Posts
Welcome to my blog, where technology meets creativity! In this section, you’ll find insights, tutorials, and deep dives into technology, DevOps, and open-source tools. Whether you’re a seasoned professional or just starting your journey, these posts are crafted to share knowledge, solve challenges, and inspire innovation. Dive in and explore the world of possibilities!
Hardening Kubernetes Nodes on Ubuntu
A CIS Benchmark Approach
Hardening a Kubernetes cluster begins at the node level. This guide explains how to secure Ubuntu-based Kubernetes nodes by applying the CIS (Center for Internet Security) Benchmark, which provides a detailed set of best practices for reducing vulnerabilities and strengthening your security posture. The CIS Benchmark outlines comprehensive security standards for various systems, including operating systems, applications, and network devices. Its recommendations help organizations adhere to...
Understanding the Components of Kubernetes
Understanding the Basics Part 2
Kubernetes is renowned for its ability to orchestrate containerized applications at scale. To fully appreciate how it works, it’s important to understand the key components that make up its architecture. In this article, we’ll dive into the core building blocks of Kubernetes, the Control Plane and the Worker Nodes, explaining their roles and how they work together to deliver a resilient, scalable system. The Kubernetes Control Plane The control plane acts as the “brain” of a Kubernetes cluster....
Introduction to Kubernetes
Understanding the Basics
Kubernetes has emerged as one of the leading platforms for managing containerized applications at scale. In this article, we’ll provide a high-level overview of Kubernetes, explore its core architecture and highlight how it compares to Docker or Nomad, setting the stage for deeper dives in future posts. What is Kubernetes? Kubernetes is an open-source container orchestration platform designed to automate the deployment, scaling, and management of containerized applications. It evolved from the...
Managing Multiple Tool Versions with asdf
A DevOps Essential
As a DevOps engineer, working across multiple projects often means juggling different versions of programming languages, infrastructure tools, and CLIs. Using system-wide installations can quickly lead to version conflicts. Enter asdf (Another Shell Development Framework), a powerful version manager that simplifies this process by managing multiple tool versions per project. In this article, we’ll cover: Why asdf is useful Installing asdf Managing Go and Terraform versions Automating asdf...
Configuring ArgoCD with Zitadel via Helm
Using External Secrets for OIDC
When integrating ArgoCD with an OpenID Connect (OIDC) provider like Zitadel, managing secrets securely is crucial. While the official documentation provides comprehensive guidance, this article focuses on a Helm-based setup where ArgoCD retrieves OIDC credentials from an external Kubernetes Secret. In this guide, we’ll configure ArgoCD’s OIDC integration with Zitadel via Helm, ensuring that client credentials are stored securely in a Kubernetes Secret rather than being embedded in...
Integrating Zitadel as an OIDC Provider in Grafana
Improve your Grafana authentication flow with Zitadel’s OpenID Connect integration
While securing my Grafana instance with Zitadel as an OpenID Connect (OIDC) provider, I encountered several challenges and gained valuable insights. Since documentation on this integration is limited, I’m sharing my step-by-step guide to help others set up Zitadel authentication for Grafana with ease. What is Grafana? Grafana is an open-source platform for monitoring and observability, widely used to visualize and analyze time-series data from various sources like Prometheus, InfluxDB, and...
The Ultimate Guide to WebAuthn & FIDO2
Securing Your Digital Life with YubiKey
In today’s digital world, security threats are everywhere. From password breaches to sophisticated phishing attacks, online accounts are constantly at risk. Despite the growing awareness of cybersecurity, many people still rely on weak or reused passwords, making them vulnerable to hacking attempts. Even two-factor authentication (2FA), a widely recommended security measure, isn’t always foolproof—especially when using SMS-based codes, which can be intercepted through SIM-swapping attacks. This...
Building and Running Multi-Arch Containers with Podman
A Guide to Docker Hub Integration
In today’s software ecosystem, containerization has become a cornerstone of modern development and deployment workflows. Tools like Docker and Podman have empowered developers to encapsulate applications and their dependencies into portable, lightweight containers. However, as we move toward a multi-architecture world—driven by the rise of ARM-based systems such as Raspberry Pi, Apple Silicon, and even ARM-based cloud instances—ensuring that your containers can run seamlessly across different...
Effortless Multi-Arch Docker Images with GoReleaser and GitHub Actions
Streamline Your CI/CD Pipeline for Multi-Platform Docker Image Builds
Releasing software can be a tedious process, especially when managing multiple architectures and platforms. GoReleaser is a powerful automation tool for Go projects that simplifies the build, release, and publishing steps, offering extensive customization. With GoReleaser, you can automate everything from compiling binaries and building Docker images to publishing releases with minimal configuration. In this post, I’ll walk you through how to leverage GoReleaser to build multi-architecture...
