Infra
-
GitOps with Flux vs Argo on a small team
After a year on Flux and a quarter on Argo, here is a practical comparison from a four-person platform team
-
DNS-01 challenges with a split-horizon DNS
Getting Let's Encrypt DNS-01 working when the authoritative internal view is different from the public view, without pulling my hair out
-
Sizing a UPS for a quiet homelab rack
How I sized (and then re-sized) a UPS for a homelab that started small and grew, and the surprising role of runtime vs capacity
-
Baking Hetzner images with Packer and cloud-init
Our Hetzner fleet went from 'cloud-init runs for four minutes per boot' to 'image is ready in seconds' with a reasonable Packer pipeline
-
Ansible at scale: where it breaks for us
Ansible got us from 10 to 200 managed hosts, but somewhere between 500 and 1000 it started to grind, and here are the specific pain points
-
Nomad vs k8s for a homelab in 2024
I ran a small Nomad cluster next to my k3s for a month to compare, and I have unsurprising opinions
-
Terraform state locks and the S3 bucket that wouldn't let go
A CI job was killed mid-apply and left a DynamoDB lock behind, and the recovery taught me to be much more careful about force-unlock
-
systemd timers and the clock drift that ate our backups
Our backups stopped running for nine days and the cause was a quiet combination of OnCalendar, RandomizedDelaySec, and a drifting RTC
-
Moving a service from Go to Rust, an honest report
Four months, one service rewrite, the wins were not the ones I expected and the costs were larger than I thought
-
http.Client tuning for a flaky upstream
A checklist of the settings I reach for when a Go service needs to talk to an upstream that's... not great
-
The day I learned Mach-O segments matter
Shipping a Go binary that loaded fine on Linux but segfaulted on macOS led me down a rabbit hole of executable file formats
-
The GC knob that actually helped
GOMEMLIMIT is the Go runtime environment variable I wish I'd known about a year earlier