Hey! | gyptazy - DevOps, Coding, Networking and BSD!
I'm gyptazy (pronounced ɡʏpˈteɪziː) - an enthusiastic and passionated DevOps engineer and open-source developer. Proxmox, FreeBSD...| gyptazy.com
I'm gyptazy (pronounced ɡʏpˈteɪziː) - an enthusiastic and passionated DevOps engineer and open-source developer. Proxmox, FreeBSD...| gyptazy.com
Let me spoiler, it's the best I've seen so far for bhyve and FreeBSD! When Stefano told me about Sylve , I just had a quick look at the GitHub project and thought, "okay, just another of thousands jail manager just with a better web ui, similar to the Proxmox one" and I got completely wrong while giving it a try! When looking at virtualization and container management on FreeBSD, you quickly notice that while there are many tools around, most of them either feel outdated or are missing import...| Blog
In today's globalized IT landscape the term "cloud" dominates conversations about infrastructure, applications, and deployment strategies. Public cloud providers promise scalability, flexibility, and resilience but yet many organizations still operate their own infrastructure for reasons of control, cost, and compliance. In these environments, FreeBSD continues to play an important role as a robust, secure, and versatile operating system. One of the powerful tools in the FreeBSD ecosystem is ...| Blog
In this HowTo we install and configure Kanidm on Linux Debian Trixie and use it for authentication with Proxmox by OIDC (OpenID Connect). In previous articles, I’ve already shown another exampl in how to integrate Proxmox VE with external identity providers such as Authentik and Keycloak, using them as realms to centralize authentication. Both of these solutions are powerful in their own right, but sometimes you might be looking for something that is more lightweight, simple to deploy, and ...| Blog
Running your own package mirror (such as for Proxmox products) may seem like an advanced setup, but it addresses challenges that are increasingly relevant in modern infrastructures. At its core, a mirror is simply a local copy of selected repositories, yet the advantages extend far beyond faster downloads. By keeping a local mirror, organizations can reduce external bandwidth usage because every server pulls packages from the same local source rather than repeatedly accessing the internet. Th...| Blog
It’s now been several weeks since the release of Debian 13 (Trixie), but there is still no official LXC container template for it from Proxmox. Back when Debian 13 was in its final freeze stage, I had already created an early template ( debian-13-standard_13.x-beta_lxc_proxmox_amd64.tar.gz ) so I and also you could start testing. Since then, I’ve prepared a proper final version to share with the community, as many of you guys asked me to create one. Debian Trixie 13 LXC Image for Proxmox ...| Blog
Managing Proxmox storage resources at scale has traditionally been a cumbersome task. In clustered environments where consistency, reliability, and speed are critical, manually adding or removing storage definitions on each node wastes valuable time and introduces the risk of human error. Imagine configuring NFS shares, CephFS mounts, iSCSI targets or Proxmox Backup Server repositories across dozens or even hundreds of nodes, each in different locations, and having to repeat the same steps ma...| Blog
The Proxmox ecosystem has grown massively in recent months – and one of the key reasons behind this growth is the strong and active community that continues to push the project forward after the VMware aquisition by Broadcom. You can really feel the momentum. There is a lot happening around Proxmox, and the pace is only picking up. I see this every day in my own work. Proxmox has become one of the most important parts of my tech stack. It’s reliable, flexible, and can be used in so many d...| Blog
With Proxmox 9 now officially released as the first beta version and based on Debian Trixie, and the final Debian 13 release just a few days away, it makes sense to start preparing and testing early. Especially in virtualized environments like Proxmox, it’s helpful to evaluate upcoming systems before they become the new stable default. I’ve noticed that there isn’t a widely available LXC container template for Debian Trixie yet. Since I wanted to begin testing some setups myself, I deci...| Blog
Oh, it’s that time of year again! On September 25th, 2025, we’re heading to Ede, Netherlands for the Dutch Proxmox Day 2025. The Dutch Proxmox Day is a yearly conference fully focused on everything around Proxmox. If you’re working with Proxmox VE or just curious about what’s possible, this is the event to be at. This event is organized by Tuxis B.V., a Dutch company deeply involved in the Proxmox community. Admission? Completely free, thanks to the amazing sponsors CT and KPN. What t...| Blog
