Flatcar Linux is a fork of the now defunct CoreOS, specifically designed to run container workloads. It has an immutable root file system and automatic updates, and here’s how you can run it as a VM under Incus.

Incus helps you manage both containers (LXC) and virtual machines (QEMU), and while many images come prepared, FreeBSD is not one of them: here’s how to set it up.

FrankenPHP is a “modern application server for PHP built on top of the Caddy web server”, which in its simplest form lets you serve PHP apps without the nginx/apache config salad you may be used to. Here’s how to set it up as a service on Debian.

This post is about multiple components involved in deploying FreeBSD to a VMware environment. Since there are many moving parts this may also be interesting in general to anyone doing “infrastructure as code” and cloud deployments, the process is quite similar for Linux.

On newer versions of Debian and Ubuntu, the way repos are authenticated through public keys has changed somewhat. Here’s what I’ve found.

Wildcard certificates are really useful, especially in cases where you are using a load balancer like HAProxy that targets multiple backends serving separate subdomains.

VLC has always been a great piece of software, but one place where is really shines is on iOS/tvOS since it allows you to play pretty much any video file, and you can send that file over curl.

Not all devices are capable of handling captive portals. Problematic devices usually include older hardware with outdated browsers, such as “smart” TVs, gaming consoles and the like.

Ubuntu makes it very easy to set up full disk encryption, but it requires you to wipe the entire disk if you want the wizard to do it for you, so this is how you can set it up manually.

While Linux Unified Key Setup — LUKS — is mostly used to encrypt entire disks under Linux, it can also be used to easily create an encrypted file container. This can be used as an alternative to encrypting something like a .tar.gz file directly, and will be easier to mount and read, without having to write decrypted data to disk.