#fediHire #fedihelp
I'm still looking for a new #freelance #remote #project in #software #RnD.
I offer #agile ( #team) #coaching or whatever you name it and a lot other stuff. I wouldn't reject any role which I already had, eg. Architect, TeamLead, Product Owner etc...
My skills reach from #Java #Kotlin #Swift #mobile or #backend #TDD #CICD pipelines, project setups or firefighting to #liberatingStructures and merging and splitting teams/departments and organising company wide initiatives.

I think one of the biggest things #GitHub has damaged is that people are unable to think of any form of #CICD that doesn't look in some way like theirs.

I think one of the biggest things #GitHub has damaged is that people are unable to think of any form of #CICD that doesn't look in some way like theirs.

New blog post: Hosting a Static Blog on FreeBSD with Bastille Jails

A deep dive into my self-hosting setup:
- FreeBSD 15.0 with securelevel 2
- Bastille jails for isolation (Caddy, Nginx, deployment gateway)
- PF firewall with strict NAT/RDR rules
- CI/CD via Forgejo Actions with rrsync-restricted deployments
- nullfs mounts for zero-copy file sharing between jails

The "transporter pattern" keeps the blog jail unexposed while enabling automated deploys. Jails remain the most elegant isolation mechanism around.

https://blog.hofstede.it/hosting-a-static-blog-on-freebsd-with-bastille-jails-and-automated-deployment/

#freebsd #bastillebsd #jails #blog #devops #cicd #forgejo

New blog post: Hosting a Static Blog on FreeBSD with Bastille Jails

A deep dive into my self-hosting setup:
- FreeBSD 15.0 with securelevel 2
- Bastille jails for isolation (Caddy, Nginx, deployment gateway)
- PF firewall with strict NAT/RDR rules
- CI/CD via Forgejo Actions with rrsync-restricted deployments
- nullfs mounts for zero-copy file sharing between jails

The "transporter pattern" keeps the blog jail unexposed while enabling automated deploys. Jails remain the most elegant isolation mechanism around.

https://blog.hofstede.it/hosting-a-static-blog-on-freebsd-with-bastille-jails-and-automated-deployment/

#freebsd #bastillebsd #jails #blog #devops #cicd #forgejo

#fediHire #fedihelp
I'm still looking for a new #freelance #remote #project in #software #RnD.
I offer #agile ( #team) #coaching or whatever you name it and a lot other stuff. I wouldn't reject any role which I already had, eg. Architect, TeamLead, Product Owner etc...
My skills reach from #Java #Kotlin #Swift #mobile or #backend #TDD #CICD pipelines, project setups or firefighting to #liberatingStructures and merging and splitting teams/departments and organising company wide initiatives.

CI/CD Week Day 2! Security is key! Running directly on the host (bareMetal) is fast, but system admins need control over what processes run.

Enter Executor 2: bwrap (bubblewrap). This creates a very light container/sandbox, similar to what Flatpak uses!

You get the same execution capability (e.g., running `echo "hello" > README.md`), but in a confined, isolated way. It's the best of both worlds: speed and security!

Ready for the executor that lets you run any process? Follow me for tomorrow's reveal! 🐳

#CICD #DevOps #Bubblewrap #Security #Containers

Debugging CI/CD pipelines locally has been unexplored. The complexity of mapping pipeline execution to local environments made it prohibitively expensive.

AI coding tools changed that—the cost dropped dramatically.

We built Magnolia—a CLI to run GitHub Actions, GitLab CI, and Forgejo pipelines locally.

https://github.com/tuist/magnolia

Not feature-complete yet, but open to contributions. Our goal: help teams move to forge-native CI.

No more push-pray-wait cycles.

#DevTools #CICD #Swift

Say hello to the new plugin: `Hop`. Thanks to the new #rust plugin-sdk we can code plugins in rust!

This plugin will be the base of the CI/CD of GitRoot. It permit to execute process on the host server.

This process could be executed in an oci container #podman or #docker

But for now I want to try to exec in a #chroot jail. The approache is much more in the spirit of GitRoot (less ressource needed, more simple to use... or not will see...) even if I know oci container are mandatory.

It will be the responsibility of the instance administrator to choose what strategy they want to offer to their users.

