Implementing a secure reverse proxy architecture for LibreHardwareMonitor using Caddy with internal TLS, HTTP Basic Authentication, granular firewall controls, and Tailscale overlay networking on Windows infrastructure.
Guide for installing Windows 11 Pro on devices with OEM Home edition keys embedded in BIOS/UEFI firmware. Includes ISO modification with ei.cfg and pid.txt, post-install upgrade method, and regional configuration for Autopilot deployments.
Complete guide for configuring Windows Autopilot with custom local administrator naming and Windows LAPS password management. Includes BitLocker key escrow, White Glove pre-provisioning, and troubleshooting for policy conflicts.
A comprehensive guide to diagnosing and resolving OpenVPN connectivity through multiple NAT layers, including the discovery of a critical silent firewall rule loading failure in pfSense caused by broken aliases.
Self-hosted push notification stack deployed on vps-web, bound exclusively to Tailscale with TLS. Covers CrowdSec ban alerts, disk and service monitoring, SSH login detection, and sudo tracking via journald.
How to configure Cloudflare Dynamic DNS when your gateway is behind double NAT and can't detect your real public IP. A PowerShell-based solution for Windows workstations.
A comprehensive deep-dive into Tailscale's mesh networking technology, from WireGuard foundations to practical SSH and SMB configurations. Why this zero-trust VPN has become essential infrastructure for modern system administration.
A comprehensive bash script for managing WireGuard VPN peers with automatic backups, split-tunnel support, and interactive mode for safe infrastructure management.
My IT journey Continues - insights from Andrew Jones, IT Engineer in London, UK