How to use content-addressable hashes of build inputs to tag artifacts and skip redundant CI builds when nothing has changed.
A quick tip to check whether an IP address belongs to AWS, including which service and region it's in.
How to enable SSH on a NixOS guest, set up port forwarding through QEMU's user-mode networking, and copy your SSH keys so you can work from the host terminal.
How I moved my photo library from Google Photos to a self-hosted Immich instance, accessible from my phone anywhere via Tailscale.
How and why I added an optional birthDate field to systemd's userdb, the privacy-respecting architecture behind it, and why I think it's the right approach for Linux distributions facing upcoming age verification laws.
My reaction to Google's new "advanced flow" for sideloading Android apps, and why the extra friction is worth it to protect people from scams and surveillance.
How to work around ECR's lack of pull-through cache support for dhi.io by using regsync to automatically mirror Docker Hardened Images into your own ECR repositories.
How I set up Headlamp, metrics-server, and kube-prometheus-stack to get full observability into my OKE cluster without deploying a single web UI into the cluster itself.
A neat Git trick to configure multiple push URLs on a single remote so you can mirror your repositories with every push.
How I replaced self-signed certificates with automated Let's Encrypt TLS on my Kubernetes cluster using cert-manager, DNS-01 validation through Cloudflare, and External Secrets Operator for secure token management.