Tag

Security

7 articles

Self-Hosted Tailscale Control Plane: Headscale on k3s with Authelia OIDC

13 Jun 2026

Deploy Headscale on a bare-metal k3s cluster with Longhorn persistence, Traefik ingress, and Authelia OIDC authentication — fully GitOps-managed via ArgoCD.
Wildcard TLS Certificates on K3s with cert-manager and Cloudflare DNS

22 May 2026

How to automate wildcard Let's Encrypt certificates on a bare-metal K3s cluster using cert-manager's DNS-01 challenge with Cloudflare — and why HTTP-01 won't work for internal services.
NIS2 Article 21 in Azure: Implementing Network Security Controls with Terraform

17 May 2026

A technical deep-dive into the network security requirements of NIS2 Article 21 and how to implement them in Azure using Terraform — with concrete code, not legal theory.
Enterprise Homelab: K3s, Authelia & Longhorn on Proxmox with Terraform

16 May 2026

How to build a production-grade Kubernetes homelab with K3s, Authelia SSO, Longhorn storage, and ArgoCD — and the five painful mistakes that will cost you hours if you don't know about them.
Surviving Azure Policies: Zero-Trust Hub & Spoke with Terraform

03 May 2026

How to build an enterprise-grade Azure network architecture that blocks internet traffic by default and survives aggressive DeployIfNotExists (DINE) policies — without breaking your CI/CD pipeline.
Implementing a Zero-Trust MikroTik Firewall with Terraform

03 May 2026

Learn how to enforce strict VLAN isolation, fast-track traffic, and build a default-deny firewall for MikroTik RouterOS using Infrastructure as Code.
Hardening Azure Acmebot for ISO 27001 & NIS2 Compliance

01 May 2026

A deep dive into architecting a Zero-Trust Let's Encrypt automation using Terraform, Azure Private Link, and VNet Integration.