#git #forge #cicd #rustlang

Say hello to the new plugin: `Hop`. Thanks to the new #rust plugin-sdk we can code plugins in rust!

This plugin will be the base of the CI/CD of GitRoot. It permit to execute process on the host server.

This process could be executed in an oci container #podman or #docker

But for now I want to try to exec in a #chroot jail. The approache is much more in the spirit of GitRoot (less ressource needed, more simple to use... or not will see...) even if I know oci container are mandatory.

It will be the responsibility of the instance administrator to choose what strategy they want to offer to their users.

#git #forge #cicd #rustlang

Proxmox fully automated! From ClickOps to Code: Automated. Audited. Revisioned. Repeatable.

Starting from the base by automating:
- Cluster initialization
- Cluster join
- Storage Integration
- Proxmox Backup Server Integration
- SDN Networks (different ones for pros/dev)
- Guest Resources utilizing the cluster infrastructure

#Proxmox#PVE#Pbs#ProxmoxBackupServer #opensource#Automation#Ansible #python #devops #terraform #cicd #pipeline #cluster #nfs #iscsi

https://peertube.gyptazy.com/w/4cp7ddLdSHGSUeUwUPsuo9

Proxmox fully automated! From ClickOps to Code: Automated. Audited. Revisioned. Repeatable.

Starting from the base by automating:
- Cluster initialization
- Cluster join
- Storage Integration
- Proxmox Backup Server Integration
- SDN Networks (different ones for pros/dev)
- Guest Resources utilizing the cluster infrastructure

#Proxmox#PVE#Pbs#ProxmoxBackupServer #opensource#Automation#Ansible #python #devops #terraform #cicd #pipeline #cluster #nfs #iscsi

https://peertube.gyptazy.com/w/4cp7ddLdSHGSUeUwUPsuo9

You can see the code and adapt it to your situation.

It assumes that you have some number of esp32-s3 meshcore devices plugged in over USB to a Linux based device which the Action's runner can access.

Shout if you have patches, improvements or questions!

https://git.devhack.net/Hammers/MeshcoreDeployer

#opensource #meshcore #meshcoredeployer #lora #radio #cicd #devops #forgejo

Woot, just finished implementing my first GitHub / Forgejo Actions which allows me to programmatically push meshcore builds to my radios on the roof from the comfort of my browser.

It currently only supports deploying to esp32s3 based LoRa devices so far.

#meshcore #lora #radio #esp32 #cicd #meshcoredeployer #devops #forgejo

How I quickly spawn my #Proxmox Labs - Proxmox Cloud Image & Proxmox Bare-Metal Auto Installer

This way, you can just spin up your cluster in less than 5 minutes and continue your tests :)

#opensource #virtualization #devops#ProxmoxVE #labs #infrastructure #cicd

https://gyptazy.com/proxmox-cloud-image-bare-metal-auto-installation-image/

How I quickly spawn my #Proxmox Labs - Proxmox Cloud Image & Proxmox Bare-Metal Auto Installer

This way, you can just spin up your cluster in less than 5 minutes and continue your tests :)

#opensource #virtualization #devops#ProxmoxVE #labs #infrastructure #cicd

https://gyptazy.com/proxmox-cloud-image-bare-metal-auto-installation-image/

To continue our Bastille Day release extravaganza we're also announcing Rocinante 1.0 series is now available!

This release brings most of the Rocinante commands up to par with Bastille functionality and now includes a bastilletesting directory which has been designed to validate code changes in both projects.

Bastille and Rocinante can now be combined to build simple CI/CD pipelines to validate deployments!

#FreeBSD#BastilleBSD#BastilleDay#CICD

To continue our Bastille Day release extravaganza we're also announcing Rocinante 1.0 series is now available!

This release brings most of the Rocinante commands up to par with Bastille functionality and now includes a bastilletesting directory which has been designed to validate code changes in both projects.

Bastille and Rocinante can now be combined to build simple CI/CD pipelines to validate deployments!

#FreeBSD#BastilleBSD#BastilleDay#CICD

Status update: I'm now automatically building and releasing a signed fork of stable moshidon with my patches. #CI is cool!

https://github.com/cactichameleon9/moshidon-fork

#CICD#GithubActions#Moshidon