Posts
Page 36 of 47
-
TCP Keepalives: Why Connections Die and How to Fix It
Long-lived connections dropping randomly? Your OS is killing them. Here's why keepalives matter and how to tune them.
6 min read -
Caddy Advanced: Automatic HTTPS, Plugins, and Config That Doesn't Make You Cry
Advanced Caddy server configuration: wildcard certs, Caddyfile matchers, Docker label integration, rate limiting, forward auth with Authelia, and the JSON API.
8 min read -
Auditd & Audit Logging: Know Exactly Who Touched What on Your Server
Master auditd for Linux audit logging: watch critical files, audit syscalls, use aureport and ausearch, and ship logs to Loki or Elasticsearch for compliance and security monitoring.
9 min read -
Time Sync on VMs: Why NTP Keeps Drifting
Your VM's clock is off by minutes. NTP is running but your system still drifts. Here's why.
5 min read -
HashiCorp Vault: Stop Hardcoding Secrets Like It's 2012
HashiCorp Vault tutorial: Docker Compose setup, KV v2 secrets, AppRole auth, dynamic database credentials, PKI engine for internal certs, and auto-unseal with cloud KMS.
8 min read -
Woodpecker CI vs Drone CI: Lightweight Pipelines for People Who Hate Waiting
Woodpecker CI vs Drone CI compared: container-native pipelines, YAML syntax, Gitea integration, and why the license drama matters for self-hosters.
8 min read -
The MTU Problem Nobody Diagnoses Correctly
MTU mismatches silently break large file transfers, backups, and video calls. Here's how to find and fix the wrong frame size on your network.
5 min read -
VPN Kill Switch and DNS Leak Prevention: Paranoia, Justified
Set up a WireGuard VPN kill switch and prevent DNS leaks on Linux. Practical iptables rules, resolv.conf locking, and systemd-resolved config.
8 min read -
BGP in Your Home Lab: Dynamic Routing for People Who've Run Out of Static Routes
Run BGP in your home lab with FRRouting. Covers iBGP vs eBGP, FRR installation, basic BGP config, peering with OPNsense, route filtering, and when BGP is actually worth the complexity.
7 min read -
Plausible vs Umami: Privacy-Friendly Analytics That Won't Creep Out Your Users
Compare Plausible vs Umami for self-hosted, privacy-friendly web analytics. Ditch Google Analytics and keep your users' data off ad networks.
8 min read -
DNS Troubleshooting from the Command Line
DNS broke again. Here's the exact command sequence to figure out what's happening without touching a GUI.
6 min read -
Tailscale Deep Dive: Mesh VPN That Just Works (and Why That's Suspicious)
Go beyond tailscale up with ACL policies, exit nodes, subnet routers, and MagicDNS. Plus: self-host your own control plane with Headscale for full independence.
8 min read
