Reformat

2023-02-19 15:21:41 +01:00 · 2023-02-19 15:21:41 +01:00 · e0651eea6c
commit e0651eea6c
parent 9d7060f531
3 changed files with 106 additions and 78 deletions
--- a/pages/02.linux/authentik/default.en.md
+++ b/pages/02.linux/authentik/default.en.md
@ -9,8 +9,10 @@ visible: false

 ### Network and Pod

-`# podman network create net_authentik`  
-`# podman pod create --name pod_authentik --network net_authentik -p `
+```sh
+podman network create net_authentik
+podman pod create --name pod_authentik --network net_authentik -p
+```

 #### Port Mappings

@ -21,7 +23,7 @@ visible: false
 ### Database

 ```sh
-# podman run --name authentik_db \
+podman run --name authentik_db \
    -e PGDATA=/var/lib/postgresql/data/pgdata \
    -e POSTGRES_USER=authentik \
    -e POSTGRES_PASSWORD=authentik \
@ -34,7 +36,7 @@ visible: false
 ### Redis

 ```sh
-# podman run --name authentik_redis \
+podman run --name authentik_redis \
    -v /mnt/authentik_redis:/data \
    --pod pod_authentik \
    -d docker.io/redis:7 \
@ -45,27 +47,27 @@ visible: false

 https://goauthentik.io/docs/installation/docker-compose

-```
-  server:
-    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2022.9.0}
-    restart: unless-stopped
-    command: server
-    environment:
-      AUTHENTIK_REDIS__HOST: redis
-      AUTHENTIK_POSTGRESQL__HOST: postgresql
-      AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
-      AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
-      AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
-      # AUTHENTIK_ERROR_REPORTING__ENABLED: "true"
-    volumes:
-      - ./media:/media
-      - ./custom-templates:/templates
-      - geoip:/geoip
-    env_file:
-      - .env
-    ports:
-      - "0.0.0.0:${AUTHENTIK_PORT_HTTP:-9000}:9000"
-      - "0.0.0.0:${AUTHENTIK_PORT_HTTPS:-9443}:9443"
+```yaml
+server:
+  image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2022.9.0}
+  restart: unless-stopped
+  command: server
+  environment:
+    AUTHENTIK_REDIS__HOST: redis
+    AUTHENTIK_POSTGRESQL__HOST: postgresql
+    AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
+    AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
+    AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
+    # AUTHENTIK_ERROR_REPORTING__ENABLED: "true"
+  volumes:
+    - ./media:/media
+    - ./custom-templates:/templates
+    - geoip:/geoip
+  env_file:
+    - .env
+  ports:
+    - "0.0.0.0:${AUTHENTIK_PORT_HTTP:-9000}:9000"
+    - "0.0.0.0:${AUTHENTIK_PORT_HTTPS:-9443}:9443"
 ```

 ```
@ -74,30 +76,30 @@ https://goauthentik.io/docs/installation/docker-compose

 ### Application Worker

-```
+```yaml
 worker:
-    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2022.9.0}
-    restart: unless-stopped
-    command: worker
-    environment:
-      AUTHENTIK_REDIS__HOST: redis
-      AUTHENTIK_POSTGRESQL__HOST: postgresql
-      AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
-      AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
-      AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
-      # AUTHENTIK_ERROR_REPORTING__ENABLED: "true"
-    # This is optional, and can be removed. If you remove this, the following will happen
-    # - The permissions for the /media folders aren't fixed, so make sure they are 1000:1000
-    # - The docker socket can't be accessed anymore
-    user: root
-    volumes:
-      - ./media:/media
-      - ./certs:/certs
-      - /var/run/docker.sock:/var/run/docker.sock
-      - ./custom-templates:/templates
-      - geoip:/geoip
-    env_file:
-      - .env
+  image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2022.9.0}
+  restart: unless-stopped
+  command: worker
+  environment:
+    AUTHENTIK_REDIS__HOST: redis
+    AUTHENTIK_POSTGRESQL__HOST: postgresql
+    AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
+    AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
+    AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
+    # AUTHENTIK_ERROR_REPORTING__ENABLED: "true"
+  # This is optional, and can be removed. If you remove this, the following will happen
+  # - The permissions for the /media folders aren't fixed, so make sure they are 1000:1000
+  # - The docker socket can't be accessed anymore
+  user: root
+  volumes:
+    - ./media:/media
+    - ./certs:/certs
+    - /var/run/docker.sock:/var/run/docker.sock
+    - ./custom-templates:/templates
+    - geoip:/geoip
+  env_file:
+    - .env
 ```