Proxmox VE 9 Beta 1 has just been released and marks a significant milestone as it’s now based on the upcoming Debian 13 "Trixie." This major upgrade brings a modernized foundation while continuing the trusted stability and features of previous versions. One of the standout improvements in this release is the introduction of VM snapshot support for thick-provisioned LVM storage, a feature that’s now available as a technology preview. With a new storage property enabled, snapshots can pers...| Blog
Over the last few months, I’ve been asked quite a few times how I test my Ansible modules and ProxLB setup in an automated, reproducible way. Especially when working on new features or debugging something deeper, having a clean and quickly deployable Proxmox instance is incredibly useful. The same question often comes up in another form too: “How can I spin up Proxmox on a bare-metal machine without going through the ISO installer step by step?” or “Is there a Proxmox Cloud Image that...| Blog
Managing Proxmox subscription licenses at scale has always been a challenge. Especially in enterprise environments, manual assignment of licenses across hundreds of nodes can be inefficient and error-prone. Until now, there wasn't a supported, API-driven way to integrate license management directly into Ansible workflows. The proxmox_node Module The new proxmox_node module (merged into the community.proxmox collection) allows you to manage Proxmox nodes programmatically. Key features include:...| Blog
When it comes to virtualization, many people still think that NFS isn’t suitable for serious workloads in their enterprise environment and that you need to rely on protocols like iSCSI or Fibre Channel to get proper performance. That mindset might have made sense years ago, but times have changed. Today, we have access to incredibly fast networks and not only in enterprise but even at home. It’s not uncommon to see 10 Gbit networking in home labs, and enterprises are already moving to 25,...| Blog
Running your own on-prem PKI (Public Key Infrastructure) can be a game-changer and it’s not just for enterprises, but also for advanced homelabs. Whether it’s about securing internal services, managing client certificates for S/MIME email encryption, or just having full control over certificate issuance, operating your own root CA brings a lot of flexibility and independence. There are many ways to set up a basic CA, even just using OpenSSL on the command line. But as soon as your setup g...| Blog
Until now, automating Proxmox cluster setups with Ansible often meant relying on hacky shell or command module usages within playbooks/roles and dealing with poor error handling. That changes with my new Ansible modules, proxmox_cluster and proxmox_cluster_info . If you're following me, you might have already found this as a sneak peek in my post about how BoxyBSD boosted the Proxmox ecosystem. These tools leverage the official Proxmox API, enabling direct and reliable cluster creation and jo...| Blog
When exploring secure and efficient authentication options for a Proxmox setup, Authentik paired with OpenID Connect (OIDC) emerges as a compelling choice, particularly for those who prioritize open-source tools and in-house data control. Authentik, an open-source identity provider, empowers administrators to customize authentication flows without the constraints of proprietary systems, avoiding escalating costs or rigid limitations. By integrating OIDC, it enables seamless single sign-on, al...| Blog
Not too long ago, I published a blog post all about Incus. In it, I gave an overview of the project, explained how it works, and showed how to create a cluster with it. After sharing it on social media, I started getting a lot of questions, and one in particular kept coming up: is it easy to run BSD-based virtual machines with Incus? Some people were even surprised to learn that Incus now supports virtual machines thanks to its QEMU backend. So I thought, why not follow up and walk through ju...| Blog
Incus is a versatile and efficient tool for managing both system containers and virtual machines, offering a unified way to run full Linux systems. It supports a wide range of Linux distributions and relies on a simple but powerful REST API. Whether you’re running a single machine or scaling across a full data center, Incus adapts easily to your needs. It can transform your setup into something that feels like a lightweight private cloud, letting you run various workloads with optimized res...| Blog
April, April! No, even it’s the first of April – this is real! After months of development, I’m thrilled to announce the release of ProxLB 1.1.0 – thanks to my company credativ GmbH for sponsoring this project where I could work on this during my work time! It’s been quite the journey since I started this project in mid-2024, and this latest version marks a significant milestone. With a complete code refactor, improved load balancing behavior, and numerous bug fixes, ProxLB is now m...| Blog
