In today's digital landscape, serving APIs has become increasingly challenging. The task of exposing data and functionality to legitimate users has evolved into a complex battle against automated attacks, aggressive crawlers, and misguided AI training attempts. The challenge isn't just technical—it's philosophical. How …

That will be a short microblog-style post. As you may know AWS Community Builders, as part of the program benefits are receiving 500$ per year of AWS Cloud credits. Seems a lot, however, domain name registration is excluded, also based on on-demand pricing, 500$ is ok for test ideas, or writing content. Not very good, …

Recently you were able to read. about S3 security, and methods of avoiding common misconfiguration with the usage of standard and well-known tools. The fact that AWS offers a set of access control mechanisms designed to protect S3 resources, including: Access Control Lists (ACLs) Identity and Access Management (IAM) …

In September this year, I will officially mark 10 years in the IT box. For most of my professional life, I was focused on system administration, automation, DevOps, and a bit of public/hybrid cloud. There was always security, but rather a nice-to-have topic, not the main pillar. Some time ago I decided, that I would …

As you may already know, or not. I'm self-hosting a view apps, where it doesn't mean home-labbing them. My flat wasn't designed to have network cables in all rooms, and storing more units than Synology NAS, HomeAssistant, RasbberyPi and Router on a tiny Ikea shelf could be a dangerous situation. That is why I'm not …

That is the next iteration of the "5 AM Club" Kubernetes migration. As you can remember from other entries published in this series, I started playing with Kubernetes daily. Not on a daily basis, but literally every single day. To be honest, I'm pretty happy with the results. However, my plan has one challenge, that …

Last time we configured our cluster step by step maybe without public code yet, but someday I will publish it. Probably when it will be smooth enough to share. Nevertheless, we have a working cluster. Today I will focus on connecting the External Secret Operator with Doppler. So let's introduce today's stars. External …

Over some time I was really happy with my podman + ansible setup. It was great, but do you know what wasn’t such great? Deployment rollbacks. It all started with linkwarden. On my miniflux, I received a notification - that a new minor release is ready. You can use GitHub repos as RSS links and received notification …

I've been a self-hoster for a while. The adventure started with regular mani-pc manufactured by HP. 32G of RAM, Intel gen 10, and 1T HDD drive. However, as long as it was a great experience at the beginning, with time it became a challenge. My stack was built with portainer and a bunch of docker-compose files. It leads …

At the beginning of September, I saw a post from Johannes Koch about self-hosting CodeCommit alternative. Then I realized, that I'm using my home, not such a popular, but very nice and solid git repository system. To be more precise, much more than a git server. Let's welcome OneDev. Git server with CI/CD, kanban, and …