Debian bullseye on the RPI 4: golden image

July 24, 2022 9 minute read

In my last blog post, we set up Debian bullseye with full disk encryption on a Raspberry PI 4.

I use 3 three Raspberry PI’s to run K3s and a few FreeBSD virtual machines. For the FreeBSD virtual machines I still use QEMU: https://stafwag.github.io/blog/blog/2021/03/14/howto_run_freebsd_as_vm_on_pi/, I still need to test if we can use KVM/libvirt with the UEFI improvements in FreeBSD 13.1. But that might be another blog post :-)

As need I the same installation at least three times, I decided to create a “golden image” with the most important tools.

Debian bullseye on the RPI 4 with full disk encryption.

July 3, 2022 19 minute read

Updated @ Sun Jul 17 07:51:58 PM CEST 2022: Added blkid section UUID cryptroot. Changed dropbear port to 2222.

I use a few Raspberry PI’s 4 to run virtual machines and k3s.

I was using the Manjaro Linux with full disk encryption but I’ll switch to Debian GNU/Linux, the main reason is that libvirt is currently broken on archlinuxarm.

You’ll find my journey to get Debian GNU/Linux bullseye up and running on the Raspberry PI with full disk encryption below.

How to install coreboot on a Lenovo x230

January 21, 2022 9 minute read

I already use coreboot on my Lenovo W500 with FreeBSD. I bought a Lenovo x230 for a nice price I decide to install coreboot on it. After reading a lot of online documentation. I decided to install the skulls coreboot distribution on it. The skulls project has nice documentation on how to install it.

To replace the BIOS with coreboot you will need to disassemble the laptop and use a clip on the BIOS chip to install it.

Best wishes 2022!

January 2, 2022 less than 1 minute read

Ansible role: package_update v2.0.2

October 31, 2021 1 minute read

Keeping your software up-to-date is an important task in System Administration. Not only for security reasons but also to roll out bug fixes to your systems.

As always we should try to automate this process as much as possible.

Ansible has a package module to install packages in a generic way. It supports most Un*x platforms (GNU/Linux, BSD, …). But it doesn’t allow you to update all packages.

For this reason, I created an Ansible role: package update.

Package update enables you to update all packages on most Linux distributions and the BSD operating systems. It can also update the running jails on FreeBSD.

Version 2.0.2 is available at

• Github: https://github.com/stafwag/ansible-role-package_update.
• Ansible galaxy: https://galaxy.ansible.com/stafwag/package_update

Version 2.0.2:

Changelog:

• Always update the apt cache on Debian based distributions.

Have fun!