It’s a long story when it comes to run Windows VMs in Proxmox and luckily the things became pretty well in the recent years. However, from time to time people start complaining about performance issues that are mostly only visible on Windows systems and this has mostly three major reasons: Missing Drivers / Guest Tools Wrong configuration / usage (e.g., still using VMDK disk files, controllers, devices) Wrong CPU Type As said, within the recent years the situation got much better but we als...| Blog
Proxmox Backup Server is an essential tool for anyone running Proxmox Virtual Environment (PVE) or managing backups efficiently in a virtualized setup. It provides a high-performance and deduplication-enabled backup solution that ensures data protection while keeping storage demands in check. But like any critical infrastructure component, monitoring its performance and status is key to ensuring smooth operations and quick troubleshooting. This is where integrating metrics into a single solut...| Blog
When deploying an open-source chat solution like Matrix Synapse, authentication is a critical piece of the puzzle. Many businesses rely on centralized identity providers to manage user access efficiently. That’s where OpenID Connect (OIDC) comes in, allowing seamless integration with enterprise-grade identity solutions like Microsoft Azure Active Directory (Azure AD) which is now also known as Microsoft Entra ID. By leveraging OIDC, we can integrate Azure AD as a Single Sign-On (SSO) provid...| Blog
Kleene is a container management (jail manager) platform designed specifically for FreeBSD, bringing familiar concepts from Docker while fully embracing FreeBSDs native tools and philosophy. Instead of reinventing the wheel, Kleene follows the KISS (Keep It Simple, Stupid) principle, leveraging FreeBSD’s built-in features to simplify application deployment, maintenance, and upgrades without unnecessary complexity or abstraction. By using FreeBSD’s core technologies like jails, ZFS, and PF...| Blog
Creating and managing a Kubernetes cluster from scratch can be challenging and there’re definitely a way too many possibilities to do so in 2025. With Talos Linux, this can be done in less than 10 minutes! What is Talos Linux? Talos Linux is an operating system built specifically for Kubernetes, focusing on security, immutability, and minimalism. It is designed to work across a variety of environments, including cloud platforms, bare metal servers, and virtualization platforms, providing a ...| Blog
The Fediverse is an interconnected world of diverse platforms, brought together by the ActivityPub protocol. At its heart lies a fundamental concept: decentralized, federated communication. In this environment, relays play a significant role by enhancing the reach and visibility of servers (instances) within the network. To understand why relays matter, it’s important to explore how a relay works and what they bring to the Fediverse – including all the software components like Mastodon, P...| Blog
The year 2024 marked a turning point for the virtualization industry. Following Broadcom’s acquisition of VMware, significant changes to VMware’s licensing model and pricing structure set off a wave of responses across the market. These changes had a profound impact on the virtualization landscape, altering long-held assumptions and forcing enterprises to re-evaluate their strategies. VMware had long been a leader in the virtualization space, with its solutions forming the backbone of cou...| Blog
This weekend marks an incredible milestone for BoxyBSD : we’ve provisioned our 500th free VPS instance! What started as a passion project aimed at supporting the open-source community has grown into something truly special, and I couldn’t be more proud to see the impact it’s having on learners, enthusiasts, and open-source contributors worldwide. Building a Bridge to BSD and Beyond BoxyBSD was born out of a simple yet powerful idea: to lower the barriers to entry for anyone eager to lea...| Blog
The bhyve hypervisor on FreeBSD is an impressive tool that brings lightweight, efficient virtualization capabilities directly into the FreeBSD ecosystem. It’s a powerful type 2 hypervisor that allows FreeBSD users to run virtual machines with minimal overhead, making it an excellent choice for those who value performance and stability. I find bhyve especially compelling for running various Unix-like operating systems like FreeBSD itself, Linux, and even Windows, thanks to UEFI support. In t...| Blog
When I think about bhyve Live Migration, it’s something I encounter almost daily in my consulting calls. VMware’s struggles with Broadcom’s licensing issues have been a frequent topic, even as we approach the end of 2024. It’s surprising that many customers still feel uncertain about how to navigate this mess. While VMware has been a mainstay in enterprise environments for years, these ongoing issues make customers nervous. And they should be – it’s hard to rely on something when ...| Blog
