From 29f7fc99211d9f49b9f631f720af4e77aae26a03 Mon Sep 17 00:00:00 2001 From: MajorLinux Date: Thu, 2 Apr 2026 10:55:53 -0400 Subject: [PATCH] wiki: add 4 new articles from archive, merge 8 archive notes into existing articles (73 articles) New: mdadm RAID rebuild, Mastodon instance tuning, Ventoy, Fedora networking/kernel recovery. Merged: Glacier Deep Archive into rsync, SpamAssassin into hardening checklist, OBS captions/VLC capture into OBS setup, yt-dlp subtitles/temp fix into yt-dlp. Updated index.md, README.md, SUMMARY.md with 21 previously missing articles. Fixed merge conflict in index.md Recently Updated table. Co-Authored-By: Claude Opus 4.6 (1M context) --- 01-linux/storage/mdadm-raid-rebuild.md | 113 ++++++++++++++ .../linux-server-hardening-checklist.md | 32 ++++ .../services/mastodon-instance-tuning.md | 68 +++++++++ .../storage-backup/rsync-backup-patterns.md | 23 +++ 03-opensource/dev-tools/ventoy.md | 81 ++++++++++ 03-opensource/media-creative/yt-dlp.md | 23 +++ 04-streaming/obs/obs-studio-setup-encoding.md | 25 ++++ .../fedora-networking-kernel-recovery.md | 141 ++++++++++++++++++ README.md | 44 +++++- SUMMARY.md | 6 + index.md | 48 ++++-- 11 files changed, 586 insertions(+), 18 deletions(-) create mode 100644 01-linux/storage/mdadm-raid-rebuild.md create mode 100644 02-selfhosting/services/mastodon-instance-tuning.md create mode 100644 03-opensource/dev-tools/ventoy.md create mode 100644 05-troubleshooting/fedora-networking-kernel-recovery.md diff --git a/01-linux/storage/mdadm-raid-rebuild.md b/01-linux/storage/mdadm-raid-rebuild.md new file mode 100644 index 0000000..99edc86 --- /dev/null +++ b/01-linux/storage/mdadm-raid-rebuild.md @@ -0,0 +1,113 @@ +--- +title: "mdadm — Rebuilding a RAID Array After Reinstall" +domain: linux +category: storage +tags: [mdadm, raid, linux, storage, recovery, homelab] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- + +# mdadm — Rebuilding a RAID Array After Reinstall + +If you reinstall the OS on a machine that has an existing mdadm RAID array, the array metadata is still on the disks — you just need to reassemble it. The data isn't gone unless you've overwritten the member disks. + +## The Short Answer + +```bash +# Scan for existing arrays +sudo mdadm --assemble --scan + +# Check what was found +cat /proc/mdstat +``` + +If that works, your array is back. If not, you'll need to manually identify the member disks and reassemble. + +## Step-by-Step Recovery + +### 1. Identify the RAID member disks + +```bash +# Show mdadm superblock info on each disk/partition +sudo mdadm --examine /dev/sda1 +sudo mdadm --examine /dev/sdb1 + +# Or scan all devices at once +sudo mdadm --examine --scan +``` + +Look for matching `UUID` fields — disks with the same array UUID belong to the same array. + +### 2. Reassemble the array + +```bash +# Assemble from specific devices +sudo mdadm --assemble /dev/md0 /dev/sda1 /dev/sdb1 + +# Or let mdadm figure it out from superblocks +sudo mdadm --assemble --scan +``` + +### 3. Verify the array state + +```bash +cat /proc/mdstat +sudo mdadm --detail /dev/md0 +``` + +You want to see `State : active` (or `active, degraded` if a disk is missing). If degraded, the array is still usable but should be rebuilt. + +### 4. Update mdadm.conf so it persists across reboots + +```bash +# Generate the config +sudo mdadm --detail --scan | sudo tee -a /etc/mdadm.conf + +# Fedora/RHEL — rebuild initramfs so the array is found at boot +sudo dracut --force + +# Debian/Ubuntu — update initramfs +sudo update-initramfs -u +``` + +### 5. Mount the filesystem + +```bash +# Check the filesystem +sudo fsck /dev/md0 + +# Mount +sudo mount /dev/md0 /mnt/raid + +# Add to fstab for auto-mount +echo '/dev/md0 /mnt/raid ext4 defaults 0 2' | sudo tee -a /etc/fstab +``` + +## Rebuilding a Degraded Array + +If a disk failed or was replaced: + +```bash +# Add the new disk to the existing array +sudo mdadm --manage /dev/md0 --add /dev/sdc1 + +# Watch the rebuild progress +watch cat /proc/mdstat +``` + +Rebuild time depends on array size and disk speed. The array is usable during rebuild but with degraded performance. + +## Gotchas & Notes + +- **Don't `--create` when you mean `--assemble`.** `--create` initializes a new array and will overwrite existing superblocks. `--assemble` brings an existing array back online. +- **Superblock versions matter.** Modern mdadm uses 1.2 superblocks by default. If the array was created with an older version, specify `--metadata=0.90` during assembly. +- **RAID is not a backup.** mdadm protects against disk failure, not against accidental deletion, ransomware, or filesystem corruption. Pair it with rsync or Restic for actual backups. +- **Check SMART status on all member disks** after a reinstall. If you're reassembling because a disk failed, make sure the remaining disks are healthy. + +Reference: [mdadm — How to rebuild RAID array after fresh install (Unix & Linux Stack Exchange)](https://unix.stackexchange.com/questions/593836/mdadm-how-to-rebuild-raid-array-after-fresh-install) + +## See Also + +- [[snapraid-mergerfs-setup]] +- [[rsync-backup-patterns]] diff --git a/02-selfhosting/security/linux-server-hardening-checklist.md b/02-selfhosting/security/linux-server-hardening-checklist.md index d1ca14f..2deefab 100644 --- a/02-selfhosting/security/linux-server-hardening-checklist.md +++ b/02-selfhosting/security/linux-server-hardening-checklist.md @@ -194,6 +194,38 @@ sudo systemctl disable --now servicename Common ones to disable on a dedicated server: `avahi-daemon`, `cups`, `bluetooth`. +## 8. Mail Server: SpamAssassin + +If you're running Postfix (like on majormail), SpamAssassin filters incoming spam before it hits your mailbox. + +**Install (Fedora/RHEL):** + +```bash +sudo dnf install spamassassin +sudo systemctl enable --now spamassassin +``` + +**Integrate with Postfix** by adding a content filter in `/etc/postfix/master.cf`. See the [full setup guide](https://www.davekb.com/browse_computer_tips:spamassassin_with_postfix:txt) for Postfix integration on RedHat-based systems. + +**Train the filter with sa-learn:** + +SpamAssassin gets better when you feed it examples of spam and ham (legitimate mail): + +```bash +# Train on known spam +sa-learn --spam /path/to/spam-folder/ + +# Train on known good mail +sa-learn --ham /path/to/ham-folder/ + +# Check what sa-learn knows +sa-learn --dump magic +``` + +Run `sa-learn` periodically against your Maildir to keep the Bayesian filter accurate. The more examples it sees, the fewer false positives and missed spam you'll get. + +Reference: [sa-learn documentation](https://spamassassin.apache.org/full/3.0.x/dist/doc/sa-learn.html) + ## Gotchas & Notes - **Don't lock yourself out.