diff --git a/01-linux/distro-specific/linux-distro-guide-beginners.md b/01-linux/distro-specific/linux-distro-guide-beginners.md index afff04a..df9c356 100644 --- a/01-linux/distro-specific/linux-distro-guide-beginners.md +++ b/01-linux/distro-specific/linux-distro-guide-beginners.md @@ -86,5 +86,5 @@ Be specific when asking for help. Include your distro and version, what you trie ## See Also -- [[wsl2-instance-migration-fedora43]] -- [[managing-linux-services-systemd-ansible]] +- [wsl2-instance-migration-fedora43](wsl2-instance-migration-fedora43.md) +- [managing-linux-services-systemd-ansible](../process-management/managing-linux-services-systemd-ansible.md) diff --git a/01-linux/distro-specific/wsl2-backup-powershell.md b/01-linux/distro-specific/wsl2-backup-powershell.md index d8c83a9..cc0286b 100644 --- a/01-linux/distro-specific/wsl2-backup-powershell.md +++ b/01-linux/distro-specific/wsl2-backup-powershell.md @@ -72,7 +72,7 @@ wsl --unregister FedoraLinux-43 wsl --import FedoraLinux-43 D:\WSL\Fedora43 D:\WSL\Backups\FedoraLinux-43-YYYY-MM-DD.tar ``` -Then fix the default user — after import WSL resets to root. See [[wsl2-instance-migration-fedora43|WSL2 Instance Migration]] for the `/etc/wsl.conf` fix. +Then fix the default user — after import WSL resets to root. See [WSL2 Instance Migration](wsl2-instance-migration-fedora43.md) for the `/etc/wsl.conf` fix. ## Gotchas @@ -82,5 +82,5 @@ Then fix the default user — after import WSL resets to root. See [[wsl2-instan ## See Also -- [[wsl2-instance-migration-fedora43|WSL2 Instance Migration]] -- [[wsl2-rebuild-fedora43-training-env|WSL2 Training Environment Rebuild]] +- [WSL2 Instance Migration](wsl2-instance-migration-fedora43.md) +- [WSL2 Training Environment Rebuild](wsl2-rebuild-fedora43-training-env.md) diff --git a/01-linux/distro-specific/wsl2-instance-migration-fedora43.md b/01-linux/distro-specific/wsl2-instance-migration-fedora43.md index 4c4d9af..0929dfb 100644 --- a/01-linux/distro-specific/wsl2-instance-migration-fedora43.md +++ b/01-linux/distro-specific/wsl2-instance-migration-fedora43.md @@ -97,5 +97,5 @@ alias clean='sudo dnf clean all' ## See Also -- [[Managing disk space on MajorRig]] -- [[Unsloth QLoRA fine-tuning setup]] +- Managing disk space on MajorRig +- Unsloth QLoRA fine-tuning setup diff --git a/01-linux/distro-specific/wsl2-rebuild-fedora43-training-env.md b/01-linux/distro-specific/wsl2-rebuild-fedora43-training-env.md index b073d14..950c1bf 100644 --- a/01-linux/distro-specific/wsl2-rebuild-fedora43-training-env.md +++ b/01-linux/distro-specific/wsl2-rebuild-fedora43-training-env.md @@ -199,5 +199,5 @@ D:\WSL\ ## See Also -- [[wsl2-instance-migration-fedora43|WSL2 Instance Migration]] -- [[wsl2-backup-powershell|WSL2 Backup via PowerShell]] +- [WSL2 Instance Migration](wsl2-instance-migration-fedora43.md) +- [WSL2 Backup via PowerShell](wsl2-backup-powershell.md) diff --git a/01-linux/files-permissions/linux-file-permissions.md b/01-linux/files-permissions/linux-file-permissions.md index cd236d1..b6e537d 100644 --- a/01-linux/files-permissions/linux-file-permissions.md +++ b/01-linux/files-permissions/linux-file-permissions.md @@ -152,6 +152,6 @@ find /var/www/html -type d -exec chmod 755 {} \; ## See Also -- [[linux-server-hardening-checklist]] -- [[ssh-config-key-management]] -- [[bash-scripting-patterns]] +- [linux-server-hardening-checklist](../../02-selfhosting/security/linux-server-hardening-checklist.md) +- [ssh-config-key-management](../networking/ssh-config-key-management.md) +- [bash-scripting-patterns](../shell-scripting/bash-scripting-patterns.md) diff --git a/01-linux/networking/ssh-config-key-management.md b/01-linux/networking/ssh-config-key-management.md index 18bb30a..e4c0166 100644 --- a/01-linux/networking/ssh-config-key-management.md +++ b/01-linux/networking/ssh-config-key-management.md @@ -131,5 +131,5 @@ If key auth isn't working and the config looks right, permissions are the first ## See Also -- [[linux-server-hardening-checklist]] -- [[managing-linux-services-systemd-ansible]] +- [linux-server-hardening-checklist](../../02-selfhosting/security/linux-server-hardening-checklist.md) +- [managing-linux-services-systemd-ansible](../process-management/managing-linux-services-systemd-ansible.md) diff --git a/01-linux/packages/package-management-reference.md b/01-linux/packages/package-management-reference.md index db55e7d..291693a 100644 --- a/01-linux/packages/package-management-reference.md +++ b/01-linux/packages/package-management-reference.md @@ -168,5 +168,5 @@ Flatpak is what I prefer — better sandboxing story, Flathub has most things yo ## See Also -- [[linux-distro-guide-beginners]] -- [[linux-server-hardening-checklist]] +- [linux-distro-guide-beginners](../distro-specific/linux-distro-guide-beginners.md) +- [linux-server-hardening-checklist](../../02-selfhosting/security/linux-server-hardening-checklist.md) diff --git a/01-linux/process-management/managing-linux-services-systemd-ansible.md b/01-linux/process-management/managing-linux-services-systemd-ansible.md index 84fca2a..c47545d 100644 --- a/01-linux/process-management/managing-linux-services-systemd-ansible.md +++ b/01-linux/process-management/managing-linux-services-systemd-ansible.md @@ -146,5 +146,5 @@ ansible-playbook -i inventory.ini manage-services.yml ## See Also -- [[wsl2-instance-migration-fedora43]] -- [[tuning-netdata-web-log-alerts]] +- [wsl2-instance-migration-fedora43](../distro-specific/wsl2-instance-migration-fedora43.md) +- [tuning-netdata-web-log-alerts](../../02-selfhosting/monitoring/tuning-netdata-web-log-alerts.md) diff --git a/01-linux/shell-scripting/ansible-getting-started.md b/01-linux/shell-scripting/ansible-getting-started.md index 697e37d..562d278 100644 --- a/01-linux/shell-scripting/ansible-getting-started.md +++ b/01-linux/shell-scripting/ansible-getting-started.md @@ -204,5 +204,5 @@ Roles keep things organized and reusable across projects. ## See Also -- [[managing-linux-services-systemd-ansible]] -- [[linux-server-hardening-checklist]] +- [managing-linux-services-systemd-ansible](../process-management/managing-linux-services-systemd-ansible.md) +- [linux-server-hardening-checklist](../../02-selfhosting/security/linux-server-hardening-checklist.md) diff --git a/01-linux/shell-scripting/bash-scripting-patterns.md b/01-linux/shell-scripting/bash-scripting-patterns.md index 7401eae..a40a00c 100644 --- a/01-linux/shell-scripting/bash-scripting-patterns.md +++ b/01-linux/shell-scripting/bash-scripting-patterns.md @@ -211,5 +211,5 @@ retry 3 10 curl -f https://example.com/health ## See Also -- [[ansible-getting-started]] -- [[managing-linux-services-systemd-ansible]] +- [ansible-getting-started](ansible-getting-started.md) +- [managing-linux-services-systemd-ansible](../process-management/managing-linux-services-systemd-ansible.md) diff --git a/01-linux/storage/mdadm-raid-rebuild.md b/01-linux/storage/mdadm-raid-rebuild.md index 99edc86..3d0d0cd 100644 --- a/01-linux/storage/mdadm-raid-rebuild.md +++ b/01-linux/storage/mdadm-raid-rebuild.md @@ -109,5 +109,5 @@ Reference: [mdadm — How to rebuild RAID array after fresh install (Unix & Linu ## See Also -- [[snapraid-mergerfs-setup]] -- [[rsync-backup-patterns]] +- [snapraid-mergerfs-setup](snapraid-mergerfs-setup.md) +- [rsync-backup-patterns](../../02-selfhosting/storage-backup/rsync-backup-patterns.md) diff --git a/01-linux/storage/snapraid-mergerfs-setup.md b/01-linux/storage/snapraid-mergerfs-setup.md index 9038344..d7d2837 100644 --- a/01-linux/storage/snapraid-mergerfs-setup.md +++ b/01-linux/storage/snapraid-mergerfs-setup.md @@ -1,3 +1,12 @@ +--- +title: "SnapRAID & MergerFS Storage Setup" +domain: linux +category: storage +tags: [snapraid, mergerfs, storage, parity, raid, majorraid] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # SnapRAID & MergerFS Storage Setup ## Problem @@ -16,19 +25,24 @@ A combination of **MergerFS** for pooling and **SnapRAID** for parity. This is i ### 2. Implementation Strategy 1. **Clean the Pool:** Use `rmlint` to clear duplicates and reclaim space. -2. **Identify the Parity Drive:** Choose your largest drive (or one equal to the largest data drive) to hold the parity information. In my setup, `/mnt/usb` (sdc) was cleared of 4TB of duplicates to be repurposed for this. -3. **Configure MergerFS:** Pool the data drives (e.g., `/mnt/disk1`, `/mnt/disk2`) into `/storage`. +2. **Identify the Parity Drive:** Choose your largest drive (or one equal to the largest data drive) to hold the parity information. +3. **Configure MergerFS:** Pool the data drives into a single mount point. 4. **Configure SnapRAID:** Point SnapRAID to the data drives and the parity drive. ### 3. MergerFS Config (/etc/fstab) +On majorhome, the pool mounts three ext4 drives to `/majorRAID`: + ```fstab -# Example MergerFS pool -/mnt/disk*:/mnt/usb-data /storage fuse.mergerfs defaults,allow_other,cache.files=off,use_ino,category.create=mfs,minfreespace=20G,fsname=mergerfsPool 0 0 +/mnt/disk1:/mnt/disk2:/mnt/disk3 /majorRAID fuse.mergerfs defaults,allow_other,cache.files=off,use_ino,category.create=mfs,minfreespace=20G,fsname=mergerfsPool 0 0 ``` +Adjust the source paths and mount point to match your setup. Each `/mnt/diskN` is an individual ext4 drive mounted separately — MergerFS unions them into the single `/majorRAID` path. + ### 4. SnapRAID Config (/etc/snapraid.conf) +> **Note:** SnapRAID is not yet active on majorhome — a 12TB parity drive purchase is deferred. The config below is the planned setup. + ```conf # Parity file location parity /mnt/parity/snapraid.parity @@ -37,9 +51,11 @@ parity /mnt/parity/snapraid.parity content /var/snapraid/snapraid.content content /mnt/disk1/.snapraid.content content /mnt/disk2/.snapraid.content +content /mnt/disk3/.snapraid.content data d1 /mnt/disk1/ data d2 /mnt/disk2/ +data d3 /mnt/disk3/ # Exclusions exclude /lost+found/ diff --git a/02-selfhosting/dns-networking/network-overview.md b/02-selfhosting/dns-networking/network-overview.md index f2c9827..427165d 100644 --- a/02-selfhosting/dns-networking/network-overview.md +++ b/02-selfhosting/dns-networking/network-overview.md @@ -1,21 +1,30 @@ +--- +title: "Network Overview" +domain: selfhosting +category: dns-networking +tags: [tailscale, networking, infrastructure, dns, vpn] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # 🌐 Network Overview -The **[[MajorInfrastructure|MajorsHouse]]** infrastructure is connected via a private **[[Network Overview#Tailscale|Tailscale]]** mesh network. This allows secure, peer-to-peer communication between devices across different geographic locations (US and UK) without exposing services to the public internet. +The **MajorsHouse** infrastructure is connected via a private **Tailscale** mesh network. This allows secure, peer-to-peer communication between devices across different geographic locations (US and UK) without exposing services to the public internet. ## 🏛️ Infrastructure Summary - **Address Space:** 100.x.x.x (Tailscale CGNAT) -- **Management:** Centralized via **[[Network Overview#Ansible|Ansible]]** (`MajorAnsible` repo) +- **Management:** Centralized via **Ansible** (`MajorAnsible` repo) - **Host Groupings:** Functional (web, mail, homelab, bots), OS (Fedora, Ubuntu), and Location (US, UK). ## 🌍 Geographic Nodes | Host | Location | IP | OS | |---|---|---|---| -| `[[dcaprod|dcaprod]]` | 🇺🇸 US | 100.104.11.146 | Ubuntu 24.04 | -| `[[majortoot|majortoot]]` | 🇺🇸 US | 100.110.197.17 | Ubuntu 24.04 | -| `[[majorhome|majorhome]]` | 🇺🇸 US | 100.120.209.106 | Fedora 43 | -| `[[teelia|teelia]]` | 🇬🇧 UK | 100.120.32.69 | Ubuntu 24.04 | +| `dcaprod` | 🇺🇸 US | 100.104.11.146 | Ubuntu 24.04 | +| `majortoot` | 🇺🇸 US | 100.110.197.17 | Ubuntu 24.04 | +| `majorhome` | 🇺🇸 US | 100.120.209.106 | Fedora 43 | +| `teelia` | 🇬🇧 UK | 100.120.32.69 | Ubuntu 24.04 | ## 🔗 Tailscale Setup diff --git a/02-selfhosting/dns-networking/tailscale-homelab-remote-access.md b/02-selfhosting/dns-networking/tailscale-homelab-remote-access.md index 7c57862..2865bb2 100644 --- a/02-selfhosting/dns-networking/tailscale-homelab-remote-access.md +++ b/02-selfhosting/dns-networking/tailscale-homelab-remote-access.md @@ -140,6 +140,6 @@ Now any device on your home LAN is reachable from anywhere on the tailnet, even ## See Also -- [[self-hosting-starter-guide]] -- [[linux-server-hardening-checklist]] -- [[setting-up-caddy-reverse-proxy]] +- [self-hosting-starter-guide](../docker/self-hosting-starter-guide.md) +- [linux-server-hardening-checklist](../security/linux-server-hardening-checklist.md) +- [setting-up-caddy-reverse-proxy](../reverse-proxy/setting-up-caddy-reverse-proxy.md) diff --git a/02-selfhosting/docker/debugging-broken-docker-containers.md b/02-selfhosting/docker/debugging-broken-docker-containers.md index fb64943..2ff8b1b 100644 --- a/02-selfhosting/docker/debugging-broken-docker-containers.md +++ b/02-selfhosting/docker/debugging-broken-docker-containers.md @@ -164,5 +164,5 @@ Don't jump straight to the nuclear option. Only use `-v` if you want a completel ## See Also -- [[docker-vs-vms-homelab]] -- [[tuning-netdata-web-log-alerts]] +- [docker-vs-vms-homelab](docker-vs-vms-homelab.md) +- [tuning-netdata-web-log-alerts](../monitoring/tuning-netdata-web-log-alerts.md) diff --git a/02-selfhosting/docker/docker-healthchecks.md b/02-selfhosting/docker/docker-healthchecks.md index 0db5929..7ef0080 100644 --- a/02-selfhosting/docker/docker-healthchecks.md +++ b/02-selfhosting/docker/docker-healthchecks.md @@ -153,5 +153,5 @@ healthcheck: ## See Also -- [[debugging-broken-docker-containers]] -- [[netdata-docker-health-alarm-tuning]] +- [debugging-broken-docker-containers](debugging-broken-docker-containers.md) +- [netdata-docker-health-alarm-tuning](../monitoring/netdata-docker-health-alarm-tuning.md) diff --git a/02-selfhosting/docker/docker-vs-vms-homelab.md b/02-selfhosting/docker/docker-vs-vms-homelab.md index f700eca..cec71f2 100644 --- a/02-selfhosting/docker/docker-vs-vms-homelab.md +++ b/02-selfhosting/docker/docker-vs-vms-homelab.md @@ -91,5 +91,5 @@ The two coexist fine on the same host. Docker handles the service layer, KVM han ## See Also -- [[managing-linux-services-systemd-ansible]] -- [[tuning-netdata-web-log-alerts]] +- [managing-linux-services-systemd-ansible](../../01-linux/process-management/managing-linux-services-systemd-ansible.md) +- [tuning-netdata-web-log-alerts](../monitoring/tuning-netdata-web-log-alerts.md) diff --git a/02-selfhosting/docker/self-hosting-starter-guide.md b/02-selfhosting/docker/self-hosting-starter-guide.md index 337baae..4c7b01a 100644 --- a/02-selfhosting/docker/self-hosting-starter-guide.md +++ b/02-selfhosting/docker/self-hosting-starter-guide.md @@ -110,6 +110,6 @@ Tailscale is the easiest and safest starting point for personal use. ## See Also -- [[docker-vs-vms-homelab]] -- [[debugging-broken-docker-containers]] -- [[linux-server-hardening-checklist]] +- [docker-vs-vms-homelab](docker-vs-vms-homelab.md) +- [debugging-broken-docker-containers](debugging-broken-docker-containers.md) +- [linux-server-hardening-checklist](../security/linux-server-hardening-checklist.md) diff --git a/02-selfhosting/monitoring/netdata-n8n-enriched-alerts.md b/02-selfhosting/monitoring/netdata-n8n-enriched-alerts.md index d62b7f1..ff67306 100644 --- a/02-selfhosting/monitoring/netdata-n8n-enriched-alerts.md +++ b/02-selfhosting/monitoring/netdata-n8n-enriched-alerts.md @@ -1,3 +1,12 @@ +--- +title: "Netdata n8n Enriched Alert Emails" +domain: selfhosting +category: monitoring +tags: [netdata, n8n, alerts, email, monitoring, automation] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # Netdata → n8n Enriched Alert Emails **Status:** Live across all MajorsHouse fleet servers as of 2026-03-21 diff --git a/02-selfhosting/monitoring/netdata-selinux-avc-chart.md b/02-selfhosting/monitoring/netdata-selinux-avc-chart.md index 5f65823..f1a3905 100644 --- a/02-selfhosting/monitoring/netdata-selinux-avc-chart.md +++ b/02-selfhosting/monitoring/netdata-selinux-avc-chart.md @@ -134,4 +134,4 @@ done - [Deploying Netdata to a New Server](netdata-new-server-setup.md) - [Tuning Netdata Web Log Alerts](tuning-netdata-web-log-alerts.md) - [Tuning Netdata Docker Health Alarms](netdata-docker-health-alarm-tuning.md) -- [SELinux: Fixing Dovecot Mail Spool Context](/05-troubleshooting/selinux-dovecot-vmail-context.md) +- [SELinux: Fixing Dovecot Mail Spool Context](../../05-troubleshooting/selinux-dovecot-vmail-context.md) diff --git a/02-selfhosting/monitoring/tuning-netdata-web-log-alerts.md b/02-selfhosting/monitoring/tuning-netdata-web-log-alerts.md index a0f9e07..29a681d 100644 --- a/02-selfhosting/monitoring/tuning-netdata-web-log-alerts.md +++ b/02-selfhosting/monitoring/tuning-netdata-web-log-alerts.md @@ -85,4 +85,4 @@ curl -s http://localhost:19999/api/v1/alarms?all | grep -A 15 "web_log_1m_redire ## See Also -- [[Netdata service monitoring]] +- Netdata service monitoring diff --git a/02-selfhosting/reverse-proxy/setting-up-caddy-reverse-proxy.md b/02-selfhosting/reverse-proxy/setting-up-caddy-reverse-proxy.md index 11e320e..d4a5af4 100644 --- a/02-selfhosting/reverse-proxy/setting-up-caddy-reverse-proxy.md +++ b/02-selfhosting/reverse-proxy/setting-up-caddy-reverse-proxy.md @@ -135,6 +135,6 @@ yourdomain.com { ## See Also -- [[self-hosting-starter-guide]] -- [[linux-server-hardening-checklist]] -- [[debugging-broken-docker-containers]] +- [self-hosting-starter-guide](../docker/self-hosting-starter-guide.md) +- [linux-server-hardening-checklist](../security/linux-server-hardening-checklist.md) +- [debugging-broken-docker-containers](../docker/debugging-broken-docker-containers.md) diff --git a/02-selfhosting/security/ansible-unattended-upgrades-fleet.md b/02-selfhosting/security/ansible-unattended-upgrades-fleet.md index 1d40b9d..b17ed57 100644 --- a/02-selfhosting/security/ansible-unattended-upgrades-fleet.md +++ b/02-selfhosting/security/ansible-unattended-upgrades-fleet.md @@ -90,5 +90,5 @@ ansible-playbook update.yml -l dca,majorlinux,majortoot ## See Also -- [[ansible-getting-started|Ansible Getting Started]] -- [[linux-server-hardening-checklist|Linux Server Hardening Checklist]] +- [Ansible Getting Started](../../01-linux/shell-scripting/ansible-getting-started.md) +- [Linux Server Hardening Checklist](linux-server-hardening-checklist.md) diff --git a/02-selfhosting/security/fail2ban-apache-404-scanner-jail.md b/02-selfhosting/security/fail2ban-apache-404-scanner-jail.md index 3041e10..c66e13a 100644 --- a/02-selfhosting/security/fail2ban-apache-404-scanner-jail.md +++ b/02-selfhosting/security/fail2ban-apache-404-scanner-jail.md @@ -1,3 +1,12 @@ +--- +title: "Fail2ban Custom Jail: Apache 404 Scanner Detection" +domain: selfhosting +category: security +tags: [fail2ban, apache, security, scanner, firewall] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # Fail2ban Custom Jail: Apache 404 Scanner Detection ## The Problem diff --git a/02-selfhosting/security/linux-server-hardening-checklist.md b/02-selfhosting/security/linux-server-hardening-checklist.md index 2deefab..5dba47d 100644 --- a/02-selfhosting/security/linux-server-hardening-checklist.md +++ b/02-selfhosting/security/linux-server-hardening-checklist.md @@ -236,5 +236,5 @@ Reference: [sa-learn documentation](https://spamassassin.apache.org/full/3.0.x/d ## See Also -- [[managing-linux-services-systemd-ansible]] -- [[debugging-broken-docker-containers]] +- [managing-linux-services-systemd-ansible](../../01-linux/process-management/managing-linux-services-systemd-ansible.md) +- [debugging-broken-docker-containers](../docker/debugging-broken-docker-containers.md) diff --git a/02-selfhosting/security/selinux-fail2ban-execmem-fix.md b/02-selfhosting/security/selinux-fail2ban-execmem-fix.md index 4d8105e..756343d 100644 --- a/02-selfhosting/security/selinux-fail2ban-execmem-fix.md +++ b/02-selfhosting/security/selinux-fail2ban-execmem-fix.md @@ -1,3 +1,12 @@ +--- +title: "SELinux: Fixing Fail2ban grep execmem Denial on Fedora" +domain: selfhosting +category: security +tags: [selinux, fail2ban, fedora, execmem, security] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # SELinux: Fixing Fail2ban grep execmem Denial on Fedora ## The Problem @@ -82,5 +91,5 @@ Writing the `.te` file manually is more reliable and self-documenting. ## See Also -- [Docker & Caddy Recovery After Reboot (Fedora + SELinux)](../../../05-troubleshooting/docker-caddy-selinux-post-reboot-recovery.md) — another SELinux fix for post-reboot service issues -- [SELinux: Fixing Dovecot Mail Spool Context](../../../05-troubleshooting/selinux-dovecot-vmail-context.md) — custom SELinux context for mail spool +- [Docker & Caddy Recovery After Reboot (Fedora + SELinux)](../../05-troubleshooting/docker-caddy-selinux-post-reboot-recovery.md) — another SELinux fix for post-reboot service issues +- [SELinux: Fixing Dovecot Mail Spool Context](../../05-troubleshooting/selinux-dovecot-vmail-context.md) — custom SELinux context for mail spool diff --git a/02-selfhosting/security/ufw-firewall-management.md b/02-selfhosting/security/ufw-firewall-management.md index 855c1e2..ae9f441 100644 --- a/02-selfhosting/security/ufw-firewall-management.md +++ b/02-selfhosting/security/ufw-firewall-management.md @@ -174,4 +174,4 @@ The Fedora servers (majorlab, majorhome, majormail, majordiscord) use iptables o ## See Also - [Linux Server Hardening Checklist](linux-server-hardening-checklist.md) — initial firewall setup as part of server provisioning -- [Fail2ban & UFW Rule Bloat Cleanup](../../../05-troubleshooting/networking/fail2ban-ufw-rule-bloat-cleanup.md) — what happens when manual blocks get out of hand +- [Fail2ban & UFW Rule Bloat Cleanup](../../05-troubleshooting/networking/fail2ban-ufw-rule-bloat-cleanup.md) — what happens when manual blocks get out of hand diff --git a/02-selfhosting/services/mastodon-instance-tuning.md b/02-selfhosting/services/mastodon-instance-tuning.md index 57dfc4d..41064c1 100644 --- a/02-selfhosting/services/mastodon-instance-tuning.md +++ b/02-selfhosting/services/mastodon-instance-tuning.md @@ -64,5 +64,5 @@ docker exec mastodon-web tootctl media remove --days 7 ## See Also -- [[self-hosting-starter-guide]] -- [[docker-healthchecks]] +- [self-hosting-starter-guide](../docker/self-hosting-starter-guide.md) +- [docker-healthchecks](../docker/docker-healthchecks.md) diff --git a/02-selfhosting/services/updating-n8n-docker.md b/02-selfhosting/services/updating-n8n-docker.md index 2f062ed..0945cff 100644 --- a/02-selfhosting/services/updating-n8n-docker.md +++ b/02-selfhosting/services/updating-n8n-docker.md @@ -61,7 +61,7 @@ docker stop n8n-n8n-1 && docker rm n8n-n8n-1 docker run -d \ --name n8n-n8n-1 \ --restart unless-stopped \ - -p 5678:5678 \ + -p 127.0.0.1:5678:5678 \ -v n8n_n8n_data:/home/node/.n8n \ -e N8N_EDITOR_BASE_URL=https://n8n.majorshouse.com/ \ -e N8N_PORT=5678 \ diff --git a/02-selfhosting/storage-backup/rsync-backup-patterns.md b/02-selfhosting/storage-backup/rsync-backup-patterns.md index 90b9dcf..7249903 100644 --- a/02-selfhosting/storage-backup/rsync-backup-patterns.md +++ b/02-selfhosting/storage-backup/rsync-backup-patterns.md @@ -181,5 +181,5 @@ aws s3 sync /backup/offsite/ s3://your-bucket/offsite/ --storage-class DEEP_ARCH ## See Also -- [[self-hosting-starter-guide]] -- [[bash-scripting-patterns]] +- [self-hosting-starter-guide](../docker/self-hosting-starter-guide.md) +- [bash-scripting-patterns](../../01-linux/shell-scripting/bash-scripting-patterns.md) diff --git a/03-opensource/alternatives/freshrss.md b/03-opensource/alternatives/freshrss.md index 28f894f..0371fa3 100644 --- a/03-opensource/alternatives/freshrss.md +++ b/03-opensource/alternatives/freshrss.md @@ -1,3 +1,12 @@ +--- +title: "FreshRSS — Self-Hosted RSS Reader" +domain: opensource +category: alternatives +tags: [freshrss, rss, self-hosting, docker, privacy] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # FreshRSS — Self-Hosted RSS Reader ## Problem diff --git a/03-opensource/alternatives/gitea.md b/03-opensource/alternatives/gitea.md index 4b4053b..960c985 100644 --- a/03-opensource/alternatives/gitea.md +++ b/03-opensource/alternatives/gitea.md @@ -1,3 +1,12 @@ +--- +title: "Gitea — Self-Hosted Git" +domain: opensource +category: alternatives +tags: [gitea, git, self-hosting, docker, ci-cd] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # Gitea — Self-Hosted Git ## Problem diff --git a/03-opensource/alternatives/searxng.md b/03-opensource/alternatives/searxng.md index aa67381..8cd18a9 100644 --- a/03-opensource/alternatives/searxng.md +++ b/03-opensource/alternatives/searxng.md @@ -1,3 +1,12 @@ +--- +title: "SearXNG — Private Self-Hosted Search" +domain: opensource +category: alternatives +tags: [searxng, search, privacy, self-hosting, docker] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # SearXNG — Private Self-Hosted Search ## Problem diff --git a/03-opensource/dev-tools/rsync.md b/03-opensource/dev-tools/rsync.md index 526e2b8..e94f76f 100644 --- a/03-opensource/dev-tools/rsync.md +++ b/03-opensource/dev-tools/rsync.md @@ -1,3 +1,12 @@ +--- +title: "rsync — Fast, Resumable File Transfers" +domain: opensource +category: dev-tools +tags: [rsync, backup, file-transfer, linux, cli] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # rsync — Fast, Resumable File Transfers ## Problem diff --git a/03-opensource/dev-tools/screen.md b/03-opensource/dev-tools/screen.md index 7a6175c..9dd93a2 100644 --- a/03-opensource/dev-tools/screen.md +++ b/03-opensource/dev-tools/screen.md @@ -1,3 +1,12 @@ +--- +title: "screen — Simple Persistent Terminal Sessions" +domain: opensource +category: dev-tools +tags: [screen, terminal, ssh, linux, cli] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # screen — Simple Persistent Terminal Sessions ## Problem diff --git a/03-opensource/dev-tools/tmux.md b/03-opensource/dev-tools/tmux.md index f0cb634..0c615e4 100644 --- a/03-opensource/dev-tools/tmux.md +++ b/03-opensource/dev-tools/tmux.md @@ -1,3 +1,12 @@ +--- +title: "tmux — Persistent Terminal Sessions" +domain: opensource +category: dev-tools +tags: [tmux, terminal, ssh, multiplexer, linux] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # tmux — Persistent Terminal Sessions ## Problem diff --git a/03-opensource/dev-tools/ventoy.md b/03-opensource/dev-tools/ventoy.md index f17e260..c353f0d 100644 --- a/03-opensource/dev-tools/ventoy.md +++ b/03-opensource/dev-tools/ventoy.md @@ -78,4 +78,4 @@ sudo ./Ventoy2Disk.sh -u /dev/sdX ## See Also -- [[linux-distro-guide-beginners]] +- [linux-distro-guide-beginners](../../01-linux/distro-specific/linux-distro-guide-beginners.md) diff --git a/03-opensource/media-creative/yt-dlp.md b/03-opensource/media-creative/yt-dlp.md index c5a1dbd..02efa95 100644 --- a/03-opensource/media-creative/yt-dlp.md +++ b/03-opensource/media-creative/yt-dlp.md @@ -1,3 +1,12 @@ +--- +title: "yt-dlp — Video Downloading" +domain: opensource +category: media-creative +tags: [yt-dlp, video, youtube, downloads, cli] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # yt-dlp — Video Downloading ## What It Is diff --git a/03-opensource/privacy-security/vaultwarden.md b/03-opensource/privacy-security/vaultwarden.md index 0b8c850..d8c3ea5 100644 --- a/03-opensource/privacy-security/vaultwarden.md +++ b/03-opensource/privacy-security/vaultwarden.md @@ -1,3 +1,12 @@ +--- +title: "Vaultwarden — Self-Hosted Password Manager" +domain: opensource +category: privacy-security +tags: [vaultwarden, bitwarden, passwords, self-hosting, docker] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # Vaultwarden — Self-Hosted Password Manager ## Problem diff --git a/03-opensource/productivity/rmlint-duplicate-scanning.md b/03-opensource/productivity/rmlint-duplicate-scanning.md index 6ed971d..c4fbcef 100644 --- a/03-opensource/productivity/rmlint-duplicate-scanning.md +++ b/03-opensource/productivity/rmlint-duplicate-scanning.md @@ -1,3 +1,12 @@ +--- +title: "rmlint — Extreme Duplicate File Scanning" +domain: opensource +category: productivity +tags: [rmlint, duplicates, storage, cleanup, linux] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # rmlint — Extreme Duplicate File Scanning ## Problem diff --git a/04-streaming/obs/obs-studio-setup-encoding.md b/04-streaming/obs/obs-studio-setup-encoding.md index c51c0e2..1da0501 100644 --- a/04-streaming/obs/obs-studio-setup-encoding.md +++ b/04-streaming/obs/obs-studio-setup-encoding.md @@ -153,5 +153,5 @@ Set `live-caching=0` to minimize capture latency. This is useful when OBS's nati ## See Also -- [[linux-file-permissions]] -- [[bash-scripting-patterns]] +- [linux-file-permissions](../../01-linux/files-permissions/linux-file-permissions.md) +- [bash-scripting-patterns](../../01-linux/shell-scripting/bash-scripting-patterns.md) diff --git a/04-streaming/plex/plex-4k-codec-compatibility.md b/04-streaming/plex/plex-4k-codec-compatibility.md index e081bae..dab4b0b 100644 --- a/04-streaming/plex/plex-4k-codec-compatibility.md +++ b/04-streaming/plex/plex-4k-codec-compatibility.md @@ -1,3 +1,12 @@ +--- +title: "Plex 4K Codec Compatibility (Apple TV)" +domain: streaming +category: plex +tags: [plex, 4k, hevc, apple-tv, transcoding, codec] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # Plex 4K Codec Compatibility (Apple TV) 4K content on YouTube is delivered in AV1 or VP9 — neither of which the Plex app on Apple TV can direct play. This forces Plex to transcode, and most home server CPUs can't transcode 4K in real time. The fix is converting to HEVC before Plex ever sees the file. diff --git a/05-troubleshooting/ansible-vault-password-file-missing.md b/05-troubleshooting/ansible-vault-password-file-missing.md index 2686506..0f67b85 100644 --- a/05-troubleshooting/ansible-vault-password-file-missing.md +++ b/05-troubleshooting/ansible-vault-password-file-missing.md @@ -1,3 +1,12 @@ +--- +title: "Ansible: Vault Password File Not Found" +domain: troubleshooting +category: general +tags: [ansible, vault, credentials, configuration] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # Ansible: Vault Password File Not Found ## Error diff --git a/05-troubleshooting/docker-caddy-selinux-post-reboot-recovery.md b/05-troubleshooting/docker-caddy-selinux-post-reboot-recovery.md index a54a7a6..3125ff9 100644 --- a/05-troubleshooting/docker-caddy-selinux-post-reboot-recovery.md +++ b/05-troubleshooting/docker-caddy-selinux-post-reboot-recovery.md @@ -1,3 +1,12 @@ +--- +title: "Docker & Caddy Recovery After Reboot (Fedora + SELinux)" +domain: troubleshooting +category: general +tags: [docker, caddy, selinux, fedora, reboot, majorlab] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # Docker & Caddy Recovery After Reboot (Fedora + SELinux) ## 🛑 Problem diff --git a/05-troubleshooting/docker/n8n-proxy-trust-x-forwarded-for.md b/05-troubleshooting/docker/n8n-proxy-trust-x-forwarded-for.md index 72a4384..aa19c23 100644 --- a/05-troubleshooting/docker/n8n-proxy-trust-x-forwarded-for.md +++ b/05-troubleshooting/docker/n8n-proxy-trust-x-forwarded-for.md @@ -1,3 +1,12 @@ +--- +title: "n8n Behind Reverse Proxy: X-Forwarded-For Trust Fix" +domain: troubleshooting +category: docker +tags: [n8n, caddy, reverse-proxy, docker, express] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # n8n Behind Reverse Proxy: X-Forwarded-For Trust Fix ## The Problem diff --git a/05-troubleshooting/fedora-networking-kernel-recovery.md b/05-troubleshooting/fedora-networking-kernel-recovery.md index 651f958..efd66b1 100644 --- a/05-troubleshooting/fedora-networking-kernel-recovery.md +++ b/05-troubleshooting/fedora-networking-kernel-recovery.md @@ -137,5 +137,5 @@ Reference: [Fedora — Working with the GRUB 2 Boot Loader](https://docs.fedorap ## See Also -- [[docker-caddy-selinux-post-reboot-recovery]] -- [[managing-linux-services-systemd-ansible]] +- [docker-caddy-selinux-post-reboot-recovery](docker-caddy-selinux-post-reboot-recovery.md) +- [managing-linux-services-systemd-ansible](../01-linux/process-management/managing-linux-services-systemd-ansible.md) diff --git a/05-troubleshooting/gemini-cli-manual-update.md b/05-troubleshooting/gemini-cli-manual-update.md index 5d5d9de..283fd62 100644 --- a/05-troubleshooting/gemini-cli-manual-update.md +++ b/05-troubleshooting/gemini-cli-manual-update.md @@ -1,3 +1,12 @@ +--- +title: "Gemini CLI: Manual Update Guide" +domain: troubleshooting +category: general +tags: [gemini, cli, npm, update, google] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # 🛠️ Gemini CLI: Manual Update Guide If the automatic update fails or you need to force a specific version of the Gemini CLI, use these steps. diff --git a/05-troubleshooting/gitea-runner-boot-race-network-target.md b/05-troubleshooting/gitea-runner-boot-race-network-target.md index 4d64c4b..c7c98fd 100644 --- a/05-troubleshooting/gitea-runner-boot-race-network-target.md +++ b/05-troubleshooting/gitea-runner-boot-race-network-target.md @@ -1,3 +1,12 @@ +--- +title: "Gitea Actions Runner: Boot Race Condition Fix" +domain: troubleshooting +category: general +tags: [gitea, systemd, boot, dns, ci-cd] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # Gitea Actions Runner: Boot Race Condition Fix If your `gitea-runner` (act_runner) service fails to start on boot — crash-looping and eventually hitting systemd's restart rate limit — the service is likely starting before DNS is available. diff --git a/05-troubleshooting/gpu-display/qwen-14b-oom-3080ti.md b/05-troubleshooting/gpu-display/qwen-14b-oom-3080ti.md index 0444acc..8d6130f 100644 --- a/05-troubleshooting/gpu-display/qwen-14b-oom-3080ti.md +++ b/05-troubleshooting/gpu-display/qwen-14b-oom-3080ti.md @@ -1,3 +1,12 @@ +--- +title: "Qwen2.5-14B OOM on RTX 3080 Ti (12GB)" +domain: troubleshooting +category: gpu-display +tags: [gpu, vram, oom, qwen, cuda, fine-tuning] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # Qwen2.5-14B OOM on RTX 3080 Ti (12GB) ## Problem diff --git a/05-troubleshooting/isp-sni-filtering-caddy.md b/05-troubleshooting/isp-sni-filtering-caddy.md index 26701dc..8fcd85c 100644 --- a/05-troubleshooting/isp-sni-filtering-caddy.md +++ b/05-troubleshooting/isp-sni-filtering-caddy.md @@ -1,3 +1,12 @@ +--- +title: "ISP SNI Filtering & Caddy Troubleshooting" +domain: troubleshooting +category: general +tags: [isp, sni, caddy, tls, dns, cloudflare] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # ISP SNI Filtering & Caddy Troubleshooting ## 🛑 Problem diff --git a/05-troubleshooting/macos-mirrored-notification-alert-loop.md b/05-troubleshooting/macos-mirrored-notification-alert-loop.md index a450223..4df3c04 100644 --- a/05-troubleshooting/macos-mirrored-notification-alert-loop.md +++ b/05-troubleshooting/macos-mirrored-notification-alert-loop.md @@ -1,3 +1,12 @@ +--- +title: "macOS Repeating Alert Tone