Recent posts

How to install coreboot on a Lenovo x230

9 minute read


I already use coreboot on my Lenovo W500 with FreeBSD. I bought a Lenovo x230 for a nice price I decide to install coreboot on it. After reading a lot of online documentation. I decided to install the skulls coreboot distribution on it. The skulls project has nice documentation on how to install it.

To replace the BIOS with coreboot you will need to disassemble the laptop and use a clip on the BIOS chip to install it.


Ansible role: package_update v2.0.2

1 minute read


Keeping your software up-to-date is an important task in System Administration. Not only for security reasons but also to roll out bug fixes to your systems.

As always we should try to automate this process as much as possible.

Ansible has a package module to install packages in a generic way. It supports most Un*x platforms (GNU/Linux, BSD, …). But it doesn’t allow you to update all packages.

For this reason, I created an Ansible role: package update.

Package update enables you to update all packages on most Linux distributions and the BSD operating systems. It can also update the running jails on FreeBSD.

Version 2.0.2 is available at

Version 2.0.2:


  • Always update the apt cache on Debian based distributions.

Have fun!


Use unbound as an DNS-over-TLS resolver and authoritative dns server v2.0.0

4 minute read


In previous blog posts, I described howto setup stubby as a DNS-over-TLS resolver. I used stubby on my laptop(s) and unbound on my internal network.

I migrated to unbound last year and created a docker container for it. Unbound is a popular DNS resolver, it’s less known that you can also use it as an authoritative DNS server.

This work was based on Debian Buster, I migrated the container to Debian Bullseye reorganize it a bit to make it easier to store the zones configuration outside the container like a configmap or persistent volume on Kubernetes.

Version 2.0.0 is available at

Version 2.0.0:


  • Updated the base image to debian:bullseye.
  • Updated to be able to run outside the container.
  • Removed the zones.conf generation from the entrypoint
  • Start the container as the unbound user
  • Updated to logging.conf
  • Set the pidfile /tmp/
  • Added remote-control.conf
  • Updated the documentation


Ansible role: virt_install_vm 1.0.0 released

2 minute read


I wrote a few articles:

on my blog on how to use cloud images with cloud-init on a “non-cloud” environment.

I finally took the time to create an Ansible role for it. You’ll find the below.

Virt_install_vm 1.0.0 is available at:

Have fun!