** Test SSH key auth in a second terminal before disabling passwords. Keep the original session open. diff --git a/02-selfhosting/services/mastodon-instance-tuning.md b/02-selfhosting/services/mastodon-instance-tuning.md new file mode 100644 index 0000000..57dfc4d --- /dev/null +++ b/02-selfhosting/services/mastodon-instance-tuning.md @@ -0,0 +1,68 @@ +--- +title: "Mastodon Instance Tuning" +domain: selfhosting +category: services +tags: [mastodon, fediverse, self-hosting, majortoot, docker] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- + +# Mastodon Instance Tuning + +Running your own Mastodon instance means you control the rules — including limits the upstream project imposes by default. These are the tweaks applied to **majortoot** (MajorsHouse's Mastodon instance). + +## Increase Character Limit + +Mastodon's default 500-character post limit is low for longer-form thoughts. You can raise it, but it requires modifying the source — there's no config toggle. + +The process depends on your deployment method (Docker vs bare metal) and Mastodon version. The community-maintained guide covers the approaches: + +- [How to increase the max number of characters of a post](https://qa.mastoadmin.social/questions/10010000000000011/how-do-i-increase-the-max-number-of-characters-of-a-post) + +**Key points:** +- The limit is enforced in both the backend (Ruby) and frontend (React). Both must be changed or the UI will reject posts the API would accept. +- After changing, you need to rebuild assets and restart services. +- Other instances will still display the full post — the character limit is per-instance, not a federation constraint. +- Some Mastodon forks (Glitch, Hometown) expose this as a config option without source patches. + +## Media Cache Management + +Federated content (avatars, headers, media from remote posts) gets cached locally. On a small instance this grows slowly, but over months it adds up — especially if you follow active accounts on large instances. + +Reference: [Fedicache — Understanding Mastodon's media cache](https://notes.neatnik.net/2024/08/fedicache) + +**Clean up cached remote media:** + +```bash +# Preview what would be removed (older than 7 days) +tootctl media remove --days 7 --dry-run + +# Actually remove it +tootctl media remove --days 7 + +# For Docker deployments +docker exec mastodon-web tootctl media remove --days 7 +``` + +**Automate with cron or systemd timer:** + +```bash +# Weekly cache cleanup — crontab +0 3 * * 0 docker exec mastodon-web tootctl media remove --days 7 +``` + +**What gets removed:** Only cached copies of remote media. Local uploads (your posts, your users' posts) are never touched. Remote media will be re-fetched on demand if someone views the post again. + +**Storage impact:** On a single-user instance, remote media cache can still reach several GB over a few months of active federation. Regular cleanup keeps disk usage predictable. + +## Gotchas & Notes + +- **Character limit changes break on upgrades.** Any source patch gets overwritten when you pull a new Mastodon release. Track your changes and reapply after updates. +- **`tootctl` is your admin CLI.** It handles media cleanup, user management, federation diagnostics, and more. Run `tootctl --help` for the full list. +- **Monitor disk usage.** Even with cache cleanup, the PostgreSQL database and local media uploads grow over time. Keep an eye on it. + +## See Also + +- [[self-hosting-starter-guide]] +- [[docker-healthchecks]] diff --git a/02-selfhosting/storage-backup/rsync-backup-patterns.md b/02-selfhosting/storage-backup/rsync-backup-patterns.md index 89bec1c..90b9dcf 100644 --- a/02-selfhosting/storage-backup/rsync-backup-patterns.md +++ b/02-selfhosting/storage-backup/rsync-backup-patterns.md @@ -148,6 +148,29 @@ WantedBy=timers.target sudo systemctl enable --now rsync-backup.timer ``` +## Cold Storage — AWS Glacier Deep Archive + +rsync handles local and remote backups, but for true offsite cold storage — disaster recovery, archival copies you rarely need to retrieve — AWS Glacier Deep Archive is the cheapest option at ~$1/TB/month. + +Upload files directly to an S3 bucket with the `DEEP_ARCHIVE` storage class: + +```bash +# Single file +aws s3 cp backup.tar.gz s3://your-bucket/ --storage-class DEEP_ARCHIVE + +# Entire directory +aws s3 sync /backup/offsite/ s3://your-bucket/offsite/ --storage-class DEEP_ARCHIVE +``` + +**When to use it:** Long-term backups you'd only need in a disaster scenario — media archives, yearly snapshots, irreplaceable data. Not for anything you'd need to restore quickly. + +**Retrieval tradeoffs:** +- **Standard retrieval:** 12 hours, cheapest restore cost +- **Bulk retrieval:** Up to 48 hours, even cheaper +- **Expedited:** Not available for Deep Archive — if you need faster access, use regular Glacier or S3 Infrequent Access + +**In the MajorsHouse backup strategy**, rsync handles the daily local and cross-host backups. Glacier Deep Archive is the final tier — offsite, durable, cheap, and slow to retrieve by design. A good backup plan has both. + ## Gotchas & Notes - **Test with `--dry-run` first.