In one of my recent blog posts, I shared my journey as a long-time FreeBSD user. I talked about how I’ve been incredibly happy with the system, appreciating its rock-solid stability, flexibility, and performance. But, like every OS, FreeBSD had its gaps, especially when it came to some modern developments – one of which has been a pain point for many of us working with containerized environments: native support for Docker and Podman Linux images. Until recently, this missing functionality...| Blog
For nearly 15 years, FreeBSD has been at the core of my personal infrastructure, and my passion for it has only grown over time. As a die-hard fan, I’ve stuck with BSD-based systems because they continue to deliver exactly what I need—storage, networking, and security—without missing a beat. The features I initially fell in love with, like ZFS, jails, and pf, are still rock-solid and irreplaceable. There’s no need to overhaul them, and in many ways, that reliability is what keeps me h...| Blog
In today’s fast-paced IT environments, automation is essential for maintaining efficiency and staying competitive. Whether you’re managing a small-scale infrastructure or an enterprise-level system, the ability to deploy virtual machines (VMs) quickly, consistently, and with minimal manual intervention can be transformative. This is where tools like ProxLB and Terraform come into play, offering a powerful solution for automating the deployment and management of VMs. Why Terraform and not ...| Blog
When you connect an external USB network (Ethernet) dongle to a node running XCP-ng, you might encounter an issue where the device appears as a "side-NUMBER-eth0" interface. This interface, however, is not connected and cannot be used for any management interfaces within XCP-ng. You may still be able to manually configure it and to assign IP addresses but it will be still refused to be used for the management interface. To resolve this, you need to rename the device appropriately. Unfortunate...| Blog
After Broadcom increased the license fees, other virtualization solutions than VMware ESXi become very popular. I already talked about other solutions like CBSD, running on FreeBSD using bhyve for virtual machines (VM) workloads or Harvester, as an HCI solution that also allows you to run VM in a different approach. However, we mostly hear Proxmox in one of the first sentences when it comes to VMware ESXi replacements and Proxmox is a really great software based on KVM. However, there're also...| Blog
ProxLB (PLB) is an open-source Proxmox loadbalancer, but different! ProxLB is an application created to optimize the distribution of virtual machines (VMs) across Proxmox cluster nodes for significantly enhancing efficiency and performance. Utilizing the Proxmox API, ProxLB gathers and analyzes a comprehensive set of resource metrics from both the cluster nodes and the running VMs, including CPU usage, memory consumption, and local disk utilization. A key feature of ProxLB is its intelligent ...| Blog
After Broadcom increased the license fees, other virtualization alternatives become very popular. While I previously already evaluated various virtualization platforms, including Proxmox, as well as other solutions that are based on FreeBSD, such as bhyve-webadmin (BVCP), and ClonOS there are of course also several other ones and it is worth noting another noteworthy option in the landscape of hyperconverged infrastructure (HCI). Harvester is an innovative, open-source HCI platform that is bu...| Blog
In the realm of virtualization, there are already several robust and well-established platforms like Proxmox and OpenStack. These solutions have paved the way for efficient and comprehensive management of virtual environments, primarily on Linux-based systems. However, for those who appreciate the power and elegance of FreeBSD, there has been a notable absence of a comparable tool that leverages this operating system's unique strengths. With ClonOS (mainly written by Oleg G. and Oleg M.) an i...| Blog
In today's digital landscape, ensuring the security of online communications is paramount, and SSL certificates play a crucial role in this process. Monitoring these certificates to prevent unexpected expirations is essential for maintaining uninterrupted service and trust. This HowTo guide provides a step-by-step approach to setting up monitoring for SSL certificates, ensuring you receive timely alerts before they expire. By utilizing powerful tools such as Blackbox Exporter, Alertmanager, P...| Blog
Freedive emerges as an innovative standalone tool for FreeBSD, offering a graphical user interface (GUI) that revolutionizes the way systems are managed, enabling both newcomers and experienced users to administer their FreeBSD installations with ease. This GUI, accessible through a mobile-friendly web interface, democratizes the use of FreeBSD by allowing beginners to engage with the operating system without the need to delve into the complexities of the command-line shell. Designed with res...| Blog
In today's interconnected world, ensuring high availability (HA) across multiple sites is crucial for businesses to maintain continuity and reliability. While traditional solutions often rely on complex protocols like BGP or GRE tunnels, implementing a cost-effective HA setup using WireGuard VPN tunnels provides a simpler yet robust alternative. This solution leverages the flexibility of WireGuard VPNs to create secure connections between multiple sites, with the added benefit of easy setup a...| Blog
Unfortunately, Grafana does not support Matrix notification by default. While Matrix is originally a free and open-source chat service, it also provides API and Bot support which makes it handy for service notifications. With End-to-end encryption, open-source, self-hosting possibilities and multi client support it provides all necessary features to integrate this as a fast and reliable notification solution to receive any kind of monitoring alerts. With the grafana-matrix-forwarder by Hector...| Blog
BoxyBSD is a non-profit project dedicated to providing free virtual machine (VM) hosting on IPv6, with a particular emphasis on BSD-based systems such as FreeBSD, NetBSD, and OpenBSD. The project's primary objective is to contribute back value to the open-source community by offering a platform where beginners and newcomers can learn and educate themselves using real systems. By offering free virtual machine hosting, BoxyBSD aims to remove financial barriers that often deter individuals from ...| Blog
Proxmox just released its new import wizard which makes it much easier to migrate virtual machines from a VMware ESXi system to a Proxmox environment. This being said, it also offers the general support of live importing virtual machines. Migrating VMs to the Proxmox environment uses the official ESXi API through a user space filesystem with a fine-tuned read-ahead cache which is fully written in Rust. Unlike before, this solution does not require the manual steps of copying the virtual machi...| Blog
Security patch management is a critical aspect of maintaining the security and resilience of an organization's digital infrastructure. It involves the timely identification, testing, and application of software updates to address vulnerabilities in operating systems, applications, and other software components. This proactive approach is essential to prevent security breaches, data breaches, and unauthorized access, safeguarding sensitive information and ensuring smooth system operation. The ...| Blog
QualvoSec is a robust open-source (based on GPLv3) security patch management tool designed for unattended upgrades on a variety of systems, encompassing mainstream Linux distributions (like Debian, Ubuntu, Garden Linux, RedHat, CentOS, RockyLinux etc.) and BSD-based systems like FreeBSD. This tool empowers operators to exercise control over client systems' patch integration, offering flexibility in managing updates, particularly for crucial components like kernels or glibc. They key features ...| Blog
In the ever-evolving landscape of virtualization and server management, one name has consistently stood out for its reliability, versatility, and innovation – Proxmox. Especially now, just after Broadcom dropped the free ESXi solution, Proxmox might be the real gamechanger. Traditionally associated with x86 architectures, Proxmox has been a stalwart companion for enterprises and enthusiasts alike, providing a robust platform for virtualization and container orchestration. However, as techno...| Blog
One of the standout features is the automatic utilization of modern virtualization functionalities supported by KVM, such as Advanced Programmable Interrupt Controller virtualization (APICv). This integration ensures that users benefit from cutting-edge virtualization capabilities, potentially enhancing the performance and responsiveness of their VMs. A noteworthy advantage lies in the fact that KVM is an integral part of the Linux kernel. This implies that users can access KVM directly with ...| Blog
This HowTo guides you through the setup process of snac2 on a minimalistic FreeBSD (FreeBSD 14) system to run and serve your own ActivityPub instance within the Fediverse. snac2 is also compatible with Mastodon instances for further interactions. snac2 is a simple, minimalistic ActivityPub instance written in portable C and can run on all Linux and BSD systems. Within this HowTo snac2 will be installed behind a nginx reverse proxy for SSL/TLS offloading. First, we start installing the require...| Blog
In homebrew and macPorts, still an older version is included when it comes to csshx . Unfortunately, this version does not work out of the box anymore with newer macOS installations like macOS 14.5 (Ventura) or macOS 14.6 (Sonoma) and needs some adjustments. csshX (Cluster SSH for macOS) is a command-line utility designed to facilitate managing multiple SSH sessions simultaneously. It allows users to open and control multiple terminal windows or tabs at once, sending the same command inputs t...| Blog
Operating your own IPv6-capable container registry ( Distribution Registry ) for Docker and Podman offers several advantages. By hosting container images on a dedicated registry, you gain greater control over image distribution, access, and security. With cnt-reg.gyptazy.ch a new IPv6 capable container registry got launched. The use of IPv6 ensures scalability and future-proofing in the increasingly IPv6-dominated networking landscape. This setup provides autonomy in managing container images...| Blog
BoxyBSD is an innovative service hosted and developed by gyptazy that provides a unique opportunity for enthusiasts, developers, and curious minds to explore the powerful FreeBSD operating system in a risk-free and hassle-free environment. BoxyBSD offers free FreeBSD virtual machines (VMs) served as jails, allowing users to immerse themselves in the FreeBSD experience without the need for complex setups or installations. Embrace the freedom to explore, innovate, and debug with BoxyBSD – you...| Blog
The BSD Cafe is a thriving community that goes beyond being just a gathering of BSD enthusiasts; it serves as a comprehensive repository of knowledge and experiences shared by its members. The platform features in-depth reviews of BSD-related software and hardware, providing valuable insights into real-world experiences and hardware compatibility. The community aims to assist individuals in making informed decisions when building or optimizing systems for BSD but Linux users are of course als...| Blog
Finally, I rejoined the ntppool.org project again. Several years ago, I already contributed with several Stratum 1 systems which were connected to a Stratum 0 (GPS). Nowadays, most ones do not care about NTP and time synchronization anymore but it gets more important than ever when it comes to encryption, authentication and logging. Therefore, I took my old Stratum 0 GPS systems and created four new ntp server which are also included within the nto pool project. But of course, you are also ab...| Blog
manpageblog - a small, lightweight blog engine written in Python and offers several advantages in a look of a man page (Unix like manual page). Firstly, it provides simplicity and ease of use, making it accessible even for users with limited technical knowledge. The lightweight nature ensures quick installation and minimal resource consumption, making it suitable for various hosting environments. Python's readability and straightforward syntax make the blog engine easy to customize and extend...| Blog
This mini How-To guide describes how to install Semaphore UI 2.8.75 in addition to Ansible 8.5 on Linux Debian 12 (Bookworm). Semaphore provides a modern and responsive webUI for running Ansible playbooks as an alternative to Ansible AWX (Tower) and the new Automation Platform. Semaphore is an open-source project written in GoLang and easy to use, install & to maintain. MySQL/MariaDB, PostgreSQL and BoltDB are supported as backend DBs. Within this HowTo MariaDB is used. Please also see the of...| Blog
Changelog Fragments Creator just got released in V1.3. Changelog Fragments Creator (a changelog generator in Python) may be used in development setups where working on a single CHANGELOG.md file might result in ongoing merge conflicts due to too many changes on the same file. This is where Changelog Fragments Creator steps in to solve this by creating YAML based files for each PR according to its planned release version. The output format is based on Keep a Changelog, and this project adheres...| Blog
This overview offers you an insight into my self-created Vagrant compatible boxes and images of different Linux and BSD operating systems for Apple Silicon based Macs. Apple Silicon's hardware architecture is based on ARM64 (AARCH64) which is incompatible with the AMD64 (x86_64) hardware architecture. The following boxes provide further virtualization support and can run as a virtual machine (VM) on your Mac. You may also use these images on any other ARM64 based platform. Images: * Alpine 3....| Blog
Creating packages for Debian (Ubuntu), RedHat (CentOS, Fedora) & FreeBSD can easily be done by CMake’s CPacks feature. This provides great possibilities to create packages from sources but also to ship just configuration files with a single config for one or more distributions. In general, it also supports creating packages from different distributions. My tech talk provides a short examples how to use it by packaging the changelog fragments creator tool (see also my blog post regarding thi...| Blog
In an era where our lives are increasingly intertwined with technology, the concept of a digital detox has gained significant traction. A digital detox refers to consciously and temporarily disconnecting from digital devices and online platforms in order to find balance, regain focus, and reconnect with the physical world around us. This practice has become an essential remedy for the modern challenges posed by our hyperconnected lifestyles. In this blog post, we’ll explore the ins and outs...| Blog
AI is on everyone’s mind but what happens when we use our own and custom content like documents on different LLMs (Large Langauge Models)? Let’s have a short look at different LLMs like llama2, falcon and gpt. Within this case we do not just want to use the pre-trained data from the models but also process our own content. Here, we just use a public available price list (T-Mobile One Fact Sheet) in a PDF format and try to gather information by prompt requests. We will now try to gather so...| Blog
Changelog Fragments Creator (a changelog generator in Python) may be used in development setups where working on a single CHANGELOG.md file might result in ongoing merge conflicts due to too many changes on the same file. This is where Changelog Fragments Creator steps in to solve this by creating YAML based files for each PR according to its planned release version. The output format is based on Keep a Changelog, and this project adheres to Semantic Versioning. This changelog creator is writ...| Blog
Ansible’s yum_versionlock module has been available in Ansible for several years. Since my initial release this module has also been tweaked and forked as dnf_versionlock. However, there has been a new feature request for supporting specific package versions to pin and lock. Starting with community general version 7.2, yum_versionlock is also able to handle specific versions instead of just plain package names. Links: feature( yum_versionlock ): Add support to pin specific package versions ...| Blog
Many DevOps used Vagrant together with VirtualBox (Box) in their default setups to quickly spawn new VMs. However, when switching from AMD64 (Intel architecture) to Apple Silicon (M1/M2/M3) there was a lack of unsupported tools which broke many workflows. Currently, there’s an ARM64 supported build of Virtual Box but it doesn’t support ARM64 guests at all. This makes it necessary to switch to other alternatives. VMware Fusion A solution could lead into a free copy (for personal usage) of ...| Blog
Unfortunately, many companies still have security policies according to frequently password changes for endusers. Which first sounds like a good idea may fastly result in a less better security – I also often call this security by obscurity. So, why is password rotation a bad idea nowadays? First, let us have a look at the past before year 2000, where users had really short passwords with less than 10 characters. Many dynamic websites (e.g. free mailers, etc.) at that time enforced a passwo...| Blog
My new module pf (packet filter) allows managing the BSD’s packet filter (pf – as a firewall) which is compatible with FreeBSD, OpenBSD etc. When running in dry_run mode a generated rule set file will be validated and printed within Ansible’s meta output (json). Rulesets can be loaded by filters (e.g. filter, options or nat) and tested in dry_run mode. Next to this, basic service management can be done by this module for starting, stopping and restarting pf. - name: Test a rule set pf: ...| Blog
Plutono is an interactive visualization web application that provides graphs, charts and also alerts. It is based on a Grafana 7.5 fork, maintained by credativ GmbH ( NetApp GmbH ), under the Apache 2.0 license which is limited to maintenance and security updates. In 2021, Grafana switched the licensing of its core products from the Apache License 2.0 to the more restrictive AGPL v3 (Affero General Public License) as an attempt to balance the values of open source with its monetization strate...| Blog
Monkey Switcher just got released in V1.2. witch your Bluetooth capable devices like Magic Keyboard 2, Track Pad, AirPods, etc. between multiple Macs (e.g. personal & business) with a single click for macOS. This can especially be helpful to avoid connecting you wired USB-C to Lightning cable to your Magic Keyboard to establish a peering session to another Mac and may fasten up your workflow. However, initially this must be done on all Macs where you like to use this app to be a known and aut...| Blog
Now, Garden Linux comes with Firecracker (microVM) images for running heavy workloads. You may also find some more information on Firecracker within my last post. Thanks to nkraetzschmar for adding Firecracker support within the Garden Linux feature system. Next to this, the Pytest pipeline needed further adjustments as well as a new IAAS type to perform tests on microVMs. With my PR feat(pytest): Add Firecracker IAAS for PyTest #1318 I recently added further support for Firecracker images as...| Blog
While Garden Linux was running with SELinux all the time, Garden Linux finally supports running SELinux in enforcing mode. Within the last few weeks I made several adjustments to make sure we could switch from permissive mode to enforcing. By pushing the last commit , the gardenlinux-selinux-module gets reactivated in synergy with the patched refpolicy package within the Garden Linux build pipeline. All related packages are available on Garden Linux repositories, now. Unluckily, I had many is...| Blog
