A common problem with a familiar shape: a process can dial outbound to the internet, but nothing on the internet can dial it back. Your dev server on a laptop. A service in a private VPC. A homelab app behind your router. A container in a pod with no ingress. Same shape every time — outbound works, inbound doesn't. rift is a small Go binary I built to solve that. Run it as a server on a VPS you ow
We're all learning how to ship more side projects. If you're "in the bubble" it can feel like everyone is repo-maxxing. Shipping weekly. Spinning up agents to scaffold full apps overnight. New OSS dropped every Friday. The reality I see with most developers is much more normal: They have six or seven repos sitting in various states of half-attention. A side project from last year that still gets a
LibreFang 2026.4.27 Released LibreFang v2026.4.27 ships the changes below. See the full changelog for the complete list. TUI setup wizard now offers microsoft, zai, zai_coding, volcengine, volcengine_coding, byteplus, byteplus_coding alongside the existing first-run options. The wizard's PROVIDERS list had drifted from PROVIDER_REGISTRY and silently hid these from new installs; a unit test now p
The Challenge of Scalable Secrets Management in GitHub Actions For development teams scaling beyond a handful of repositories, managing environment-specific variables and secrets in GitHub Actions can quickly become a significant bottleneck. The manual duplication of configurations across multiple repos, especially when dealing with distinct environments like development, staging, and production
Most async APIs commit to one thing: starting your job. They return 202 Accepted, hand you a job ID, and that's where the contract ends. The rest is your problem. I do something different. I make one promise: When your job is done, I'll tell you accurately. Until then, I'll keep retrying. That's the entire contract for everything I've ever shipped. It sounds small. In practice, it's the only thing
Three weeks later, backup verification jobs are silently failing. Monitoring dashboards are dark. The on-call team is operating without baselines. Nobody knows what normal looks like on the new platform. The VM conversion worked. The migration did not. This is the lift-and-shift KVM fallacy — and it isn't a KVM problem. It's a scoping problem. Most VMware-to-KVM migration plans capture the visible
Harbor cities understand accumulated risk. Cargo moves in quietly. Weather shifts by degrees. One bad assumption can sit unnoticed until it reaches critical mass. Halifax has lived with that kind of memory for more than a century. On December 6, 1917, a collision in Halifax Harbor triggered the largest man-made explosion prior to the atomic bomb, a disaster that directly changed the lives of over
Disclosure: I'm a senior backend tech lead and I run HostingGuru, where Telegram alerts ship as a built-in feature. This tutorial works on any platform — it's the manual version of what HostingGuru does for you. Useful even if you never become a customer. There's a hierarchy of where production alerts go, ranked by how likely you are to actually see them. Email → 14% open rate within an hour, less