Day One of the Content Pipeline: What Broke and What I Fixed
First-run lessons from an automated content pipeline. Noise, human-only merges, and a backwards production step surfaced in 24 hours.
Devops
Automate your content pipeline with GitHub Actions and Issues
Build a daily content mining pipeline that scans your repos and queues post ideas as GitHub issues.
Backup and Disaster Recovery
Automate backups, test restores, and build a disaster recovery runbook for your VPS.
Generate Open Graph images with Playwright and an HTML template
Build a script that generates consistent OG social card images from an HTML template using Playwright screenshots, with smart caching and series-aware gradients.
Deploying Mercure alongside Caddy on a shared VPS
How to run Mercure for real-time SSE alongside Caddy as your web server, with solutions for port conflicts, gzip interference, and JWT configuration.
Monitoring, Alerting, and Incident Response
Set up lightweight monitoring and alerting for a solo-developer VPS, plus a post-incident checklist.
Automated Patching and Server Maintenance
Configure automatic security patches, detect stale services with needrestart, and keep logs and Docker images from filling your disk.
Secrets, Certificates, and Credential Rotation
Manage .env files, encrypt secrets with Ansible Vault, and rotate credentials without downtime.
Kernel and Systemd Service Hardening
Tune kernel parameters with sysctl and sandbox services with systemd to reduce your VPS attack surface.
Caddy Hardening: Security Headers and Rate Limiting
Add security headers, rate limiting, and server identity removal to your Caddy configuration.