commit 04c31f4db8aaef27478c32d6a009ac44b0e62454
parent 9d5a40fd8cad651e545d7a65877ca1bea6efba79
Author: Andreas Gruhler <agruhl@gmx.ch>
Date: Sat, 22 Nov 2025 11:13:54 +0100
doc: update Readme for amd setup
Diffstat:
| M | README.md | | | 38 | ++++++++++++++++++++++++++++++++------ |
1 file changed, 32 insertions(+), 6 deletions(-)
diff --git a/README.md b/README.md
@@ -84,10 +84,16 @@ certificates in the directory `./tls/nomad/certs`:
./nomad-tls.sh
```
-## ACL's
-tbd
+## Nomad ACL
+TODO
-* ACLs for Nomad
+* Describe ACLs for Nomad
+* https://write.in0rdr.ch/nomad-authentication-with-openbao
+
+## Nomad SSO with OpenBao OIDC provider
+TODO
+
+Nomad SSO is configured with OpenBao OpenID Connect provider.
## Nomad workload identity configuration
Follow along the tutorial to configure Nomad workload identities with Bao:
@@ -227,13 +233,33 @@ sudo packer build \
The `variable.auto.pkrvars.hcl` contains all sensitive packer variables.
-## Write Image to SD Card
+## Testing the amd64/QEMU image
+The qemu image can be tested locally:
+```bash
+sudo qemu-system-x86_64 \
+ -cpu host -machine type=q35,accel=kvm -m 2048 \
+ -drive if=virtio,format=qcow2,file=intel0/intel0.qcow2
+```
+
+## Write amd64 image to USB stick
+Don't write the image from the test above, that might be modified. Use a
+freshly built image.
+
+The QEMU qcow2 image needs to be converted to raw disk format:
+```bash
+sudo qemu-img convert -O raw intel0/intel0.qcow2 intel0/intel0.img
+```
+
+Then written to USB stick with `cp` & `sync`.
-Convert qcow2 to img:
+Use a [live iso](https://grml.org) and the USB stick with the raw image to
+prepare the target disk on the intel machine:
```bash
-qemu-img convert intel0/intel0.qcow2 -O raw intel0.img
+sudo mount /dev/sdc1 /mnt
+sudo dd if=/mnt/intel0.img of=/dev/sda bs=4m
```
+## Write arm64 image to SD Card
To [write the resulting image file to the sd
card](https://www.raspberrypi.org/documentation/installation/installing-images/linux.md)
with `dd`:
