1diff --git a/content/posts/2020-07-13-k8s.md b/content/posts/2020-07-13-k8s.md
2deleted file mode 100644
3index 8b706c162077dbaa1437ee396b7e202bd1c761ef..0000000000000000000000000000000000000000
4--- a/content/posts/2020-07-13-k8s.md
5+++ /dev/null
6@@ -1,79 +0,0 @@
7----
8-title: "Road to local k8s"
9-date: 2020-07-13
10-tags: ['kubernetes', 'linux', 'fedora']
11----
12-
13-# Goal
14-
15-The goal is to deploy kubernetes on my local networks, and keep everything as
16-reproducible as possible.
17-
18-# Stack
19-
20-I\'ll use Fedora Core OS, Matchbox and Terraform [^1], a match the requirements
21-for Tectonic [^2]
22-
23-## Steps
24-
25-- Network Setup DHCP/TFTP/DNS [^3]
26-- Matchbox [^4]
27-- PXE network boot environment
28-- Terraform Tectonic [^5]
29-
30-## Network Setup DHCP/TFTP/DNS
31-
32-First learning the basics again:
33-
34-- <https://linuxhint.com/install_dhcp_server_ubuntu/>
35-- <https://www.youtube.com/watch?v=XQ3T14SIlV4>
36-
37-To check open ports
38-
39-```shell
40-lsof -Pni | grep LISTEN
41-```
42-
43-Run the provided [^6] image with `dnsmasq` and PXE toolkit
44-
45-``` {.bash org-language="sh"}
46-docker run --rm --cap-add=NET_ADMIN --net=host quay.io/coreos/dnsmasq \
47- -d -q \
48- --dhcp-range=192.168.1.3,192.168.1.254 \
49- --enable-tftp --tftp-root=/var/lib/tftpboot \
50- --dhcp-match=set:bios,option:client-arch,0 \
51- --dhcp-boot=tag:bios,undionly.kpxe \
52- --dhcp-match=set:efi32,option:client-arch,6 \
53- --dhcp-boot=tag:efi32,ipxe.efi \
54- --dhcp-match=set:efibc,option:client-arch,7 \
55- --dhcp-boot=tag:efibc,ipxe.efi \
56- --dhcp-match=set:efi64,option:client-arch,9 \
57- --dhcp-boot=tag:efi64,ipxe.efi \
58- --dhcp-userclass=set:ipxe,iPXE \
59- --dhcp-boot=tag:ipxe,http://matchbox.example.com:8080/boot.ipxe \
60- --address=/matchbox.example/192.168.1.2 \
61- --log-queries \
62- --log-dhcp
63-```
64-
65-## Matchbox
66-
67-## PXE network boot environment
68-
69-## Terraform Tectonic
70-
71-------------------------------------------------------------------------
72-
73-# Links
74-
75-[^1]: <https://coreos.com/tectonic/docs/latest/install/bare-metal/metal-terraform.html>
76-
77-[^2]: <https://coreos.com/tectonic/docs/latest/install/bare-metal/requirements.html>
78-
79-[^3]: <https://coreos.com/matchbox/docs/latest/network-setup.html>
80-
81-[^4]: <https://coreos.com/matchbox/docs/latest/deployment.html>
82-
83-[^5]: <https://coreos.com/tectonic/releases/>
84-
85-[^6]: <https://github.com/poseidon/matchbox/tree/v0.7.0/contrib/dnsmasq>
86diff --git a/content/posts/2022-07-18-firefly-install.md b/content/posts/2022-07-18-firefly-install.md
87index 6c7a649bac08db3ca19725e47fa156d62a1fdaa1..23816603da2057519e8fe5a8eaf7bb5383725f75 100644
88--- a/content/posts/2022-07-18-firefly-install.md
89+++ b/content/posts/2022-07-18-firefly-install.md
90@@ -15,7 +15,8 @@ kept without containers, and first candidate being Firefly[^1]. I have it
91 currently running on container but let's install in a distribution.
92
93 For the distro of choice I'll pick alpine, for its small footprint and the use
94-of OpenRC (nothing against systemd though).
95+of OpenRC (nothing against systemd though), and it will help me later to better
96+understand how to properly setup an alpine image on container environment.
97
98 *I don't want to extend this tutorial to cover every single part, so for the
99 next steps I'll assume that you have a running instance of PostgreSQL and
100@@ -24,7 +25,7 @@
101 ## Dependencies
102
103 First we need to install all the necessary packages to get firefly running.
104-Let's go through them and check are they are used for.
105+Let's go through them and check what they are used for.
106
107 ```shell
108 apk add curl tar gzip
109@@ -38,9 +39,10 @@ apk add composer
110 ```
111
112 Composer is a dependency manager for PHP. It is required to download the
113- dependencies of the project.
114+ dependencies of the project, as the source code from tar ball does have all its
115+ dependencies included.
116
117- Now we need to download the list of dependencies list in the site[^2].
118+ Now we need to download the dependencies listed in the site[^2].
119
120 ```
121 Extra packages
122@@ -56,7 +58,7 @@ PHP MBString
123 PHP whatever database you're gonna use.
124 ```
125
126-For those we have the following alpine packages:
127+And for those I could gather the following alpine packages:
128
129 ```shell
130 apk add \
131@@ -71,9 +73,9 @@ php8-bcmath \
132 php8-pgsql
133 ```
134
135-But that is not everything, I don't know if I lack knowledge in the PHP stack
136-but the application will later complain about a lot of missing dependencies,
137-those being:
138+But that is not everything. I don't know if I lack knowledge in the PHP stack
139+but the application will later complain about some other missing dependencies.
