commit 01e4961832989137fbcb5eef5edd70809b8b841b
parent 0e739a62ef8d5f89289b3f0c70158591d835c3a3
Author: decentral1se <decentral1se@web>
Date: Thu, 23 Apr 2026 13:32:05 +0200
docs: debian and pam
Diffstat:
1 file changed, 16 insertions(+), 2 deletions(-)
diff --git a/eik.mdwn b/eik.mdwn
@@ -9,6 +9,16 @@ ssh config
Port 22
IdentityFile ~/.ssh/<ssh-private-key>
+upgrading debian
+----------------
+
+We don't have enough space to upgrade debian mostly. Here are some tricks.
+
+* Make sure all old linux kernels are removed. You can upgrade/reboot and then check with `uname -a`/`uname -rms` to see what you're running. Then use `dpkg --list | grep -E 'linux-image|linux-headers'` to identify the old ones and directly `apt remove ...`.
+* Pay attention to what the `apt full-upgrade` disk space info is telling you. Check what you've got on the `/` partition with `df -h`. If you don't have enough, it won't work.
+* Delete a bunch of packages that you don't need if they're on the system.
+* You can usually get away with moving `/usr/include` / `/usr/share` into the `/home` partition and then symlinking them back. This is of course risky business and you should only do it as a last ditch effort.
+
http certs
----------
@@ -227,7 +237,7 @@ Don't forget to `mv` it to `/usr/local/bin` and `chown rauthy:rauthy` on the bin
### configure
-The `rauthy` binary lives in `/usr/local/bin/rauthy` and it's configuration and data is to be found in `/etc/rauthy/config.toml`. Here are the [configuration reference docs](https://sebadob.github.io/rauthy/config/config.html).
+The `rauthy` binary lives in `/usr/local/bin/rauthy` and it's configuration and data is to be found in `/home/rauthy/config.toml`. Here are the [configuration reference docs](https://sebadob.github.io/rauthy/config/config.html).
You can `journalctl -fu rauthy` to follow along with the logs and the usual `systemctl restart rauthy` will restart Rauthy.
@@ -235,7 +245,7 @@ Rauthy runs under the `rauthy` user, please prefix your commands with `sudo -su
### admin
-See the `config.toml` for the fallback admin email. Ask in Toolshed for the password. You can also create an account and be upgraded to administrator by applying the `rauthy_admin` role on user creation.
+See the `/home/rauthy/config.toml` for the fallback admin email. Ask in Toolshed for the password. You can also create an account and be upgraded to administrator by applying the `rauthy_admin` role on user creation.
### arbitrary single sign-on
@@ -285,3 +295,7 @@ Here's an example `nginx` configuration.
# NOTE(d1): finally, serve your webshit
try_files $uri $uri/ =404;
}
+
+### nss
+
+See `/etc/rauthy/rauthy-pam-nss.toml` for the configuration. You can `journalctl -fu rauthy-nss` to see what's going down. The simplest test is to run `getent hosts`. The hosts are configured under `Pam > Hosts` in the `rauthy` web UI.
