All Posts
Restoring a Kubernetes app isn't just kubectl apply
February 2026 — backup is easy, restore is where you find out if your backup actually works
Every infrastructure guide talks about backups. Almost none talk honestly about restores.
Ending the commit storm: validating FluxCD manifests locally before they hit the cluster
February 2026 — on the commit history that nobody wants to show their colleagues
Every GitOps practitioner has a section of their git history they’d rather not talk about.
One Postfix to route them all: self-hosted multi-tenant mail delivery
January 2026 — on getting email routing right when you have more than one domain
Most self-hosted email guides start with a single domain. Install Mailu or Mailcow, point MX at your server, done. That works well until you have multiple domains that need to receive mail, or you’re providing mail routing for several distinct tenants, or you want a single SMTP gateway that routes inbound mail to different downstream servers based on recipient domain.
119 commits in one day: what happens when AI meets GitOps without guardrails
January 2026 — a post-mortem on why your branch protections mean absolutely nothing when an AI is at the wheel
It started with a reasonable idea
I run a self-hosted Kubernetes cluster. FluxCD manages the entire thing — GitOps, reconciliation loops, the works. Git is the source of truth. It’s a clean, elegant system. You push to main, the cluster updates. Simple.
Docker as a factory: fixing broken GPU software without touching the OS
January 2026 — when a friend’s astrophotography software broke and the internet said “reinstall Ubuntu”
A friend of mine called me with a problem. She had a new machine with an RTX 5060 Ti, PixInsight installed natively, and BlurXTerminator — a GPU-accelerated AI denoising plugin for astrophotography — completely broken. The plugin requires libtensorflow 2.11 and CUDA 11.8. Ubuntu 24.04 ships with newer versions. Installing the old ones manually breaks other system libraries.
One curl command to a GitOps-ready RKE2 cluster
December 2025 — because “fresh cluster” should not take a day
Every time I’ve needed to spin up a new Kubernetes cluster — new hardware, new lab environment, disaster recovery test — I’ve gone through the same ritual. RKE2 install. Wait. Get the kubeconfig. Install ArgoCD. Wait. Bootstrap the application of applications. Configure SSH keys for GitLab access. Wire up the GitOps repo.