How my approach to accessing my cluster evolved from IP allowlisting to the Tailscale Operator.
An introduction to using git commit --fixup and interactive rebase with autosquash to maintain a clean commit history.
How to overcome strictly read-only root filesystems on immutable Fedora images to run Nix.
How to use content-addressable hashes of build inputs to tag artifacts and skip redundant CI builds when nothing has changed.
A quick tip to check whether an IP address belongs to AWS, including which service and region it's in.
How to enable SSH on a NixOS guest, set up port forwarding through QEMU's user-mode networking, and copy your SSH keys so you can work from the host terminal.
How I moved my photo library from Google Photos to a self-hosted Immich instance, accessible from my phone anywhere via Tailscale.
How and why I added an optional birthDate field to systemd's userdb, the privacy-respecting architecture behind it, and why I think it's the right approach for Linux distributions facing upcoming age verification laws.
My reaction to Google's new "advanced flow" for sideloading Android apps, and why the extra friction is worth it to protect people from scams and surveillance.
How to work around ECR's lack of pull-through cache support for dhi.io by using regsync to automatically mirror Docker Hardened Images into your own ECR repositories.