Self hosted cybersecurity dashboard
Introduction I’ve been struggling for a while to find a good central place to keep up with cybersecurity news. I tried RSS readers, I tried newsletters, I tried a few aggregator sites. Nothing really stuck. Either the UI annoyed me, or the sources were too broad, or I’d end up with the same story duplicated…
Separation of concerns of VPS and Docker apps
Introduction I’ve been working on a clean, reusable setup for running my own apps on a Virtual Private Server (VPS), specifically on Hetzner Cloud. The result is three open source repositories that take you all the way from bare metal to running Nginx, WordPress, and Nextcloud behind a proper reverse proxy, with automatic SSL certificates…
Automated secured Hetzner VPS
Introduction A few weeks ago we setup a cool VPS with WordPress, Traefik, etc. in an automated way. The only downside was that is could not be managed with the same code (only setup once), as explained in the post. Today we’re setting up a complete, automated WordPress hosting solution using OpenTofu, cloud-init and Ansible;…
7 WordPress plugins I install before the theme
Introduction Forget the “Top 50 Essential Plugins” lists. Most plugins are bloated garbage that slow your site to a crawl. After a decade of debugging sites at 3 AM, I’ve narrowed it down to seven pieces of infrastructure. These handle the invisible work, being speed, security, and not losing data. Akismet anti-spam by Automattic Of…
Oneshot secured Hetzner VPS
Introduction A complete, automated WordPress hosting solution using OpenTofu, Docker, and Traefik. Deploy a secure, fast WordPress site to Hetzner Cloud in minutes with TLS, caching, and security hardening out of the box. Find the code here. Update: I’ve split the code into 3 repos, making it more scalable for future deployments. Deploy them in…
From platform engineer to threat hunter
Introduction I’ve spent the last decade automating everything that moves. Turning VMs into containers, containers into orchestrated workloads, and Git repos into self-healing production platforms. I’m a Kubernetes platform engineer by trade, addicted to GitOps, service meshes, and the beautiful chaos of multi-cluster architectures. But lately? I’ve been spending more time thinking about how to…