Migrate from Medium to Hugo
Own Your Blog, Own Your Style
Medium has long been a favorite platform for writers, bloggers and for me, offering a user-friendly interface and an audience-ready environment. But over time, its limitations can become apparent—limited customization, paywalls, and lack of true ownership over your content. That’s where Hugo comes in, a static site generator that empowers you to create a fully customized blog with your own domain, hosted wherever you choose. Migrating to Hugo means embracing the freedom of full control, but...
Create Your Personal Page Today
Host It for Free on GitHub Pages!
Hi there! If you work in IT, you should consider creating a personal webpage. A personal webpage can serve as a professional portfolio, a digital business card, or even a space to share your thoughts and projects. In this article, we’ll explore static site generators, tools that make it easy to create fast, secure, and scalable websites. There are countless static site generators to choose from, such as Jekyll, Docusaurus, Gatsby and Hugo. For simplicity and efficiency, we’ll focus on Hugo in...
Mastering GPG Keys
Securely Managing your Digital Identity with KDE Wallet
In the digital age, safeguarding your data and verifying your identity online are more critical than ever. GNU Privacy Guard (GPG) offers a robust solution for these needs through encryption and digital signing. This article explores the foundational concepts of GPG keys, their practical applications, and how to enhance their usability by securely storing passphrases in KDE Wallet. What Are GPG Keys? GPG, or GNU Privacy Guard, is an implementation of the OpenPGP standard, designed to provide...
Streamline Your SSH Workflow
With KDE Plasma’s Wallet and ksshaskpass
In the world of secure communication, SSH (Secure Shell) is a cornerstone technology, enabling encrypted connections to remote servers. For KDE Plasma users, managing SSH keys and agents can be both secure and seamless, thanks to powerful tools like ksshaskpass, KDE Wallet, and the built-in SSH agent. This article dives into the essentials of SSH management on KDE Plasma. Whether you’re new to SSH or looking to optimize your workflow, you’ll learn how to create SSH keys, understand the role of...
Remapping the Caps Lock key in macOS Big Sur
I’ve been using the Happy Hacking Keyboard (HHKB) for a few years now, and it’s been a game-changer. One of its standout features is replacing the Caps Lock key with a Control key, a small change that makes a huge difference for my workflow. The problem? Switching to my MacBook keyboard always felt jarring because the Control key wasn’t in the same place. But there’s good news: macOS lets you remap keys natively, and it’s super easy to do. Here’s how you can remap the Caps Lock key to Control...
Homebrew errors after upgrading to macOS 11.0 Big Sur
Hi there, After upgrading to macOS Big Sur, I encountered some errors while trying to use Homebrew. It turned out that I needed to reinstall the Command Line Tools (CLT) to get Homebrew working again. Here’s a quick walkthrough of the issue and how I resolved it. The Problem When running a brew upgrade command for ruby-build, I encountered the following warning and error: ❯ brew upgrade ruby-build --fetch-HEAD Updating Homebrew... ==> Auto-updated Homebrew! Updated 1 tap (homebrew/core)....
How to get the full resolution out of the Samsung CRG9
Hi there, After a long search for a way to run two widescreen monitors with my MacBook Pro, I finally found a setup that works. I struggled to figure it out using online guides, so I ended up buying several USB-C to HDMI adapters that didn’t solve the problem. Eventually, I discovered that a USB-C to DisplayPort adapter was the key. Here’s my current setup: I ordered the KabelDirekt USB-C to DisplayPort Adapter from Amazon and connected it to my Samsung CRG9 monitor. This allows the Samsung to...
How to run multiple Teams instances on Mac
Today we take a look at a solution, how to open 2 teams instances on the Mac simultaneously. I have been looking for a solution that would allow me to do this for a long time, because I have to be active in 2 teams in 2 instances for professional reasons. So it’s that simple, we installed the native teams app and use it as our first instance, if we want to run a second teams app, we can simply install the Microsoft Edge Browser from the APP store and go to https://teams.microsoft.com/, there we...
Problems with git commit autosigning on mac
If you’ve enabled GPG signing for Git commits on macOS, you might occasionally encounter this frustrating error message: ❯ git commit -m 'Test' error: gpg failed to sign the data fatal: failed to write commit object This happens when the GPG agent gets stuck or isn’t properly configured. Here’s how to fix it. Quik fix If you need a quick solution, you can restart the GPG agent using the following command: pkill -9 gpg-agent && export GPG_TTY=$(tty) This will...
How to Gitconfig
A practical Guide to managing multiple git Users
When working with Git, having an organized and efficient configuration can make a world of difference. Over the past few days, I’ve been diving deep into my .gitconfig, tweaking it to suit both my personal and professional needs. In this article, I’ll walk you through the steps I took to set up a clean and flexible Git configuration, including managing multiple users, enabling GPG signing, and using a global .gitignore for a smoother development experience. Whether you’re just starting...