frobware

# On macOS Sequoia 15.2, the Nix-generated default-command uses
# reattach-to-user-namespace, which causes the shell to default to
# bash even though $SHELL is set to /bin/zsh. Override these to ensure
# the correct shell is used. I don't know why or when this behaviour
# changed.
set-option -g default-shell "$SHELL"
set-option -g default-command "$SHELL"

# Unbind all key bindings in the 'copy-mode-vi' table to use Emacs key bindings throughout.
unbind-key -a -T copy-mode-vi

frobware

TPM2-backed SSH Keys on NixOS

This describes how I set up TPM2 hardware-backed SSH keys using tpm2-pkcs11 on NixOS. Keys are generated inside the TPM and cannot be extracted, providing hardware-bound authentication.

Overview

• Uses the kernel resource manager (/dev/tpmrm0) directly—no tpm2-abrmd daemon needed
• Uses the esysdb backend instead of FAPI for simpler configuration
• Integrates with pass for PIN storage (non-interactive operation)
• Provides helper scripts for key management

frobware

diff --git a/bundle/manifests/bpfman-operator.clusterserviceversion.yaml b/bundle/manifests/bpfman-operator.clusterserviceversion.yaml
index 7120fc07..287d2b44 100644
--- a/bundle/manifests/bpfman-operator.clusterserviceversion.yaml
+++ b/bundle/manifests/bpfman-operator.clusterserviceversion.yaml
@@ -993,19 +993,21 @@ metadata:
       ]
     capabilities: Basic Install
     categories: OpenShift Optional
-    containerImage: quay.io/bpfman/bpfman-operator:latest
-    createdAt: "2025-06-03T12:16:50Z"

frobware

diff --git a/bundle/manifests/bpfman-operator.clusterserviceversion.yaml b/bundle/manifests/bpfman-operator.clusterserviceversion.yaml
index 7120fc07..f8e753ad 100644
--- a/bundle/manifests/bpfman-operator.clusterserviceversion.yaml
+++ b/bundle/manifests/bpfman-operator.clusterserviceversion.yaml
@@ -993,19 +993,21 @@ metadata:
       ]
     capabilities: Basic Install
     categories: OpenShift Optional
-    containerImage: quay.io/bpfman/bpfman-operator:latest
-    createdAt: "2025-06-03T12:16:50Z"

frobware

Konflux Image Nudge Files

This directory contains placeholder files that Konflux populates with image references during the build process. These files are used as "nudge files" to trigger rebuilds of dependent components when base images are updated.

Understanding the Nudge System

The Konflux nudge system coordinates component rebuilds when dependencies change. The terminology can be confusing, so here's the actual flow:

frobware

#!/bin/bash
# Generate Containerfile.bundle.openshift with current VERSION

script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
repo_root="$(cd "$script_dir/../.." && pwd)"

version_file="${repo_root}/VERSION"
output_file="${repo_root}/Containerfile.bundle.openshift"

if [ ! -f "$version_file" ]; then

frobware

#!/usr/bin/env bash

# bpfman-dev-container.sh
#
# Minimal, distrobox-free dev container with Nix mounts and sane TTY.
# /run and /tmp are tmpfs. Nix mounts only if /nix/store exists. Works
# with docker (and maybe with podman).

set -euo pipefail

frobware

Catalog: Red Hat Operators (redhat-operators)
   Packages: 1

└── Package: netobserv-operator
       Publisher: Red Hat
       Default Channel: stable
       ├── Channel: stable (Current: network-observability-operator.v1.9.0)
       │      ├── [OK] Bundle: network-observability-operator.v1.9.0 (v1.9.0)
       │      │      >>> CREATED: 2025-06-27T08:03:00
       │      │      >>> RELATED IMAGES:

frobware

#! /usr/bin/env bash

set -eu

# https://ostechnix.com/import-qcow2-into-proxmox/

storage=local-zfs
vmid=9115
image=Fedora-Cloud-Base-Generic-41-1.4.x86_64.qcow2
name=fedora-41-template

frobware

#0 building with "default" instance using docker driver

#1 [internal] load build definition from Containerfile.cross-build
#1 transferring dockerfile: 1.83kB done
#1 DONE 0.0s

#2 [internal] load metadata for docker.io/library/rust:latest
#2 ...

#3 [internal] load metadata for docker.io/library/debian:bullseye-slim