ b/assets/covers/steve-kirk-thimbleweed-park.jpg
diff --git a/content-org/blog.org b/content-org/blog.org
index 60a2d1a..e078c51 100644
--- a/content-org/blog.org
+++ b/content-org/blog.org
@@ -8,7 +8,7 @@
 #+HUGO_SECTION: blog
 
 
-* 2024  [73/75]                                                       :@blog:
+* 2024  [74/76]                                                       :@blog:
 :PROPERTIES:
 :EXPORT_HUGO_SECTION: blog/2024
 :EXPORT_HUGO_CUSTOM_FRONT_MATTER+: :image_dir "blog/images" :image_max_width 600
@@ -62,6 +62,126 @@ Images are made to add additional value to the text, not to make it load slower.
 [fn:cool] Except of [[https://emacs.crys.site/][Coolmacs]].
 Love you, Drew!
 
+** DONE My server is now a virtual machine
+CLOSED: [2024-09-26 Thu 21:29]
+:PROPERTIES:
+:EXPORT_FILE_NAME: crys-vm
+:EXPORT_HUGO_CUSTOM_FRONT_MATTER+: :abstract Memoir from a forced migation
+:EXPORT_HUGO_CUSTOM_FRONT_MATTER+: :listening Steve Kirk -  Thimbleweed Park (Original Soundtrack) 
+:EXPORT_HUGO_CUSTOM_FRONT_MATTER+: :listening_url https://thimbleweedpark.bandcamp.com/album/thimbleweed-park-original-soundtrack
+:EXPORT_HUGO_CUSTOM_FRONT_MATTER+: :listening_img steve-kirk-thimbleweed-park.jpg
+:END:
+
+The unthinkable has happened - and by that, I mean it was a matter of time, but I wasn't expecting a week.
+The SD card used in Raspberry Pi behind [[https://crys.site][crys.site]] got corrupted beyond fixing.
+I tried, tried (I gave it good 30 mins) and failed.
+Super block was borked, fixing the filesystem was impossible.
+
+But I will not let go of my FreeBSD server!
+/Beastie or Bust!/.
+I have this quite modern Synology, so why not use it?
+The UI is not for me, but I can set up a virtual machine there and boom - everything will be all right with the world.
+On the host FreeBSD all I had to do was:
+- enable sshd(8)
+- install doas(1)
+
+And add a bridge to the network, which will be used by the jails:
+
+#+begin_src shell
+# /etc/rc.conf
+
+cloned_interfaces="bridge0"
+ifconfig_bridge0="addm em0 up"
+kld_list="if_bridge if_epair"
+#+end_src
+
+The SD card used UFS (default image for FreeBSD on Raspberry), so I lost it.
+But all my data, the sites and jails were stored on external thumb drive in a ZFS pool.
+This made the transition incredibly fast.
+First, I had to create a recursive (=-r=) snapshot of the root dataset.
+I found naming it =fun= funny.
+
+#+begin_src shell
+zfs snapsot -r extdata@fin 
+#+end_src
+
+And I was able to transfer all descendant datasets to to the new machine
+
+#+begin_src shell
+zfs send -R extdata/jail@fin | ssh 10.0.7.0 zfs recv zroot/jail
+#+end_src
+
+Oh ZFS, we don't deserve you.
+
+Then I recreated my jail.conf[fn:jsrc] with DHCP VNET:
+
+#+begin_src shell
+# STARTUP/LOGGING
+exec.clean;
+exec.start = "/bin/sh /etc/rc";
+exec.stop = "/bin/sh /etc/rc.shutdown";
+exec.consolelog = "/var/log/jail_console_${name}.log";
+
+# PERMISSIONS
+allow.raw_sockets;
+exec.clean;
+mount.devfs;
+devfs_ruleset = 5;
+vnet;
+allow.raw_sockets = 1;
+
+host.hostname = "${name}.dune.local";
+path = "/usr/local/jails/containers/${name}";
+$epair = "epair${id}";
+$bridge = "bridge0";
+vnet.interface = "${epair}b";
+
+exec.start += "dhclient ${epair}b";
+exec.prestart  = "/sbin/ifconfig ${epair} create up";
+exec.prestart += "/sbin/ifconfig ${epair}a up descr jail:${name}";
+exec.prestart += "/sbin/ifconfig ${bridge} addm ${epair}a up";
+
+exec.poststop = "/sbin/ifconfig ${bridge} deletem ${epair}a";
+exec.poststop += "/sbin/ifconfig ${epair}a destroy";
+
+nginx {
+  $id=1;
+}
+
+sites {
+  $id=10;
+}
+
+#+end_src
+
+and... nothing.
+Nada.
+The jails won't start.
+
+Raspberry Pi is ARM, my VM is x86.
+I had to create new jails - which is a breeze thanks to, again, ZFS.
+Since jails are normal directories, I was able to simply copy configs to new jails.
+In all, this forced migration took 2 hours.
+And that includes downloading data.
+
+Emacs made it very easy, since I can use =tramp= with =doas= to edit remote files as root:
+
+#+begin_src shell
+/sshx:mms@10.0.7.0|doas::
+#+end_src
+
+The last missing puzzle was strange change from RPI, as jail's Mac addresses started changing after each start.
+Luckily, BSD is a community so [[https://bsd.network/@meka][meka]] provided me with config to force Mac address for jail, and I've added:
+
+#+begin_src shell
+exec.prestart += "/sbin/ifconfig ${epair}b ether ${mac}";
+#+end_src
+
+Truly, FreeBSD is a gift that keeps on giving.