** Especially when using `--delete`. See what would be removed before actually removing it. diff --git a/03-opensource/dev-tools/ventoy.md b/03-opensource/dev-tools/ventoy.md new file mode 100644 index 0000000..f17e260 --- /dev/null +++ b/03-opensource/dev-tools/ventoy.md @@ -0,0 +1,81 @@ +--- +title: "Ventoy — Multi-Boot USB Tool" +domain: opensource +category: dev-tools +tags: [ventoy, usb, boot, iso, linux, tools] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- + +# Ventoy — Multi-Boot USB Tool + +Ventoy turns a USB drive into a multi-boot device. Drop ISO files onto the drive and boot directly from them — no need to flash a new image every time you want to try a different distro or run a recovery tool. + +## What It Is + +[Ventoy](https://www.ventoy.net/) creates a special partition layout on a USB drive. After the one-time install, you just copy ISO (or WIM, VHD, IMG) files to the drive. On boot, Ventoy presents a menu of every image on the drive and boots whichever one you pick. + +No re-formatting. No Rufus. No balenaEtcher. Just drag and drop. + +## Installation + +### Linux + +```bash +# Download the latest release +wget https://github.com/ventoy/Ventoy/releases/download/v1.1.05/ventoy-1.1.05-linux.tar.gz + +# Extract +tar -xzf ventoy-1.1.05-linux.tar.gz +cd ventoy-1.1.05 + +# Install to USB drive (WARNING: this formats the drive) +sudo ./Ventoy2Disk.sh -i /dev/sdX +``` + +Replace `/dev/sdX` with your USB drive. Use `lsblk` to identify it — triple-check before running, this wipes the drive. + +### Windows + +Download the Windows package from the Ventoy releases page, run `Ventoy2Disk.exe`, select your USB drive, and click Install. + +## Usage + +After installation, the USB drive shows up as a regular FAT32/exFAT partition. Copy ISOs onto it: + +```bash +# Copy ISOs to the drive +cp ~/Downloads/Fedora-43-x86_64.iso /mnt/ventoy/ +cp ~/Downloads/ubuntu-24.04-desktop.iso /mnt/ventoy/ +cp ~/Downloads/memtest86.iso /mnt/ventoy/ +``` + +Boot from the USB. Ventoy's menu lists every ISO it finds. Select one and it boots directly. + +## Updating Ventoy + +When a new version comes out, update without losing your ISOs: + +```bash +# Update mode (-u) preserves existing files +sudo ./Ventoy2Disk.sh -u /dev/sdX +``` + +## Why It's Useful + +- **Distro testing:** Keep 5-10 distro ISOs on one stick. Boot into any of them without reflashing. +- **Recovery toolkit:** Carry GParted, Clonezilla, memtest86, and a live Linux on a single drive. +- **OS installation:** One USB for every machine you need to set up. +- **Persistence:** Ventoy supports persistent storage for some distros, so live sessions can save data across reboots. + +## Gotchas & Notes + +- **Secure Boot:** Ventoy supports Secure Boot but it requires enrolling a key on first boot. Follow the on-screen prompts. +- **exFAT for large ISOs:** The default FAT32 partition has a 4GB file size limit. Use exFAT if any of your ISOs exceed that (Windows ISOs often do). Ventoy supports both. +- **UEFI vs Legacy:** Ventoy handles both automatically. It detects the boot mode and presents the appropriate menu. +- **Some ISOs don't work.** Heavily customized or non-standard ISOs may fail to boot. Standard distro ISOs and common tools work reliably. + +## See Also + +- [[linux-distro-guide-beginners]] diff --git a/03-opensource/media-creative/yt-dlp.md b/03-opensource/media-creative/yt-dlp.md index 4da73ee..ea46d05 100644 --- a/03-opensource/media-creative/yt-dlp.md +++ b/03-opensource/media-creative/yt-dlp.md @@ -118,10 +118,33 @@ tail -f ~/yt-download.log --- +## Subtitle Downloads + +The config above handles subtitles automatically via `--write-auto-subs` and `--embed-subs`. For one-off downloads where you want explicit control over subtitle embedding alongside specific format selection: + +```bash +yt-dlp -f 'bestvideo[vcodec^=avc]+bestaudio[ext=m4a]/bestvideo+bestaudio' \ + --merge-output-format mp4 \ + -o "/plex/plex/%(title)s.%(ext)s" \ + --write-auto-subs --embed-subs URL +``` + +This forces H.264 video + M4A audio when available — useful when you want guaranteed Apple TV / Plex compatibility without running the HEVC conversion hook. + +--- + ## Troubleshooting For YouTube JS challenge errors, missing formats, and n-challenge failures on Fedora — see [yt-dlp YouTube JS Challenge Fix](../../05-troubleshooting/yt-dlp-fedora-js-challenge.md). +**YouTube player client errors:** If downloads fail with extractor errors, YouTube may have broken the default player client. Override it: + +```bash +yt-dlp --extractor-args "youtube:player-client=default,-tv_simply" URL +``` + +This can also be added to your config file as a persistent workaround until yt-dlp pushes a fix upstream. Keep yt-dlp updated — these breakages get patched regularly. + --- ## Tags diff --git a/04-streaming/obs/obs-studio-setup-encoding.md b/04-streaming/obs/obs-studio-setup-encoding.md index f40c78e..c51c0e2 100644 --- a/04-streaming/obs/obs-studio-setup-encoding.md +++ b/04-streaming/obs/obs-studio-setup-encoding.md @@ -118,6 +118,31 @@ echo "v4l2loopback" | sudo tee /etc/modules-load.d/v4l2loopback.conf echo "options v4l2loopback devices=1 video_nr=10 card_label=OBS Virtual Camera exclusive_caps=1" | sudo tee /etc/modprobe.d/v4l2loopback.conf ``` +## Plugins & Capture Sources + +### Captions Plugin (Accessibility) + +[OBS Captions Plugin](https://github.com/ratwithacompiler/OBS-captions-plugin) adds real-time closed captions to streams using speech-to-text. Viewers can toggle captions on/off in their player — important for accessibility and for viewers watching without sound. + +Install from the plugin's GitHub releases page, then configure in Tools → Captions. + +### VLC Video Source (Capture Card) + +For capturing from an Elgato 4K60 Pro MK.2 (or similar DirectShow capture card) via VLC as an OBS source, use this device string: + +``` +:dshow-vdev=Game Capture 4K60 Pro MK.2 +:dshow-adev=Game Capture 4K60 Pro MK.2 Audio (Game Capture 4K60 Pro MK.2) +:dshow-aspect-ratio=16:9 +:dshow-chroma=YUY2 +:dshow-fps=0 +:no-dshow-config +:no-dshow-tuner +:live-caching=0 +``` + +Set `live-caching=0` to minimize capture latency. This is useful when OBS's native Game Capture isn't an option (e.g., capturing a separate machine's output through the card). + ## Gotchas & Notes - **Test your stream before going live.