 ```
--- a/pages/02.linux/cloud-init/default.en.md
+++ b/pages/02.linux/cloud-init/default.en.md
@ -11,7 +11,9 @@ The VM template needs a few cloud-init tools installed before we can use it with

 ### Debian

-`# apt install cloud-init cloud-initramfs-growroot`
+```sh
+apt install cloud-init cloud-initramfs-growroot
+```

 ### AlmaLinux

--- a/pages/02.linux/dhcp-server-and-routing/default.en.md
+++ b/pages/02.linux/dhcp-server-and-routing/default.en.md
@ -7,53 +7,71 @@ visible: true

 ## Installation

-`# apt install isc-dhcp-server`
+```sh
+apt install isc-dhcp-server
+```

 ## Configuration

-Edit `/etc/default/isc-dhcp-server`  
-`INTERFACESv4="(interface 1) (interface 2)"`
+Edit `/etc/default/isc-dhcp-server`
+
+```
+INTERFACESv4="{INTERFACE 1} {INTERFACE 2}"
+```

 Edit `/etc/dhcp/dhcpd.conf` to set a subnet

 ```
-subnet (netaddress) netmask (subnetmask) {
-    range (first dhcp) (last dhcp);
-    option subnet-mask (subnetmask);
-    option routers (gateway);
-    option domain-name "(name)";
-    option domain-name-servers (dns server);
+subnet {NETADDRESS} netmask {SUBNETMASK} {
+    range {FIRST DHCP} {LAST DHCP};
+    option subnet-mask {SUBNETMASK};
+    option routers {GATEWAY};
+    option domain-name "{NAME}";
+    option domain-name-servers {DNS SERVER};
 }
 ```

 Edit `/etc/network/interfaces`

 ```
-auto (interface)
-iface (interface) inet static
-    address (address)
-    network (netaddress)
-    netmask (netmask)
-    broadcast (broadcast)
+auto {INTERFACE}
+iface {INTERFACE} inet static
+    address {ADDRESS}
+    network {NETADDRESS}
+    netmask {NETMASK}
+    broadcast {BROADCAST}
 ```

-Enable the interface  
-`# ifup (interface)`
+Enable the interface

-Restart DHCP Server  
-`# systemctl restart isc-dhcp-server.service`
+```sh
+ifup {INTERFACE}
+```
+
+Restart DHCP Server
+
+```sh
+systemctl restart isc-dhcp-server.service
+```

 ### Enable routing

-`# echo "net.ipv4.ip_forward=1" >> /etc/sysctl.d/80-forwarding.conf`  
-`# sysctl -p /etc/sysctl.d/80-forwarding.conf`
+```sh
+echo "net.ipv4.ip_forward=1" >> /etc/sysctl.d/80-forwarding.conf
+sysctl -p /etc/sysctl.d/80-forwarding.conf
+```

-`# iptables -t nat -A POSTROUTING -o (WAN interface) -j MASQUERADE`  
-`# iptables -A FORWARD -i (LAN interface) -j ACCEPT`
+```sh
+iptables -t nat -A POSTROUTING -o (WAN interface) -j MASQUERADE
+iptables -A FORWARD -i (LAN interface) -j ACCEPT
+```

 Make iptables permanent  
-Select `Yes` during the installation to save current rules  
-`# apt install iptables-persistent`
+Select `Yes` during the installation to save current rules
+
+```sh
+apt install iptables-persistent
+```

 ### Enable DHCP-managed fixed IP address

@ -97,8 +115,14 @@ zone 7.168.192.in-addr.arpa. {

 ## Client

-DHCP Request  
-`# dhclient -v`
+DHCP Request

-Release IP  
-`# dhclient -v -r`
+```sh
+dhclient -v
+```
+
+Release IP
+
+```sh
+# dhclient -v -r
+```