Finally, my Garden Linux PR feature(build): Add support for macOS #1013 got merged which allows building Garden Linux images on macOS regarding the underlying hardware architecture (Intel and Apple Silicon are supported). As a result, no further Linux virtual machines are needed to create artifacts. This is a big step forwards for all macOS users in usability and also speeds up the whole local build process. Update: With PR Add support for macOS and CentOS (Stream) in startvm #1027 you may al...| Blog
Introducing Monitorix , a versatile, open-source, and lightweight system monitoring tool that excels in overseeing a wide array of services and system resources. Originally crafted for production environments on Linux/UNIX servers, its adaptability extends seamlessly to embedded devices due to its simplicity and compact size. While Monitorix remains a stalwart choice, contemporary implementations may pose challenges. The conventional practice of exposing services to external entities may not ...| Blog
Garden Linux is a Debian GNU/Linux derivate that aims to provide small and auditable Linux images for most cloud providers (e.g. Ali, AWS, Azure, GCP etc.) and bare-metal systems. Garden Linux is the best Linux for Gardener nodes to increase you cloud platform and replaces the legacy and discontinued CoreOS system. Garden Linux provides great possibilities for customizing and provides a great feature set to fit your needs and is fully Open-source (MIT licensed). By the given feature set it is...| Blog
helloSystem is a new desktop system for creators with a focus on simplicity, elegance, usability and a modern design based on FreeBSD. It follows the “less, but better” philosophy and is purely welcoming users from Mac systems. However, it has been several years since I have used FreeBSD as my daily desktop system – so I worked with another BSD system all the time. Now, it was time again to take a look on FreeBSD and I found helloSystem – I was directly in love. A fresh, modern clean ...| Blog
With Ansible 2.10 my patch got integrated by upstream. Therefore, the Ansible module java_cert provides a new option for trusting imported CA certificates. This comes handy when you are running an infrastructure with a self signed root CA (Certificate Authority). As a result, you may define your own imported root CA as trusted which directly allows secure SSL/TLS connections between JAVA application without allowing untrusted CAs. Example: - name: Import trusted CA from SSL certificate java_c...| Blog
With the new ‘msteams’ Ansible callback module you may send notification to a desired Microsoft Teams chat room. This includes the start of a triggered Playbook run, as well as of the final result with more details about the executed run. This may become handy when multiple playbooks are executed periodically as a status update for the DevOp team. This plugin is designed for a just “place it and use it” usage. Therefore, only the room URL needs to be generated within Microsoft Teams a...| Blog
Find all new tech related blog posts of gyptazy. It is all about Proxmox, FreeBSD, IPv6, BGP, Cloud and more!| gyptazy.com
How BoxyBSD Boosted the Proxmox Ecosystem: a free VPS platform with full IPv6 support for beginners and small open-source projects.| gyptazy.com
Oh, it’s that time of year again! On September 25th, 2025, we’re heading to Ede, Netherlands for the Dutch Proxmox Day 2025. The Dutch Proxmox Day is a yearly conference fully focused on everything around Proxmox. If you're working with Proxmox VE or just curious about what's possible, this is the event to be at.| gyptazy - The DevOps Geek • DevOps, coding, cloud and open source in a geek...
The bhyve hypervisor on FreeBSD is an impressive tool that brings lightweight, efficient virtualization capabilities directly into the FreeBSD ecosystem. It's a powerful type 2 hypervisor that allows FreeBSD users to run virtual machines with minimal overhead, making it an excellent choice for those who value performance and stability. I find bhyve especially compelling for| gyptazy - The DevOps Geek
In one of my recent blog posts, I shared my journey as a long-time FreeBSD user. I talked about how I’ve been incredibly happy with the system, appreciating its rock-solid stability, flexibility, and performance. But, like every OS, FreeBSD had its gaps, especially when it came to some modern developments - one of which has| gyptazy - The DevOps Geek
In the realm of virtualization, there are already several robust and well-established platforms like Proxmox and OpenStack. These solutions have paved the way for efficient and comprehensive management of virtual environments, primarily on Linux-based systems. However, for those who appreciate the power and elegance of FreeBSD, there has been a notable absence of a comparable| gyptazy - The DevOps Geek • DevOps, coding, cloud and open source in a geek...
For nearly 15 years, FreeBSD has been at the core of my personal infrastructure, and my passion for it has only grown over time. As a die-hard fan, I've stuck with BSD-based systems because they continue to deliver exactly what I need—storage, networking, and security—without missing a beat. The features I initially fell in love| gyptazy - The DevOps Geek • DevOps, coding, cloud and open source in a geek...
