Skip to content
View stelb's full-sized avatar
💭
Try stuff, break stuff, fix stuff. Learned some lesson.
💭
Try stuff, break stuff, fix stuff. Learned some lesson.
15 followers · 102 following

Achievements

Achievement: Public SponsorAchievement: YOLOAchievement: Arctic Code Vault ContributorAchievement: Pull Shark

Achievements

Achievement: Public SponsorAchievement: YOLOAchievement: Arctic Code Vault ContributorAchievement: Pull Shark

Block or report stelb

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
stelb/README.md

Hi there 👋

Me on

I am working as DBA (Oracle, postgres) since 1999. But I always do more than only Databases.

Linux administration, mail servers, application servers, firewall, loadbalancer, storage, virtualization, monitoring, docker, kubernetes, ansible, certificates.

I am interested in far too much topics, not enough time for all :)

Non-Business Projects

I am plugging together technologies to make things work.

'Production' important stuff for me

Mailserver

Passwordsafe

  • Vaultwarden
  • nothing special, just automatic paranoid backup, because it will be a major pain to lose data 😅
  • oauth2 with kanidm in testing... waiting for integration in vaultwarden release

Document Management

Documents

Just started, no more paper, all digital documents in one place and not cluttered on disks or in mails.

  • paperless-ngx
  • scanservjs (scan directly to consume folder)
  • Integration with kanidm
  • Sharelinks accessible from outside (wireguard tunnel, caddy, opnsense)
  • Let's encrypt Certificates at home (DNS-01 validation, RFC2136, technitium DNS)
  • import via mail rules/share/directly from scanner to share

Books/Manuals & similar

Push notifications

  • ntfy used by monitoring and automated updates/reboots

Identity Management

  • kanidm
  • everything via commandline :)
  • for oauth2, unix users on hosted boxes and maybe even internally soon
  • todo: replicated setup..

Routing/Firewall

  • OpnSense with HA setup
  • wireguard
  • cloudflare tunnel
  • mikrotik cloud router switches, cloud smart switches, several APs (cAP ax + wAP ax for home wifi, several map(lite) and hAP ax lite to do experiments, RB5009 is planned)
  • still some old zyxel gs1900 switches

NAS

  • TrueNAS CORE (TrueNAS mini is still on CORE)
  • TrueNAS SCALE CE the seem to have ditched the "SCALE".. 2 UGREEN Boxes
    • DXP 4800+ 4 Disks (temporary setup right now), 2x 4TB NVMe, 64GB RAM
    • DXP 480T All-Flash 4*4TB NvME, 64GB RAM
    • Both in small 2.5G Storage Network (not Mikrotik yet..)
  • Letsencrypt Certs with custom shell authenticator truenas_acme_hetzner

DNS

Lab

Proxmox VE

Kubernetes

OS

  • ubuntu/debian
  • CentOS

Misc

Pinned Loading

  1. truenas_acme_hetzner truenas_acme_hetzner Public archive

    Shell

  2. antrea2cilium antrea2cilium Public archive

    Live migration from antrea to cilium

    Shell 2