Infrastructure Articles

Running a complex microservices stack on limited hardware. How we use .NET 10 Chiseled Ubuntu images and Native AOT to slash memory usage.

Building the ultimate developer portal for the home lab. We integrate 'gethomepage', Spotify Backstage, and secure it all with Authelia SSO.

Benchmarking storage tiers for BlueRobin. Why databases need local NVMe paths while object storage thrives on the NAS.

Deploy and integrate MinIO for S3-compatible object storage with per-user buckets, encryption, and lifecycle policies.

Safely exposing internal services to the internet without opening inbound ports using cloudflared and Zero Trust access policies.

How we use n8n as the 'glue' code for BlueRobin. Empowering low-code automation to handle document notifications, Telegram alerts, and system maintenance tasks.

Deploy Longhorn for persistent distributed block storage in Kubernetes with replication, snapshots, and disaster recovery.

Deploy and configure MetalLB for load balancing in bare metal Kubernetes clusters with L2 and BGP modes.

Manage Kubernetes configurations across environments with Kustomize overlays, patches, and ConfigMap generators.

A comprehensive guide to the hardware powering BlueRobin. From Ryzen processors and 128GB RAM to configuring TrueNAS Scale for Kubernetes storage via iSCSI and NFS.

A comprehensive guide to hardening your homelab environment using ufw, network segmentation with VLANs, and SSH key-based authentication.

Why we abandoned the cloud for bare metal. A deep dive into the cost savings, performance gains of 10GbE, and total data sovereignty of running BlueRobin on-premise.

Exploring the highs of global distribution and the lows of execution limits. A candid look at when to embrace Cloudflare Workers and when to stick with containers.

A streamlined guide to setting up the full BlueRobin stack locally, from secret management with Infisical to running microservices with shared infrastructure.

A comprehensive guide to securing PostgreSQL in a production environment, covering pg_hba.conf, enforced SSL/TLS, RBAC, Row-Level Security (RLS), and credential management with Infisical.

Implementing 'Never Trust, Always Verify' in Kubernetes using Linkerd for mTLS, OIDC for user identity propagation, and Workload Identity for secure service communication.

A practical cluster setup guide for running BlueRobin-style agentic services with reliable data, messaging, and observability foundations.

How to run a full .NET + AI development environment remotely with VS Code, Kubernetes, and a persistent dev container pod.

Stop manually renewing certificates. Set up Cert-Manager to automate Let's Encrypt DNS-01 challenges with Cloudflare.

Revolutionizing cluster operations by replacing kubectl with natural language interaction using the Kubernetes MCP Server.

Configure Traefik as your Kubernetes ingress controller with TLS termination, middleware chains, and IngressRoutes for routing traffic.

An end-to-end deployment walkthrough for introducing a new AI service with environment overlays, secret wiring, and production-safe defaults.

Learn how to implement GitOps for your Kubernetes cluster using Flux CD, including repository structure, Kustomize overlays, and automated image updates.

Complete guide to deploying the BlueRobin Telegram Bot on Kubernetes, covering Docker builds, Kustomize overlays, secrets management with Infisical, and GitOps with Flux CD.

Securely exposing K8s services like API, MinIO, and databases using Tailscale sidecars and subnet routers for seamless access from anywhere.