🔒 security Intermediate
⏱️ 14 min
Secure Your Blazor App with Authelia OIDC
Implement self-hosted Single Sign-On (SSO) for Blazor Server using Authelia and OpenID Connect (OIDC).
Articles tagged: security
15 articles found
🔒 security Intermediate
⏱️ 14 min
Hardening .NET Containers for Production
Stop running as root. Build secure, minimal container images for .NET applications using multi-stage builds and distroless/alpine bases.
🔒 security Advanced
⏱️ 30 min
Hardened Security: Signing Certificates with YubiKey
Elevating PKI security by moving the Root CA private key to a YubiKey hardware token, ensuring the most critical secret never creates a persistent footprint on disk.
🔒 security Intermediate
⏱️ 15 min
RBAC and Service Accounts in Kubernetes
Implement fine-grained access control with Kubernetes RBAC, service accounts, and least-privilege security patterns.
⚙️ infrastructure Intermediate
⏱️ 15 min
Secure Service Exposure with Cloudflare Tunnel
Safely exposing internal services to the internet without opening inbound ports using cloudflared and Zero Trust access policies.
🔒 security Advanced
⏱️ 17 min
Kubernetes Network Policies for Zero Trust Security
Implement network segmentation and micro-segmentation in Kubernetes using Network Policies for defense in depth.
🔒 security Advanced
⏱️ 25 min
Building a Private PKI: Root CA to Certificates
A step-by-step guide to bootstrapping a private PKI, from generating a Root CA to signing leaf certificates for internal microservices using OpenSSL.
⚙️ infrastructure Intermediate
⏱️ 15 min
Securing the Homelab: VLANS, Firewalls, and Hardening
A comprehensive guide to hardening your homelab environment using ufw, network segmentation with VLANs, and SSH key-based authentication.
🔒 security Intermediate
⏱️ 15 min
External Secrets Operator with Infisical
Synchronize secrets from Infisical to Kubernetes using External Secrets Operator for GitOps-friendly secret management.
⚙️ infrastructure Advanced
⏱️ 20 min
PostgreSQL Security Design for High Assurance
A comprehensive guide to securing PostgreSQL in a production environment, covering pg_hba.conf, enforced SSL/TLS, RBAC, Row-Level Security (RLS), and credential management with Infisical.
⚙️ infrastructure Advanced
⏱️ 20 min
Zero Trust Architecture: mTLS, Tokens, and Identity
Implementing 'Never Trust, Always Verify' in Kubernetes using Linkerd for mTLS, OIDC for user identity propagation, and Workload Identity for secure service communication.
⚙️ infrastructure Intermediate
⏱️ 15 min
Automating TLS Certificates with Cert-Manager
Stop manually renewing certificates. Set up Cert-Manager to automate Let's Encrypt DNS-01 challenges with Cloudflare.
⚙️ infrastructure Intermediate
⏱️ 18 min
Traefik Ingress Controller on Kubernetes
Configure Traefik as your Kubernetes ingress controller with TLS termination, middleware chains, and IngressRoutes for routing traffic.
🔒 security Advanced
⏱️ 15 min
Deploying Authelia: The Open Source Identity Provider
Host your own OIDC/OAuth2 Identity Provider with Authelia on Kubernetes. Secure your apps with 2FA, SSO, and fine-grained access control.
⚙️ infrastructure Intermediate
⏱️ 10 min
Tailscale Setup for Kubernetes Homelab Services
Securely exposing K8s services like API, MinIO, and databases using Tailscale sidecars and subnet routers for seamless access from anywhere.