** Record a short clip and watch it back. Artifacts in the recording will be worse in the stream. diff --git a/05-troubleshooting/fedora-networking-kernel-recovery.md b/05-troubleshooting/fedora-networking-kernel-recovery.md new file mode 100644 index 0000000..651f958 --- /dev/null +++ b/05-troubleshooting/fedora-networking-kernel-recovery.md @@ -0,0 +1,141 @@ +--- +title: "Fedora Networking & Kernel Troubleshooting" +domain: troubleshooting +category: networking +tags: [fedora, networking, kernel, grub, nmcli, troubleshooting] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- + +# Fedora Networking & Kernel Troubleshooting + +Two common issues on the MajorsHouse Fedora fleet (majorlab, majorhome): network connectivity dropping after updates or reboots, and kernel upgrades that break things. These are the quick fixes and the deeper recovery paths. + +## Networking Drops After Reboot or Update + +### Quick Fix + +If a Fedora box loses network connectivity after a reboot or `dnf upgrade`, NetworkManager may not have brought the connection back up automatically: + +```bash +nmcli connection up "Wired connection 1" +``` + +This re-activates the default wired connection. If the connection name differs on your system: + +```bash +# List all known connections +nmcli connection show + +# Bring up by name +nmcli connection up "your-connection-name" +``` + +### Why This Happens + +- NetworkManager may not auto-activate a connection if it was configured as manual or if the profile was reset during an upgrade. +- Kernel updates can temporarily break network drivers, especially on hardware with out-of-tree modules. The new kernel loads, the old driver doesn't match, and the NIC doesn't come up. +- On headless servers (like majorlab and majorhome), there's no desktop network applet to reconnect — it stays down until you fix it via console or IPMI. + +### Make It Persistent + +Ensure the connection auto-activates on boot: + +```bash +# Check current autoconnect setting +nmcli connection show "Wired connection 1" | grep autoconnect + +# Enable if not set +nmcli connection modify "Wired connection 1" connection.autoconnect yes +``` + +## Kernel Issues — Booting an Older Kernel + +When a new kernel causes problems (network, storage, GPU, or boot failures), boot into the previous working kernel via GRUB. + +### At the GRUB Menu + +1. Reboot the machine. +2. Hold **Shift** (BIOS) or press **Esc** (UEFI) to show the GRUB menu. +3. Select **Advanced options** or an older kernel entry. +4. Boot into the working kernel. + +### From the Command Line (Headless) + +If you have console access but no GRUB menu: + +```bash +# List installed kernels +sudo grubby --info=ALL | grep -E "^(index|kernel|title)" + +# Set the previous kernel as default (by index) +sudo grubby --set-default-index=1 + +# Or set by kernel path +sudo grubby --set-default=/boot/vmlinuz-6.19.9-200.fc43.x86_64 + +# Reboot into it +sudo reboot +``` + +### Remove a Bad Kernel + +Once you've confirmed the older kernel works: + +```bash +# Remove the broken kernel +sudo dnf remove kernel-core-6.19.10-200.fc43.x86_64 + +# Verify GRUB updated +sudo grubby --default-kernel +``` + +### Prevent Auto-Updates From Reinstalling It + +If the same kernel version keeps coming back and keeps breaking: + +```bash +# Temporarily exclude it from updates +sudo dnf upgrade --exclude=kernel* + +# Or pin in dnf.conf +echo "excludepkgs=kernel*" | sudo tee -a /etc/dnf/dnf.conf +``` + +Remove the exclusion once a fixed kernel version is released. + +## Quick Diagnostic Commands + +```bash +# Check current kernel +uname -r + +# Check network status +nmcli general status +nmcli device status +ip addr show + +# Check if NetworkManager is running +systemctl status NetworkManager + +# Check recent kernel/network errors +journalctl -b -p err | grep -iE "kernel|network|eth|ens|nm" + +# Check which kernels are installed +rpm -qa kernel-core | sort -V +``` + +## Gotchas & Notes + +- **Always have console access** (IPMI, physical KVM, or Proxmox console) for headless servers before doing kernel updates. If the new kernel breaks networking, SSH won't save you. +- **Fedora keeps 3 kernels by default** (`installonly_limit=3` in `/etc/dnf/dnf.conf`). If you need more fallback options, increase this number before upgrading. +- **Test kernel updates on one server first.** Update majorlab, confirm it survives a reboot, then update majorhome. +- **`grubby` is Fedora's preferred tool** for managing GRUB entries. Avoid editing `grub.cfg` directly. + +Reference: [Fedora — Working with the GRUB 2 Boot Loader](https://docs.fedoraproject.org/en-US/fedora/latest/system-administrators-guide/kernel-module-driver-configuration/Working_with_the_GRUB_2_Boot_Loader/) + +## See Also + +- [[docker-caddy-selinux-post-reboot-recovery]] +- [[managing-linux-services-systemd-ansible]] diff --git a/README.md b/README.md index 68101e3..67215e6 100644 --- a/README.md +++ b/README.md @@ -2,18 +2,18 @@ > A growing reference of Linux, self-hosting, open source, streaming, and troubleshooting guides. Written by MajorLinux. Used by MajorTwin. > -**Last updated:** 2026-03-18 -**Article count:** 49 +**Last updated:** 2026-04-02 +**Article count:** 73 ## Domains | Domain | Folder | Articles | |---|---|---| -| 🐧 Linux & Sysadmin | `01-linux/` | 11 | -| 🏠 Self-Hosting & Homelab | `02-selfhosting/` | 11 | -| 🔓 Open Source Tools | `03-opensource/` | 9 | +| 🐧 Linux & Sysadmin | `01-linux/` | 12 | +| 🏠 Self-Hosting & Homelab | `02-selfhosting/` | 20 | +| 🔓 Open Source Tools | `03-opensource/` | 10 | | 🎙️ Streaming & Podcasting | `04-streaming/` | 2 | -| 🔧 General Troubleshooting | `05-troubleshooting/` | 16 | +| 🔧 General Troubleshooting | `05-troubleshooting/` | 26 | --- @@ -37,6 +37,7 @@ ### Storage - [SnapRAID & MergerFS Storage Setup](01-linux/storage/snapraid-mergerfs-setup.md) — Pooling mismatched drives and adding parity on Linux +- [mdadm — Rebuilding a RAID Array After Reinstall](01-linux/storage/mdadm-raid-rebuild.md) — reassembling and recovering mdadm arrays after OS reinstall ### Distro-Specific - [Linux