140+Those being:
141
142 ```shell
143 apk add \
144@@ -89,8 +91,8 @@ php8-shmop
145 ```
146
147 A tip that may as well help you later. Some of those not listed packages are
148-described in the their project for the docker image[^3] and its base image[^4].
149-It can also help with describing the necessary steps.
150+described in their docker repository[^3] and its base image[^4]. It can also
151+help with describing some other necessary steps.
152
153 As the next step we need to install the pieces of software that will actually
154 run the project:
155@@ -129,7 +131,7 @@ cd /var/www/firefly
156 composer install --prefer-dist --no-dev --no-scripts
157 ```
158
159-## Config files
160+## Configurations
161
162 ### Firefly
163
164@@ -155,14 +157,14 @@ ```shell
165 head /dev/urandom | LC_ALL=C tr -dc 'A-Za-z0-9' | head -c 32 && echo
166 ```
167
168-Once you have set it up we need to bootstrap the project:
169+Once you have set it up we need to bootstrap the project. First we need to
170+update the cached configuration.
171
172 ```shell
173 php artisan config:cache
174 ```
175
176-To update the cached configuration. If everything is setup properly the process
177-finish successfully.
178+Second we need to migrate and seed the database:
179
180 ```shell
181 php artisan firefly-iii:create-database
182@@ -170,26 +172,28 @@ php artisan migrate:refresh --seed
183 php artisan firefly-iii:upgrade-database
184 ```
185
186-To bootstrap the database.
187+If everything is setup properly the processes finish successfully.
188+
189
190 ### Permission
191
192 Now comes the part where we should be careful. So far we (or at least I) have
193-been setting up everything as root but that is not ideal. We want to restrict as
194-much as possibly permission to the processes, it should only see do what it
195-meant to. So to minimize the effect of the process we will make it run as a user
196-with almost no permission, and for purpose we will create a `www-data` user.
197-Quite often that user is already create if not run the following command:
198+been setting up everything as root but that is not ideal. Usually we want to
199+restrict as much as possible the permissions of processes, it should only see do
200+what it meant to. So to minimize the area of effect of the process we will make
201+it run as a user with almost no permission, and for purpose of running the
202+php-fpm we will create a `www-data` user. Quite often that user is already
203+created and if it is not, run the following command:
204
205 ```shell
206 adduser www-data --disabled-password
207 ```
208
209 Add `--ingroup www-data` if it complains if the groups exists.
210-`--disabled-password` so we don't allow login with password, because it is not
211-meant to be logged with.
212+`--disabled-password` is given so we don't allow login with password, because it
213+is not meant to be logged with.
214
215-Once the user is created we need to change the which user the process runs one.
216+Once the user is created we need to change the which user the process runs on.
217 By default it uses a `nobody` which is a user with no permission except those
218 which every other user has. Update the user given in the
219 `/etc/php8/php-fpm.d/www.conf` file.
220@@ -221,13 +225,13 @@ ```
221
222 ### Nginx
223
224-We will need to edit the nginx config file to find and run the project, add
225-the following server inside of `/etc/nginx/http.d/`, by default nginx will read
226-all `.config` inside of that folder. Just like the www folder this is more a
227-personal choice, you have some room to choose where you want to config this
228-server.
229+We will need to edit the nginx config file to find and run the project. Add the
230+following server inside of `/etc/nginx/http.d/`, by default nginx will read all
231+`.conf` inside of that folder. Just like the www folder this is more of a
232+personal choice, you have some room to choose where you want to store the config
233+file.
234
235-```shell
236+```nginx
237 # /etc/nginx/http.d/firefly.conf
238
239 server {
240@@ -277,10 +281,43 @@ nicely return the error.
241
242 ```ini
243 # /var/wwww/firefly/.env
244-# ...
245-
246 APP_DEBUG=true
247 APP_LOG_LEVEL=debug
248+```
249+
250+## Bonus config with socket
251+
252+Another thing to look at is where php-fpm is running the service. I think by
253+default on alpine it runs on `http://127.0.0.1:9000` but it can also be running
254+on a socket, check the `www.conf` file for the `listen` property:
255+
256+Config for http
257+```
258+listen = 127.0.0.1:9000
259+```
260+
261+Config for socket
262+```
263+listen = /run/php-fpm8/fpm.sock
264+```
265+
266+If you want you can set it up to run on socket. You will need to change two
267+things. First, update the www.conf file to run the process on a socket, and to
268+change the owner of the socket file. This is important so later nginx is capable
269+of reading/writing the file. On the `/etc/php8/php-fpm.d/www.conf` update it:
270+
271+```shell
272+listen = /run/php-fpm8/fpm.sock
273+listen.owner = nginx
274+listen.group = nginx
275+listen.mode = 0660
276+```
277+
278+Second, change the nginx to connect to socket instead of an tcp connection,
279+update the following property:
280+
281+```nginx
282+fastcgi_pass unix:/run/php-fpm8/fpm.sock;
283 ```
284
285 [^1]: https://www.firefly-iii.org/