Devops

Maintaining the reliability of critical services often requires continuous monitoring of their health and automatic recovery in case of failures. While Kubernetes offers built-in liveness and readiness probes for containerized applications, Linux system administrators can implement similar health checks and automated restarts for services managed by systemd. This article explores practical ways to perform health monitoring using systemd, focusing on DNS availability checks as an example, and how to configure systemd to automatically restart services that become unhealthy.

Running BuildKit in rootless mode increases your security and flexibility when building container images, especially on multi-user systems or CI environments where root privileges are restricted. This method uses a dedicated user and systemd service for isolation and automation, ensuring clean operation without elevated permissions. Docker is installed to provide a familiar runtime for container operations, while RootlessKit bridges the gap needed for rootless containerization.

This tutorial guides through installing Sonatype Nexus Community Edition on Ubuntu with PostgreSQL, configuring permissions, setting up reverse proxy with Nginx, and optimizing Nexus settings.

If you use KeePass to manage your passwords, you can securely automate database unlocking at boot or login using the {PASSWORD_ENC} placeholder. This guide combines best practices, official documentation, and user insights, and now also explains how to set up your script to run automatically from the Windows Startup folder. Additionally, it details how KeePass’s Auto-Type feature works, including window title matching for automatic credential filling.

Nagios can remotely monitor a Proxmox server by running custom scripts via the NRPE agent. For backups, the goal is to calculate the total size of files in the backup directory modified in the last 7 days and alert if the backup size falls below or exceeds desired thresholds.

Keeping your VPN connections robust is essential, especially when using WireGuard tunnels for remote access, site-to-site links, or secure communications. Like many network admins, I’ve faced the frustration of a WireGuard tunnel dropping—often at the least convenient moment. Performing a manual restart on the MikroTik each time is time-consuming and error-prone. This article walks you through a fully automated solution: continuously check the connection from a Linux server and, if needed, remotely restart the MikroTik WireGuard server—using secure workflows and best practices.

As someone who regularly experiments with homelab setups, I wanted to expand my storage by attaching a 2TB SATA drive in an externally powered AXAGON USB 3.0 enclosure to my Odroid H4 Ultra Pro (an x86 mini-PC), running Proxmox VE. On paper, with external power and a quality enclosure, I expected flawless operation—however, I encountered a range of classic USB storage issues. Here’s my real-world troubleshooting journey and the persistent solutions I adopted.

Monica CRM is a privacy-focused personal relationship manager. Successfully configuring outbound email is essential for notifications and automations. One of the most common issues for new users is encountering errors related to SSL or STARTTLS when setting up SMTP delivery. This guide provides step-by-step instructions, optimal configuration examples using environment variables, and explanations to help ensure your Monica CRM deployment sends emails reliably.

Looking back at our technical beginnings, most of us remember relying on the resolv.conf file. This small but powerful file was our window into the world of DNS—it was our personal guide, helping us translate domain names into IP addresses. Every administrator, whether experienced or a novice, had to work with it at some point. Then systemd arrived, bringing systemd-resolved, and our beloved resolv.conf started behaving like an old friend who suddenly decided not to be as reliable as we thought.

In some countries (e.g. Egypt) or some hotels, VPN connections are blocked and the only possibility is to tunnel them through WebSocket. In this article, I will focus on that.