Distro Guide for Beginners](01-linux/distro-specific/linux-distro-guide-beginners.md) — Ubuntu recommendation, distro comparison, desktop environments @@ -52,24 +53,35 @@ - [Self-Hosting Starter Guide](02-selfhosting/docker/self-hosting-starter-guide.md) — hardware options, Docker install, first services, networking basics - [Docker vs VMs for the Homelab](02-selfhosting/docker/docker-vs-vms-homelab.md) — when to use containers vs VMs, KVM setup, how to run both - [Debugging Broken Docker Containers](02-selfhosting/docker/debugging-broken-docker-containers.md) — logs, inspect, exec, port conflicts, permission errors +- [Docker Healthchecks](02-selfhosting/docker/docker-healthchecks.md) — writing and debugging HEALTHCHECK instructions in Docker containers ### Reverse Proxies - [Setting Up Caddy as a Reverse Proxy](02-selfhosting/reverse-proxy/setting-up-caddy-reverse-proxy.md) — Caddyfile basics, automatic HTTPS, local TLS, DNS challenge ### DNS & Networking - [Tailscale for Homelab Remote Access](02-selfhosting/dns-networking/tailscale-homelab-remote-access.md) — installation, MagicDNS, making services accessible, subnet router, ACLs +- [Network Overview](02-selfhosting/dns-networking/network-overview.md) — MajorsHouse network topology, Tailscale IPs, and connectivity map ### Storage & Backup -- [rsync Backup Patterns](02-selfhosting/storage-backup/rsync-backup-patterns.md) — flags reference, remote backup, incremental with hard links, cron/systemd +- [rsync Backup Patterns](02-selfhosting/storage-backup/rsync-backup-patterns.md) — flags reference, remote backup, incremental with hard links, Glacier Deep Archive ### Monitoring - [Tuning Netdata Web Log Alerts](02-selfhosting/monitoring/tuning-netdata-web-log-alerts.md) — tuning web_log_1m_redirects threshold for HTTPS-forcing servers - [Tuning Netdata Docker Health Alarms](02-selfhosting/monitoring/netdata-docker-health-alarm-tuning.md) — preventing false alerts during nightly Nextcloud AIO container update cycles - [Deploying Netdata to a New Server](02-selfhosting/monitoring/netdata-new-server-setup.md) — install, email notifications, and Netdata Cloud claim for Ubuntu/Debian servers +- [Netdata + n8n Enriched Alert Emails](02-selfhosting/monitoring/netdata-n8n-enriched-alerts.md) — rich HTML alert emails with remediation steps and wiki links via n8n +- [Netdata SELinux AVC Denial Monitoring](02-selfhosting/monitoring/netdata-selinux-avc-chart.md) — custom Netdata chart for tracking SELinux AVC denials ### Security -- [Linux Server Hardening Checklist](02-selfhosting/security/linux-server-hardening-checklist.md) — non-root user, SSH key auth, sshd_config, firewall, fail2ban +- [Linux Server Hardening Checklist](02-selfhosting/security/linux-server-hardening-checklist.md) — non-root user, SSH key auth, sshd_config, firewall, fail2ban, SpamAssassin - [Standardizing unattended-upgrades with Ansible](02-selfhosting/security/ansible-unattended-upgrades-fleet.md) — fleet-wide automatic security updates across Ubuntu servers +- [Fail2ban Custom Jail: Apache 404 Scanner Detection](02-selfhosting/security/fail2ban-apache-404-scanner-jail.md) — custom filter and jail for blocking 404 scanners +- [SELinux: Fixing Fail2ban grep execmem Denial](02-selfhosting/security/selinux-fail2ban-execmem-fix.md) — resolving execmem AVC denials from Fail2ban's grep on Fedora +- [UFW Firewall Management](02-selfhosting/security/ufw-firewall-management.md) — managing UFW rules, common patterns, troubleshooting + +### Services +- [Updating n8n Running in Docker](02-selfhosting/services/updating-n8n-docker.md) — pinned version updates, password reset, Arcane timing gaps +- [Mastodon Instance Tuning](02-selfhosting/services/mastodon-instance-tuning.md) — character limit increase, media cache management for self-hosted Mastodon --- @@ -87,6 +99,7 @@ - [tmux: Persistent Terminal Sessions](03-opensource/dev-tools/tmux.md) — detachable sessions for long-running jobs over SSH - [screen: Simple Persistent Sessions](03-opensource/dev-tools/screen.md) — lightweight terminal multiplexer, universally available - [rsync: Fast, Resumable File Transfers](03-opensource/dev-tools/rsync.md) — incremental file sync locally and over SSH, survives interruptions +- [Ventoy: Multi-Boot USB Tool](03-opensource/dev-tools/ventoy.md) — drop ISOs on a USB drive and boot any of them, no reflashing ### Privacy & Security - [Vaultwarden: Self-Hosted Password Manager](03-opensource/privacy-security/vaultwarden.md) — Bitwarden-compatible server in a single Docker container, passwords stay on your hardware @@ -111,9 +124,14 @@ - [Apache Outage: Fail2ban Self-Ban + Missing iptables Rules](05-troubleshooting/networking/fail2ban-self-ban-apache-outage.md) — diagnosing and fixing Apache outages caused by missing firewall rules and Fail2ban self-bans - [Mail Client Stops Receiving: Fail2ban IMAP Self-Ban](05-troubleshooting/networking/fail2ban-imap-self-ban-mail-client.md) — diagnosing why one device stops receiving email when the mail server is healthy - [firewalld: Mail Ports Wiped After Reload](05-troubleshooting/networking/firewalld-mail-ports-reset.md) — recovering IMAP and webmail after firewalld reload drops all mail service rules +- [Fail2ban & UFW Rule Bloat: 30k Rules Slowing Down a VPS](05-troubleshooting/networking/fail2ban-ufw-rule-bloat-cleanup.md) — diagnosing and cleaning up massive nftables/UFW rule accumulation +- [Tailscale SSH: Unexpected Re-Authentication Prompt](05-troubleshooting/networking/tailscale-ssh-reauth-prompt.md) — resolving unexpected re-auth prompts on Tailscale SSH connections - [Docker & Caddy Recovery After Reboot (Fedora + SELinux)](05-troubleshooting/docker-caddy-selinux-post-reboot-recovery.md) — fixing docker.socket, SELinux port blocks, and httpd_can_network_connect after reboot +- [n8n Behind Reverse Proxy: X-Forwarded-For Trust Fix](05-troubleshooting/docker/n8n-proxy-trust-x-forwarded-for.md) — fixing webhook failures caused by missing proxy trust configuration +- [Nextcloud AIO Container Unhealthy for 20 