networking

I have spent some time last year implementing Cloudflare Tunnels on my Home Assistant and my Synology NAS. On Mastodon, I had not one but two commenters advertising for Tailscale: Post by @frankel@mastodon.top View on Mastodon I decided to give it a try and migrate my servers and devices to Tailscale. In this post, I want to describe how I did. Thanks to Heiko Does and higgins for prompting me to look further! What is Tailscale, how and why? A Zero Trust identity-based connectivity

Last week, I described a gloomy situation: all public TLS certificate providers log your requests. By browsing through the subdomains, one can get their respective IP addresses. If one of them points to your home route, they know your general location. I analyzed several solutions and decided to use wildcard certificates, which don’t leak subdomain information, while continuing to use Let’s Encrypt. My solution caters to my Synology NAS, as it’s the one I’m using. Gett

I recently learned about a new way to leak your privacy, and it’s a scary one. Before going further, know that I’m not a network engineer: perhaps if you work in the field, you’ve known it for your whole career, but it’s quite new to me. Let me share my findings and you can judge. Because the original post was quite lengthy, I broke it down into two instalments, the problem and the solution. The problemThe solution

I recently learned about a new way to leak your privacy, and it’s a scary one. Before going further, know that I’m not a network engineer: perhaps if you work in this field, you’ve known it for your whole career, but it’s quite new to me. Let me share my findings, and you can judge for yourself. Since the original post was quite lengthy, I have broken it down into two installments: the problem and the solution. The situation I own my own domain. I’ve created mu

Kubernetes is a colossal beast. You need to understand many different concepts before it starts being useful. When everything is set up, you’ll probably want to expose some pods to the outside of the cluster. Kubernetes provides different ways to do it: I’ll describe them in this post.