Tag
Networking
8 articles
- HA DNS for Homelab: Unbound + AdGuard Home + Keepalived on Raspberry Pi27 Jun 2026A two-node recursive DNS stack with ad filtering, automatic config sync, and transparent failover — fully managed with Ansible.
- Self-Hosted Tailscale Control Plane: Headscale on k3s with Authelia OIDC13 Jun 2026Deploy Headscale on a bare-metal k3s cluster with Longhorn persistence, Traefik ingress, and Authelia OIDC authentication — fully GitOps-managed via ArgoCD.
- Bare-Metal LoadBalancer on K3s: MetalLB + Traefik with ArgoCD18 May 2026How to get a real external IP on a bare-metal Kubernetes cluster using MetalLB L2 mode, and wire it up with Traefik for automatic HTTPS — fully GitOps-managed with ArgoCD.
- Breaking the Loop: Solving Circular Dependencies in Azure Firewall Routing07 May 2026How to implement Azure Firewall Forced Tunneling in Terraform without triggering cycle errors, and why a simple 0.0.0.0/0 route will instantly break your Windows VMs.
- Automating MikroTik WireGuard VPN with Role-Based Access via Terraform05 May 2026Deploy a WireGuard VPN on MikroTik using Terraform. Learn how to implement role-based network access, isolating mobile devices from full admin laptops.
- Automating MikroTik Bridge VLAN Filtering & Proxmox Trunks with Terraform04 May 2026Master MikroTik's notoriously complex Bridge VLAN Filtering. Learn how to automate dynamic VLAN matrices, Proxmox trunk ports, and edge devices using Terraform.
- Surviving Azure Policies: Zero-Trust Hub & Spoke with Terraform03 May 2026How to build an enterprise-grade Azure network architecture that blocks internet traffic by default and survives aggressive DeployIfNotExists (DINE) policies — without breaking your CI/CD pipeline.
- Implementing a Zero-Trust MikroTik Firewall with Terraform03 May 2026Learn how to enforce strict VLAN isolation, fast-track traffic, and build a default-deny firewall for MikroTik RouterOS using Infrastructure as Code.