Hours](05-troubleshooting/docker/nextcloud-aio-unhealthy-20h-stuck.md) — diagnosing stuck Nextcloud AIO containers after nightly update cycles - [ISP SNI Filtering with Caddy](05-troubleshooting/isp-sni-filtering-caddy.md) — troubleshooting why wiki.majorshouse.com was blocked by Google Fiber - [Obsidian Cache Hang Recovery](05-troubleshooting/obsidian-cache-hang-recovery.md) — resolving "Loading cache" hang in Obsidian by cleaning Electron app data and ML artifacts +- [macOS Repeating Alert Tone from Mirrored Notification](05-troubleshooting/macos-mirrored-notification-alert-loop.md) — stopping alert tone loops from mirrored iPhone notifications on Mac - [Qwen2.5-14B OOM on RTX 3080 Ti (12GB)](05-troubleshooting/gpu-display/qwen-14b-oom-3080ti.md) — fixes and alternatives when hitting VRAM limits during fine-tuning - [yt-dlp YouTube JS Challenge Fix on Fedora](05-troubleshooting/yt-dlp-fedora-js-challenge.md) — fixing YouTube JS challenge solver errors and missing formats on Fedora - [Gemini CLI Manual Update](05-troubleshooting/gemini-cli-manual-update.md) — how to manually update the Gemini CLI when automatic updates fail @@ -123,6 +141,12 @@ - [mdadm RAID Recovery After USB Hub Disconnect](05-troubleshooting/storage/mdadm-usb-hub-disconnect-recovery.md) — diagnosing and recovering a failed mdadm array caused by a USB hub dropout - [Windows OpenSSH Server (sshd) Stops After Reboot](05-troubleshooting/networking/windows-sshd-stops-after-reboot.md) — fixing sshd not running after reboot due to Manual startup type - [Ollama Drops Off Tailscale When Mac Sleeps](05-troubleshooting/ollama-macos-sleep-tailscale-disconnect.md) — keeping Ollama reachable over Tailscale by disabling macOS sleep on AC power +- [Ansible: Vault Password File Not Found](05-troubleshooting/ansible-vault-password-file-missing.md) — fixing the missing vault_pass file error when running ansible-playbook +- [Ansible SSH Timeout During dnf upgrade](05-troubleshooting/ansible-ssh-timeout-dnf-upgrade.md) — preventing SSH timeouts during long-running dnf upgrades on Fedora +- [Fedora Networking & Kernel Troubleshooting](05-troubleshooting/fedora-networking-kernel-recovery.md) — nmcli quick fix, GRUB kernel rollback, and recovery for Fedora fleet +- [Custom Fail2ban Jail: Apache Directory Scanning](05-troubleshooting/security/apache-dirscan-fail2ban-jail.md) — blocking directory scanners and junk HTTP methods +- [ClamAV Safe Scheduling on Live Servers](05-troubleshooting/security/clamscan-cpu-spike-nice-ionice.md) — preventing clamscan CPU spikes with nice and ionice +- [Systemd Session Scope Fails at Login](05-troubleshooting/systemd/session-scope-failure-at-login.md) — fixing session-cN.scope failures during login --- @@ -130,6 +154,10 @@ | Date | Article | Domain | |---|---|---| +| 2026-04-02 | [Mastodon Instance Tuning](02-selfhosting/services/mastodon-instance-tuning.md) | Self-Hosting | +| 2026-04-02 | [mdadm — Rebuilding a RAID Array After Reinstall](01-linux/storage/mdadm-raid-rebuild.md) | Linux | +| 2026-04-02 | [Fedora Networking & Kernel Troubleshooting](05-troubleshooting/fedora-networking-kernel-recovery.md) | Troubleshooting | +| 2026-04-02 | [Ventoy: Multi-Boot USB Tool](03-opensource/dev-tools/ventoy.md) | Open Source | | 2026-03-18 | [Deploying Netdata to a New Server](02-selfhosting/monitoring/netdata-new-server-setup.md) | Self-Hosting | | 2026-03-18 | [Tuning Netdata Docker Health Alarms](02-selfhosting/monitoring/netdata-docker-health-alarm-tuning.md) | Self-Hosting | | 2026-03-17 | [Ollama Drops Off Tailscale When Mac Sleeps](05-troubleshooting/ollama-macos-sleep-tailscale-disconnect.md) | Troubleshooting | diff --git a/SUMMARY.md b/SUMMARY.md index b9bf151..39e717e 100644 --- a/SUMMARY.md +++ b/SUMMARY.md @@ -7,6 +7,7 @@ * [Ansible Getting Started](01-linux/shell-scripting/ansible-getting-started.md) * [Bash Scripting Patterns](01-linux/shell-scripting/bash-scripting-patterns.md) * [SnapRAID & MergerFS Storage Setup](01-linux/storage/snapraid-mergerfs-setup.md) + * [mdadm — Rebuilding a RAID Array After Reinstall](01-linux/storage/mdadm-raid-rebuild.md) * [Linux Distro Guide for Beginners](01-linux/distro-specific/linux-distro-guide-beginners.md) * [WSL2 Instance Migration to Fedora 43](01-linux/distro-specific/wsl2-instance-migration-fedora43.md) * [WSL2 Training Environment Rebuild](01-linux/distro-specific/wsl2-rebuild-fedora43-training-env.md) @@ -18,6 +19,7 @@ * [Docker Healthchecks](02-selfhosting/docker/docker-healthchecks.md) * [Setting Up Caddy as a Reverse Proxy](02-selfhosting/reverse-proxy/setting-up-caddy-reverse-proxy.md) * [Tailscale for Homelab Remote Access](02-selfhosting/dns-networking/tailscale-homelab-remote-access.md) + * [Network Overview](02-selfhosting/dns-networking/network-overview.md) * [rsync Backup Patterns](02-selfhosting/storage-backup/rsync-backup-patterns.md) * [Tuning Netdata Web Log Alerts](02-selfhosting/monitoring/tuning-netdata-web-log-alerts.md) * [Tuning Netdata Docker Health Alarms](02-selfhosting/monitoring/netdata-docker-health-alarm-tuning.md) @@ -25,6 +27,7 @@ * [Netdata SELinux AVC Denial Monitoring](02-selfhosting/monitoring/netdata-selinux-avc-chart.md) * [Netdata n8n Enriched Alert Emails](02-selfhosting/monitoring/netdata-n8n-enriched-alerts.md) * [Updating n8n Running in Docker](02-selfhosting/services/updating-n8n-docker.md) + * [Mastodon Instance Tuning](02-selfhosting/services/mastodon-instance-tuning.md) * [Linux Server Hardening Checklist](02-selfhosting/security/linux-server-hardening-checklist.md) * [Standardizing unattended-upgrades with Ansible](02-selfhosting/security/ansible-unattended-upgrades-fleet.md) * [Fail2ban Custom Jail: Apache 404 Scanner Detection](02-selfhosting/security/fail2ban-apache-404-scanner-jail.md) @@ -38,6 +41,7 @@ * [tmux: Persistent Terminal Sessions](03-opensource/dev-tools/tmux.md) * [screen: Simple Persistent Sessions](03-opensource/dev-tools/screen.md) * [rsync: Fast, Resumable File Transfers](03-opensource/dev-tools/rsync.md) + * [Ventoy: Multi-Boot USB Tool](03-opensource/dev-tools/ventoy.md) * [Vaultwarden: Self-Hosted Password Manager](03-opensource/privacy-security/vaultwarden.md) * [yt-dlp: Video Downloading](03-opensource/media-creative/yt-dlp.md) * [Streaming & Podcasting](04-streaming/index.md) @@ -68,3 +72,5 @@ * [ClamAV CPU Spike: Safe Scheduling with nice/ionice](05-troubleshooting/security/clamscan-cpu-spike-nice-ionice.md) * [Ansible: Vault Password File Not Found](05-troubleshooting/ansible-vault-password-file-missing.md) * [Ansible: SSH Timeout During dnf upgrade on Fedora Hosts](05-troubleshooting/ansible-ssh-timeout-dnf-upgrade.md) + * [Fedora Networking & Kernel Troubleshooting](05-troubleshooting/fedora-networking-kernel-recovery.md) + * [Systemd Session Scope Fails at Login](05-troubleshooting/systemd/session-scope-failure-at-login.md) diff --git a/index.md b/index.md index 6e06b98..e0d30b9 100644 --- a/index.md +++ b/index.md @@ -2,18 +2,18 @@ > A growing reference of Linux, self-hosting, open source, streaming, and troubleshooting guides. Written by MajorLinux. Used by MajorTwin. > -> **Last updated:** 2026-03-27 -> **Article count:** 53 +> **Last updated:** 2026-04-02 +> **Article count:** 73 ## Domains | Domain | Folder | Articles | |---|---|---| -| 🐧 Linux & Sysadmin | `01-linux/` | 11 | -| 🏠 Self-Hosting & Homelab | `02-selfhosting/` | 11 | -| 🔓 Open Source Tools | `03-opensource/` | 9 | +| 🐧 Linux & Sysadmin | `01-linux/` | 12 | +| 🏠 Self-Hosting & Homelab | `02-selfhosting/` | 20 | +| 🔓 Open Source Tools | `03-opensource/` | 10 | | 🎙️ Streaming & Podcasting | `04-streaming/` | 2 | -| 🔧 General Troubleshooting | `05-troubleshooting/` | 17 | +| 🔧 General Troubleshooting | `05-troubleshooting/` | 26 | --- @@ -38,6 +38,7 @@ ### Storage - [SnapRAID & MergerFS Storage Setup](01-linux/storage/snapraid-mergerfs-setup.md) — Pooling mismatched drives and adding parity on Linux +- [mdadm — Rebuilding a RAID Array After Reinstall](01-linux/storage/mdadm-raid-rebuild.md) — reassembling and recovering mdadm arrays after OS reinstall ### Distro-Specific - [Linux Distro Guide for Beginners](01-linux/distro-specific/linux-distro-guide-beginners.md) — Ubuntu recommendation, distro comparison, desktop environments @@ -53,12 +54,14 @@ - [Self-Hosting Starter Guide](02-selfhosting/docker/self-hosting-starter-guide.md) — hardware options, Docker install, first services, networking basics - [Docker vs VMs for the Homelab](02-selfhosting/docker/docker-vs-vms-homelab.md) — when to use containers vs VMs, KVM setup, how to run both - [Debugging Broken Docker Containers](02-selfhosting/docker/debugging-broken-docker-containers.md) — logs, inspect, exec, port conflicts, permission errors +- [Docker Healthchecks](02-selfhosting/docker/docker-healthchecks.md) — writing and debugging HEALTHCHECK instructions in Docker containers ### Reverse Proxies - [Setting Up Caddy as a Reverse Proxy](02-selfhosting/reverse-proxy/setting-up-caddy-reverse-proxy.md) — Caddyfile basics, automatic HTTPS, local TLS, DNS challenge ### DNS & Networking - [Tailscale for Homelab Remote Access](02-selfhosting/dns-networking/tailscale-homelab-remote-access.md) — installation, MagicDNS, making services accessible, subnet router, ACLs +- [Network Overview](02-selfhosting/dns-networking/network-overview.md) — MajorsHouse network topology, Tailscale IPs, and connectivity map ### Storage & Backup - [rsync Backup Patterns](02-selfhosting/storage-backup/rsync-backup-patterns.md) — flags reference, remote backup, incremental with hard links, cron/systemd @@ -67,10 +70,19 @@ - [Tuning Netdata Web Log Alerts](02-selfhosting/monitoring/tuning-netdata-web-log-alerts.md) — tuning web_log_1m_redirects threshold for HTTPS-forcing servers - [Tuning Netdata Docker Health Alarms](02-selfhosting/monitoring/netdata-docker-health-alarm-tuning.md) — preventing false alerts during nightly Nextcloud AIO container update cycles - [Deploying Netdata to a New Server](02-selfhosting/monitoring/netdata-new-server-setup.md) — install, email notifications, and Netdata Cloud claim for Ubuntu/Debian servers +- [Netdata + n8n Enriched Alert Emails](02-selfhosting/monitoring/netdata-n8n-enriched-alerts.md) — rich HTML alert emails with remediation steps and wiki links via n8n +- [Netdata SELinux AVC Denial Monitoring](02-selfhosting/monitoring/netdata-selinux-avc-chart.md) — custom Netdata chart for tracking SELinux AVC denials ### Security -- [Linux Server Hardening Checklist](02-selfhosting/security/linux-server-hardening-checklist.md) — non-root user, SSH key auth, sshd_config, firewall, fail2ban +- [Linux Server Hardening Checklist](02-selfhosting/security/linux-server-hardening-checklist.md) — non-root user, SSH key auth, sshd_config, firewall, fail2ban, SpamAssassin - [Standardizing unattended-upgrades with Ansible](02-selfhosting/security/ansible-unattended-upgrades-fleet.md) — fleet-wide automatic security updates across Ubuntu servers +- [Fail2ban Custom Jail: Apache 404 Scanner Detection](02-selfhosting/security/fail2ban-apache-404-scanner-jail.md) — custom filter and jail for blocking 404 scanners +- [SELinux: Fixing Fail2ban grep execmem Denial](02-selfhosting/security/selinux-fail2ban-execmem-fix.md) — resolving execmem AVC denials from Fail2ban's grep on Fedora +- [UFW Firewall Management](02-selfhosting/security/ufw-firewall-management.md) — managing UFW rules, common patterns, troubleshooting + +### Services +- [Updating n8n Running in Docker](02-selfhosting/services/updating-n8n-docker.md) — pinned version updates, password reset, Arcane timing gaps +- [Mastodon Instance Tuning](02-selfhosting/services/mastodon-instance-tuning.md) — character limit increase, media cache management for self-hosted Mastodon --- @@ -88,6 +100,7 @@ - [tmux: Persistent Terminal Sessions](03-opensource/dev-tools/tmux.md) — detachable sessions for long-running jobs over SSH - [screen: Simple Persistent Sessions](03-opensource/dev-tools/screen.md) — lightweight terminal multiplexer, universally available - [rsync: Fast, Resumable File Transfers](03-opensource/dev-tools/rsync.md) — incremental file sync locally and over SSH, survives