Archives
All the articles I've archived.
-
Backing Up Databases and Files to S3 with Restic + Healthchecks
Updated:A practical guide to backing up databases and files to S3 with Restic and Healthchecks monitoring: encryption, deduplication, scheduling, and restore verification.
-
A Lightweight Proxy
Updated:How to quickly spin up a lightweight proxy server in Docker for testing, CI/CD and temporary infrastructure: minimal configuration and launch in a couple of minutes.
-
20 Cybersecurity Tools for 2025
An overview of 20 cybersecurity tools for 2025 for pentesting and auditing: scanners, exploitation frameworks, traffic and network analysis — with usage examples.
-
A Minimal Zsh Setup on macOS
Updated:A minimal Zsh setup on macOS without heavy frameworks: autocompletion, syntax highlighting, a handy prompt, and aliases — fast and free of bloat.
-
Installing Kali Linux on a Hetzner Server
How to install Kali Linux on a Hetzner server with no prebuilt image: booting via the rescue system, partitioning disks and deploying for cloud pentesting.
-
A Guide to Setting Up pgBackRest for PostgreSQL
A guide to setting up pgBackRest for PostgreSQL: full and incremental backups, S3 storage, point-in-time recovery (PITR), and backup verification.
-
NetBird: A Modern Zero Trust VPN
NetBird is a modern self-hosted Zero Trust VPN built on WireGuard: peer-to-peer connections, automatic NAT traversal, and simple access control with no single point of failure.
-
Standardization in Security: ISO/IEC 19249
An overview of the ISO/IEC 19249 standard: security architecture and system design principles — how to bring scattered protection practices into a single model.
-
A Complete Guide to Preparing for and Playing CTF (Capture The Flag)
A complete guide to preparing for CTF (Capture The Flag): challenge categories, tools, practice resources, and a step-by-step strategy for competing successfully.
-
Container Security: A Practical Checklist for Implementation
Updated:A practical security checklist for Docker and Kubernetes containers: images, privileges, secrets, networking, and runtime — what to verify before shipping to production.
-
YubiKey 5
YubiKey 5 — a multi-protocol hardware key for two-factor authentication: FIDO2, U2F, OTP, PGP, and SSH — how to set it up and why you need it.
-
Backing Up Docker Containers with Offen
How to set up automated daily backups of Docker volumes to S3 with offen/docker-volume-backup: configuration, scheduling, encryption and restore.
-
MDT Deployment & Administration. Part 4: Bootstrap.ini and CustomSettings.ini
Deploy Windows with MDT, part 4: configure Bootstrap.ini and CustomSettings.ini to automate installation parameters and customize the deployment process.
-
Obtaining an SSL Certificate with Cloudflare and Let's Encrypt, and Configuring Nginx
How to obtain a free Let's Encrypt SSL certificate, set it up with Cloudflare, and wire it into Nginx: a step-by-step guide with HTTPS and automatic renewal.
-
MDT Deployment & Administration. Part 3: Creating a New Task Sequence
Updated:Deploy Windows with MDT, part 3: create a new Task Sequence — a step-by-step walkthrough of configuring the task sequence for automated OS installation.
-
MDT Deployment & Administration. Part 2: Installing and Configuring MDT
Updated:Deploy Windows with MDT, part 2: install and configure Microsoft Deployment Toolkit, create a deployment share, and prepare your install.wim images.
-
MDT Deployment & Administration. Part 1: Installing and Configuring WDS
Deploy Windows with MDT, part 1: install and configure WDS (Windows Deployment Services) for PXE network boot and fully automated OS installation.
-
Getting Started with Docker
An introduction to Docker for beginners: what containers, images, and volumes are, how they differ from virtual machines, and how to run your first application.
-
Proxmox Cloud-Init 24.04 Tutorial
How to create an Ubuntu 24.04 virtual machine template in Proxmox with Cloud-Init: automating VM setup, SSH keys, and fast cloning — step by step.
-
Order in IT: On the Importance of Pulling Up Baobabs
Why it matters to fix small problems in your IT infrastructure before they grow out of control: on technical debt, order, and the discipline of operations.
-
Getting Started with SSH
An introduction to SSH for beginners: how the secure remote access protocol works, generating keys, connecting to a server, and basic commands.
-
Cloudflare Zero Trust
Set up secure access to self-hosted services with Cloudflare Zero Trust and Tunnel: no open ports, with authentication and access policies built in.
-
Proper, Secure SSH Configuration
How to securely configure an SSH server: keys instead of passwords, disabling root login, changing the port, fail2ban, and other practices to defend against brute-force and attacks.
-
SSL Certificates Made Simple
Updated:A simple explanation of SSL/TLS certificates: what X.509 is, how encryption works, the chain of trust, and why a website needs HTTPS — without unnecessary theory.