from Mirrored iPhone Notification" +domain: troubleshooting +category: general +tags: [macos, iphone, notifications, continuity, audio] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # macOS Repeating Alert Tone from Mirrored iPhone Notification ## Overview @@ -83,4 +92,4 @@ When a high-priority alert fires on iPhone, check both the iPhone and the Mac's `macos` `notifications` `iphone-mirroring` `continuity` `tonelibrary` `notificationcenter` `diagnostic` `audio` ## See Also -- [[10-Journal/Diagnostics/2026-03-30-MajorAir-CGM-Alert-Loop]] +- 2026-03-30-MajorAir-CGM-Alert-Loop (diagnostic journal entry) diff --git a/05-troubleshooting/majwiki-setup-and-pipeline.md b/05-troubleshooting/majwiki-setup-and-pipeline.md index 90e6c75..2e69b29 100644 --- a/05-troubleshooting/majwiki-setup-and-pipeline.md +++ b/05-troubleshooting/majwiki-setup-and-pipeline.md @@ -1,8 +1,11 @@ --- title: "MajorWiki Setup & Publishing Pipeline" domain: troubleshooting +category: general tags: [mkdocs, obsidian, gitea, docker, self-hosting] -date: 2026-03-11 +status: published +created: 2026-03-11 +updated: 2026-04-02 --- # MajorWiki Setup & Publishing Pipeline diff --git a/05-troubleshooting/networking/fail2ban-imap-self-ban-mail-client.md b/05-troubleshooting/networking/fail2ban-imap-self-ban-mail-client.md index 6983851..6acdd1b 100644 --- a/05-troubleshooting/networking/fail2ban-imap-self-ban-mail-client.md +++ b/05-troubleshooting/networking/fail2ban-imap-self-ban-mail-client.md @@ -1,3 +1,12 @@ +--- +title: "Mail Client Stops Receiving: Fail2ban IMAP Self-Ban" +domain: troubleshooting +category: networking +tags: [fail2ban, imap, dovecot, email, self-ban] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # Mail Client Stops Receiving: Fail2ban IMAP Self-Ban ## 🛑 Problem diff --git a/05-troubleshooting/networking/fail2ban-self-ban-apache-outage.md b/05-troubleshooting/networking/fail2ban-self-ban-apache-outage.md index 35d8593..0f8098e 100644 --- a/05-troubleshooting/networking/fail2ban-self-ban-apache-outage.md +++ b/05-troubleshooting/networking/fail2ban-self-ban-apache-outage.md @@ -1,3 +1,12 @@ +--- +title: "Apache Outage: Fail2ban Self-Ban + Missing iptables Rules" +domain: troubleshooting +category: networking +tags: [fail2ban, apache, iptables, self-ban, outage] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # Apache Outage: Fail2ban Self-Ban + Missing iptables Rules ## 🛑 Problem diff --git a/05-troubleshooting/networking/fail2ban-ufw-rule-bloat-cleanup.md b/05-troubleshooting/networking/fail2ban-ufw-rule-bloat-cleanup.md index 6b0214f..38a4b96 100644 --- a/05-troubleshooting/networking/fail2ban-ufw-rule-bloat-cleanup.md +++ b/05-troubleshooting/networking/fail2ban-ufw-rule-bloat-cleanup.md @@ -1,3 +1,12 @@ +--- +title: "Fail2ban & UFW Rule Bloat: 30k Rules Slowing Down a VPS" +domain: troubleshooting +category: networking +tags: [fail2ban, ufw, nftables, vps, performance] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # Fail2ban & UFW Rule Bloat: 30k Rules Slowing Down a VPS ## 🛑 Problem diff --git a/05-troubleshooting/networking/firewalld-mail-ports-reset.md b/05-troubleshooting/networking/firewalld-mail-ports-reset.md index 7ad64bc..a6e9da2 100644 --- a/05-troubleshooting/networking/firewalld-mail-ports-reset.md +++ b/05-troubleshooting/networking/firewalld-mail-ports-reset.md @@ -1,3 +1,12 @@ +--- +title: "firewalld: Mail Ports Wiped After Reload (IMAP + Webmail Outage)" +domain: troubleshooting +category: networking +tags: [firewalld, mail, imap, fedora, ports] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # firewalld: Mail Ports Wiped After Reload (IMAP + Webmail Outage) If IMAP, SMTP, and webmail all stop working simultaneously on a Fedora/RHEL mail server, firewalld may have reloaded and lost its mail port configuration. diff --git a/05-troubleshooting/networking/tailscale-ssh-reauth-prompt.md b/05-troubleshooting/networking/tailscale-ssh-reauth-prompt.md index 36937a0..9c5ded9 100644 --- a/05-troubleshooting/networking/tailscale-ssh-reauth-prompt.md +++ b/05-troubleshooting/networking/tailscale-ssh-reauth-prompt.md @@ -1,3 +1,12 @@ +--- +title: "Tailscale SSH: Unexpected Re-Authentication Prompt" +domain: troubleshooting +category: networking +tags: [tailscale, ssh, authentication, vpn] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # Tailscale SSH: Unexpected Re-Authentication Prompt If a Tailscale SSH connection unexpectedly presents a browser authentication URL mid-session, the first instinct is to check the ACL policy. However, this is often a one-off Tailscale hiccup rather than a misconfiguration. @@ -62,5 +71,5 @@ No auth prompt + `ok` output = resolved. Note that this test is only meaningful ## Related -- [[Network Overview]] — Tailscale fleet inventory and SSH access model -- [[SSH-Aliases]] — Fleet SSH access shortcuts +- Network Overview — Tailscale fleet inventory and SSH access model +- SSH-Aliases — Fleet SSH access shortcuts diff --git a/05-troubleshooting/networking/windows-sshd-stops-after-reboot.md b/05-troubleshooting/networking/windows-sshd-stops-after-reboot.md index 9c02095..91b0314 100644 --- a/05-troubleshooting/networking/windows-sshd-stops-after-reboot.md +++ b/05-troubleshooting/networking/windows-sshd-stops-after-reboot.md @@ -1,3 +1,12 @@ +--- +title: "Windows OpenSSH Server (sshd) Stops After Reboot" +domain: troubleshooting +category: networking +tags: [windows, openssh, sshd, reboot, majorrig] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # Windows OpenSSH Server (sshd) Stops After Reboot ## 🛑 Problem diff --git a/05-troubleshooting/obsidian-cache-hang-recovery.md b/05-troubleshooting/obsidian-cache-hang-recovery.md index b6db79a..50ffc40 100644 --- a/05-troubleshooting/obsidian-cache-hang-recovery.md +++ b/05-troubleshooting/obsidian-cache-hang-recovery.md @@ -1,11 +1,11 @@ --- -tags: - - obsidian - - troubleshooting - - windows - - majortwin -created: '2026-03-11' -status: resolved +title: "Obsidian Vault Recovery — Loading Cache Hang" +domain: troubleshooting +category: general +tags: [obsidian, troubleshooting, windows, majortwin] +status: published +created: 2026-03-11 +updated: 2026-04-02 --- # Obsidian Vault Recovery — Loading Cache Hang diff --git a/05-troubleshooting/ollama-macos-sleep-tailscale-disconnect.md b/05-troubleshooting/ollama-macos-sleep-tailscale-disconnect.md index 6ffc62e..182ca0b 100644 --- a/05-troubleshooting/ollama-macos-sleep-tailscale-disconnect.md +++ b/05-troubleshooting/ollama-macos-sleep-tailscale-disconnect.md @@ -65,4 +65,4 @@ The display can still sleep — only system sleep needs to be off for Ollama and ## See Also -- [[MajorMac]] — device config and known issues +- MajorMac — device config and known issues diff --git a/05-troubleshooting/security/apache-dirscan-fail2ban-jail.md b/05-troubleshooting/security/apache-dirscan-fail2ban-jail.md index 4f2a7f4..2d6cc05 100644 --- a/05-troubleshooting/security/apache-dirscan-fail2ban-jail.md +++ b/05-troubleshooting/security/apache-dirscan-fail2ban-jail.md @@ -1,3 +1,12 @@ +--- +title: "Custom Fail2ban Jail: Apache Directory Scanning & Junk Methods" +domain: troubleshooting +category: security +tags: [fail2ban, apache, security, bots, wordpress] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # Custom Fail2ban Jail: Apache Directory Scanning & Junk Methods ## 🛑 Problem diff --git a/05-troubleshooting/security/clamscan-cpu-spike-nice-ionice.md b/05-troubleshooting/security/clamscan-cpu-spike-nice-ionice.md index a0480f0..6fba02d 100644 --- a/05-troubleshooting/security/clamscan-cpu-spike-nice-ionice.md +++ b/05-troubleshooting/security/clamscan-cpu-spike-nice-ionice.md @@ -1,3 +1,12 @@ +--- +title: "ClamAV Safe Scheduling on Live Servers" +domain: troubleshooting +category: security +tags: [clamav, cpu, nice, ionice, cron, vps] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # ClamAV Safe Scheduling on Live Servers Running `clamscan` unthrottled on a live server will peg CPU until completion. On a small VPS (1 vCPU), a full recursive scan can sustain 70–100% CPU for an hour or more, degrading or taking down hosted services. @@ -70,4 +79,4 @@ kill ## Related - [ClamAV Documentation](https://docs.clamav.net/) -- [[02-selfhosting/security/linux-server-hardening-checklist|Linux Server Hardening Checklist]] +- [Linux Server Hardening Checklist](../../02-selfhosting/security/linux-server-hardening-checklist.md) diff --git a/05-troubleshooting/selinux-dovecot-vmail-context.md b/05-troubleshooting/selinux-dovecot-vmail-context.md index 2ca06cf..fdfe379 100644 --- a/05-troubleshooting/selinux-dovecot-vmail-context.md +++ b/05-troubleshooting/selinux-dovecot-vmail-context.md @@ -1,3 +1,12 @@ +--- +title: "SELinux: Fixing Dovecot Mail Spool Context (/var/vmail)" +domain: troubleshooting +category: general +tags: [selinux, dovecot, mail, fedora, vmail] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # SELinux: Fixing Dovecot Mail Spool Context (/var/vmail) If Dovecot is generating SELinux AVC denials and mail delivery or retrieval is broken on a Fedora/RHEL system with SELinux enforcing, the `/var/vmail` directory tree likely has incorrect file contexts. diff --git a/05-troubleshooting/storage/mdadm-usb-hub-disconnect-recovery.md b/05-troubleshooting/storage/mdadm-usb-hub-disconnect-recovery.md index b036fbd..1ea206c 100644 --- a/05-troubleshooting/storage/mdadm-usb-hub-disconnect-recovery.md +++ b/05-troubleshooting/storage/mdadm-usb-hub-disconnect-recovery.md @@ -1,3 +1,12 @@ +--- +title: "mdadm RAID Recovery After USB Hub Disconnect" +domain: troubleshooting +category: storage +tags: [mdadm, raid, usb, storage, recovery] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # mdadm RAID Recovery After USB Hub Disconnect A software RAID array managed by mdadm can appear to catastrophically fail when the drives are connected via USB rather than SATA. The array is fine — the hub dropped out. Here's how to diagnose and recover. diff --git a/05-troubleshooting/systemd/session-scope-failure-at-login.md b/05-troubleshooting/systemd/session-scope-failure-at-login.md index aae2548..f8e1e0a 100644 --- a/05-troubleshooting/systemd/session-scope-failure-at-login.md +++ b/05-troubleshooting/systemd/session-scope-failure-at-login.md @@ -1,3 +1,12 @@ +--- +title: "Systemd Session Scope Fails at Login (session-cN.scope)" +domain: troubleshooting +category: systemd +tags: [systemd, ssh, login, session, linux] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # Systemd Session Scope Fails at Login (`session-cN.scope`) After SSH login, systemd reports a failed transient unit like `session-c1.scope`. The MOTD or login banner shows `Failed Units: 1 — session-c1.scope`. This is a harmless race condition, not a real service failure. @@ -90,4 +99,4 @@ Should report 0 failed units. ## Related -- [[gitea-runner-boot-race-network-target]] — Another systemd race condition involving service startup ordering +- [gitea-runner-boot-race-network-target](../gitea-runner-boot-race-network-target.md) — Another systemd race condition involving service startup ordering diff --git a/05-troubleshooting/yt-dlp-fedora-js-challenge.md b/05-troubleshooting/yt-dlp-fedora-js-challenge.md index 275ddb2..f4fec65 100644 --- a/05-troubleshooting/yt-dlp-fedora-js-challenge.md +++ b/05-troubleshooting/yt-dlp-fedora-js-challenge.md @@ -1,3 +1,12 @@ +--- +title: "yt-dlp YouTube JS Challenge Fix (Fedora)" +domain: troubleshooting +category: general +tags: [yt-dlp, fedora, youtube, javascript, deno] +status: published +created: 2026-04-02 +updated: 2026-04-02 +--- # yt-dlp YouTube JS Challenge Fix (Fedora) ## Problem