+
+[fn:jsrc] This config is a combination of what [[https://rubenerd.com/starting-with-freebsd-jails/][Ruben]], [[https://docs.freebsd.org/en/books/handbook/jails/][FreeBSD Guides]], and [[https://wiki.freebsd.org/Jails][FreeBSD Wiki]] has thought me.
+I'll need to step up and buy [[https://mwl.io/nonfiction/os#fmjail][Jail Mastery]] book from MWL sometime in the near future.
+
 ** DONE Gatekeeping in tech
 CLOSED: [2024-09-25 Wed 17:33]
 :PROPERTIES:
diff --git a/content/blog/2024/crys-vm.md b/content/blog/2024/crys-vm.md
new file mode 100644
index 0000000..3898371
--- /dev/null
+++ b/content/blog/2024/crys-vm.md
@@ -0,0 +1,124 @@
++++
+title = "My server is now a virtual machine"
+author = ["Michał Sapka"]
+date = 2024-09-26T21:29:00+02:00
+categories = ["blog"]
+draft = false
+weight = 2001
+image_dir = "blog/images"
+image_max_width = 600
+abstract = "Memoir from a forced migation"
+listening = "Steve Kirk -  Thimbleweed Park (Original Soundtrack)"
+listening_url = "https://thimbleweedpark.bandcamp.com/album/thimbleweed-park-original-soundtrack"
+listening_img = "steve-kirk-thimbleweed-park.jpg"
++++
+
+The unthinkable has happened - and by that, I mean it was a matter of time, but I wasn't expecting a week.
+The SD card used in Raspberry Pi behind [crys.site](https://crys.site) got corrupted beyond fixing.
+I tried, tried (I gave it good 30 mins) and failed.
+Super block was borked, fixing the filesystem was impossible.
+
+But I will not let go of my FreeBSD server!
+_Beastie or Bust!_.
+I have this quite modern Synology, so why not use it?
+The UI is not for me, but I can set up a virtual machine there and boom - everything will be all right with the world.
+On the host FreeBSD all I had to do was:
+
+-   enable sshd(8)
+-   install doas(1)
+
+And add a bridge to the network, which will be used by the jails:
+
+```shell
+# /etc/rc.conf
+
+cloned_interfaces="bridge0"
+ifconfig_bridge0="addm em0 up"
+kld_list="if_bridge if_epair"
+```
+
+The SD card used UFS (default image for FreeBSD on Raspberry), so I lost it.
+But all my data, the sites and jails were stored on external thumb drive in a ZFS pool.
+This made the transition incredibly fast.
+First, I had to create a recursive (`-r`) snapshot of the root dataset.
+I found naming it `fun` funny.
+
+```shell
+zfs snapsot -r extdata@fin
+```
+
+And I was able to transfer all descendant datasets to to the new machine
+
+```shell
+zfs send -R extdata/jail@fin | ssh 10.0.7.0 zfs recv zroot/jail
+```
+
+Oh ZFS, we don't deserve you.
+
+Then I recreated my jail.conf[^fn:1] with DHCP VNET:
+
+```shell
+# STARTUP/LOGGING
+exec.clean;
+exec.start = "/bin/sh /etc/rc";
+exec.stop = "/bin/sh /etc/rc.shutdown";
+exec.consolelog = "/var/log/jail_console_${name}.log";
+
+# PERMISSIONS
+allow.raw_sockets;
+exec.clean;
+mount.devfs;
+devfs_ruleset = 5;
+vnet;
+allow.raw_sockets = 1;
+
+host.hostname = "${name}.dune.local";
+path = "/usr/local/jails/containers/${name}";
+$epair = "epair${id}";
+$bridge = "bridge0";
+vnet.interface = "${epair}b";
+
+exec.start += "dhclient ${epair}b";
+exec.prestart  = "/sbin/ifconfig ${epair} create up";
+exec.prestart += "/sbin/ifconfig ${epair}a up descr jail:${name}";
+exec.prestart += "/sbin/ifconfig ${bridge} addm ${epair}a up";
+
+exec.poststop = "/sbin/ifconfig ${bridge} deletem ${epair}a";
+exec.poststop += "/sbin/ifconfig ${epair}a destroy";
+
+nginx {
+  $id=1;
+}
+
+sites {
+  $id=10;
+}
+```
+
+and... nothing.
+Nada.
+The jails won't start.
+
+Raspberry Pi is ARM, my VM is x86.
+I had to create new jails - which is a breeze thanks to, again, ZFS.
+Since jails are normal directories, I was able to simply copy configs to new jails.
+In all, this forced migration took 2 hours.
+And that includes downloading data.
+
+Emacs made it very easy, since I can use `tramp` with `doas` to edit remote files as root:
+
+```shell
+/sshx:mms@10.0.7.0|doas::
+```
+
+The last missing puzzle was strange change from RPI, as jail's Mac addresses started changing after each start.
+Luckily, BSD is a community so [meka](https://bsd.network/@meka) provided me with config to force Mac address for jail, and I've added:
+
+```shell
+exec.prestart += "/sbin/ifconfig ${epair}b ether ${mac}";
+```
+
+Truly, FreeBSD is a gift that keeps on giving.
+
+[^fn:1]: This config is a combination of what [Ruben](https://rubenerd.com/starting-with-freebsd-jails/), [FreeBSD Guides](https://docs.freebsd.org/en/books/handbook/jails/), and [FreeBSD Wiki](https://wiki.freebsd.org/Jails) has thought me.
+    I'll need to step up and buy [Jail Mastery](https://mwl.io/nonfiction/os#fmjail) book from MWL sometime in the near future.