How to install coreboot on a Lenovo x230

January 21, 2022 9 minute read

I already use coreboot on my Lenovo W500 with FreeBSD. I bought a Lenovo x230 for a nice price I decide to install coreboot on it. After reading a lot of online documentation. I decided to install the skulls coreboot distribution on it. The skulls project has nice documentation on how to install it.

To replace the BIOS with coreboot you will need to disassemble the laptop and use a clip on the BIOS chip to install it.

Best wishes 2022!

January 2, 2022 less than 1 minute read

Ansible role: package_update v2.0.2

October 31, 2021 1 minute read

Keeping your software up-to-date is an important task in System Administration. Not only for security reasons but also to roll out bug fixes to your systems.

As always we should try to automate this process as much as possible.

Ansible has a package module to install packages in a generic way. It supports most Un*x platforms (GNU/Linux, BSD, …). But it doesn’t allow you to update all packages.

For this reason, I created an Ansible role: package update.

Package update enables you to update all packages on most Linux distributions and the BSD operating systems. It can also update the running jails on FreeBSD.

Version 2.0.2 is available at

• Github: https://github.com/stafwag/ansible-role-package_update.
• Ansible galaxy: https://galaxy.ansible.com/stafwag/package_update

Version 2.0.2:

Changelog:

• Always update the apt cache on Debian based distributions.

Have fun!

Use unbound as an DNS-over-TLS resolver and authoritative dns server v2.0.0

October 17, 2021 4 minute read

In previous blog posts, I described howto setup stubby as a DNS-over-TLS resolver. I used stubby on my laptop(s) and unbound on my internal network.

I migrated to unbound last year and created a docker container for it. Unbound is a popular DNS resolver, it’s less known that you can also use it as an authoritative DNS server.

This work was based on Debian Buster, I migrated the container to Debian Bullseye reorganize it a bit to make it easier to store the zones configuration outside the container like a configmap or persistent volume on Kubernetes.

Version 2.0.0 is available at https://github.com/stafwag/docker-stafwag-unbound.

Version 2.0.0:

Changelog:

• Updated the base image to debian:bullseye.
• Updated create_zone_config.sh to be able to run outside the container.
• Removed the zones.conf generation from the entrypoint
• Start the container as the unbound user
• Updated to logging.conf
• Set the pidfile /tmp/unbound.pid
• Added remote-control.conf
• Updated the documentation

Ansible role: virt_install_vm 1.0.0 released

September 19, 2021 2 minute read

I wrote a few articles:

• Howto use centos cloud images with cloud-init on KVM/libvirtd
• Howto use cloud images on the Raspberry PI 4

on my blog on how to use cloud images with cloud-init on a “non-cloud” environment.

I finally took the time to create an Ansible role for it. You’ll find the READE.md below.

Virt_install_vm 1.0.0 is available at: https://github.com/stafwag/ansible-role-virt_install_vm

Have fun!