interruptions +- [Ventoy: Multi-Boot USB Tool](03-opensource/dev-tools/ventoy.md) — drop ISOs on a USB drive and boot any of them, no reflashing ### Privacy & Security - [Vaultwarden: Self-Hosted Password Manager](03-opensource/privacy-security/vaultwarden.md) — Bitwarden-compatible server in a single Docker container, passwords stay on your hardware @@ -112,9 +125,14 @@ - [Apache Outage: Fail2ban Self-Ban + Missing iptables Rules](05-troubleshooting/networking/fail2ban-self-ban-apache-outage.md) — diagnosing and fixing Apache outages caused by missing firewall rules and Fail2ban self-bans - [Mail Client Stops Receiving: Fail2ban IMAP Self-Ban](05-troubleshooting/networking/fail2ban-imap-self-ban-mail-client.md) — diagnosing why one device stops receiving email when the mail server is healthy - [firewalld: Mail Ports Wiped After Reload](05-troubleshooting/networking/firewalld-mail-ports-reset.md) — recovering IMAP and webmail after firewalld reload drops all mail service rules +- [Fail2ban & UFW Rule Bloat: 30k Rules Slowing Down a VPS](05-troubleshooting/networking/fail2ban-ufw-rule-bloat-cleanup.md) — diagnosing and cleaning up massive nftables/UFW rule accumulation +- [Tailscale SSH: Unexpected Re-Authentication Prompt](05-troubleshooting/networking/tailscale-ssh-reauth-prompt.md) — resolving unexpected re-auth prompts on Tailscale SSH connections - [Docker & Caddy Recovery After Reboot (Fedora + SELinux)](05-troubleshooting/docker-caddy-selinux-post-reboot-recovery.md) — fixing docker.socket, SELinux port blocks, and httpd_can_network_connect after reboot +- [n8n Behind Reverse Proxy: X-Forwarded-For Trust Fix](05-troubleshooting/docker/n8n-proxy-trust-x-forwarded-for.md) — fixing webhook failures caused by missing proxy trust configuration +- [Nextcloud AIO Container Unhealthy for 20 Hours](05-troubleshooting/docker/nextcloud-aio-unhealthy-20h-stuck.md) — diagnosing stuck Nextcloud AIO containers after nightly update cycles - [ISP SNI Filtering with Caddy](05-troubleshooting/isp-sni-filtering-caddy.md) — troubleshooting why wiki.majorshouse.com was blocked by Google Fiber - [Obsidian Cache Hang Recovery](05-troubleshooting/obsidian-cache-hang-recovery.md) — resolving "Loading cache" hang in Obsidian by cleaning Electron app data and ML artifacts +- [macOS Repeating Alert Tone from Mirrored Notification](05-troubleshooting/macos-mirrored-notification-alert-loop.md) — stopping alert tone loops from mirrored iPhone notifications on Mac - [Qwen2.5-14B OOM on RTX 3080 Ti (12GB)](05-troubleshooting/gpu-display/qwen-14b-oom-3080ti.md) — fixes and alternatives when hitting VRAM limits during fine-tuning - [yt-dlp YouTube JS Challenge Fix on Fedora](05-troubleshooting/yt-dlp-fedora-js-challenge.md) — fixing YouTube JS challenge solver errors and missing formats on Fedora - [Gemini CLI Manual Update](05-troubleshooting/gemini-cli-manual-update.md) — how to manually update the Gemini CLI when automatic updates fail @@ -125,6 +143,11 @@ - [Windows OpenSSH Server (sshd) Stops After Reboot](05-troubleshooting/networking/windows-sshd-stops-after-reboot.md) — fixing sshd not running after reboot due to Manual startup type - [Ollama Drops Off Tailscale When Mac Sleeps](05-troubleshooting/ollama-macos-sleep-tailscale-disconnect.md) — keeping Ollama reachable over Tailscale by disabling macOS sleep on AC power - [Ansible: Vault Password File Not Found](05-troubleshooting/ansible-vault-password-file-missing.md) — fixing the missing vault_pass file error when running ansible-playbook +- [Ansible SSH Timeout During dnf upgrade](05-troubleshooting/ansible-ssh-timeout-dnf-upgrade.md) — preventing SSH timeouts during long-running dnf upgrades on Fedora +- [Fedora Networking & Kernel Troubleshooting](05-troubleshooting/fedora-networking-kernel-recovery.md) — nmcli quick fix, GRUB kernel rollback, and recovery for Fedora fleet +- [Custom Fail2ban Jail: Apache Directory Scanning](05-troubleshooting/security/apache-dirscan-fail2ban-jail.md) — blocking directory scanners and junk HTTP methods +- [ClamAV Safe Scheduling on Live Servers](05-troubleshooting/security/clamscan-cpu-spike-nice-ionice.md) — preventing clamscan CPU spikes with nice and ionice +- [Systemd Session Scope Fails at Login](05-troubleshooting/systemd/session-scope-failure-at-login.md) — fixing session-cN.scope failures during login --- @@ -133,10 +156,15 @@ | Date | Article | Domain | |---|---|---| -<<<<<<< HEAD +| 2026-04-02 | [Mastodon Instance Tuning](02-selfhosting/services/mastodon-instance-tuning.md) | Self-Hosting | +| 2026-04-02 | [mdadm — Rebuilding a RAID Array After Reinstall](01-linux/storage/mdadm-raid-rebuild.md) | Linux | +| 2026-04-02 | [Fedora Networking & Kernel Troubleshooting](05-troubleshooting/fedora-networking-kernel-recovery.md) | Troubleshooting | +| 2026-04-02 | [Ventoy: Multi-Boot USB Tool](03-opensource/dev-tools/ventoy.md) | Open Source | +| 2026-04-02 | [rsync Backup Patterns](02-selfhosting/storage-backup/rsync-backup-patterns.md) (updated — Glacier Deep Archive) | Self-Hosting | +| 2026-04-02 | [yt-dlp: Video Downloading](03-opensource/media-creative/yt-dlp.md) (updated — subtitles, temp fix) | Open Source | +| 2026-04-02 | [OBS Studio Setup & Encoding](04-streaming/obs/obs-studio-setup-encoding.md) (updated — captions plugin, VLC capture) | Streaming | +| 2026-04-02 | [Linux Server Hardening Checklist](02-selfhosting/security/linux-server-hardening-checklist.md) (updated — SpamAssassin) | Self-Hosting | | 2026-03-23 | [Ansible: Vault Password File Not Found](05-troubleshooting/ansible-vault-password-file-missing.md) | Troubleshooting | -======= ->>>>>>> 335c4b57f20799b3a968460f4f6aa17a8b706fdc | 2026-03-18 | [Deploying Netdata to a New Server](02-selfhosting/monitoring/netdata-new-server-setup.md) | Self-Hosting | | 2026-03-18 | [Tuning Netdata Docker Health Alarms](02-selfhosting/monitoring/netdata-docker-health-alarm-tuning.md) | Self-Hosting | | 2026-03-17 | [Ollama Drops Off Tailscale When Mac Sleeps](05-troubleshooting/ollama-macos-sleep-tailscale-disconnect.md) | Troubleshooting |