Hi there 👋

Apple T2 Macs are… special. If you run Proxmox on something like a Mac mini 2018, you’ll eventually touch out-of-tree kernel modules and discover that Linux kernel APIs love change. Running Proxmox on a Mac mini 2018 with T2 chip requires the applesmc_t2_kmod kernel module for proper fan control. After some research I’ve found the repo MCMrARM/mbp2018-etc which was slighly outdated for 2026, as I faced some issues described below. Common issues Missing linux/input-polldev.h - this header was removed years ago. I have to patch the source to remove the #include and any polled-input code. ...

🚀 Welcome to this week’s Friday Readings! A quick collection of must‑reads, tool announcements, and tech highlights that caught my eye recently. 🛠️ Tools & Projects Dockhand - A modern, local-first approach to container workflows, aiming to reduce Docker Compose sprawl and cognitive load. Rekindle - A distraction-free reading environment for long-form content. A quiet rebellion against algorithmic feeds. multiOTP - A mature open-source OTP/MFA solution with solid fundamentals and zero marketing fluff. PegaProx - Proxy-centric experimentation around traffic control and interception, useful for labs and protocol analysis. Oh My OpenCode - A curated collection of OpenCode / AI tooling, scripts, and experiments worth exploring. 📚 Articles & Essays A GDPR Failure - A real-world post-mortem showing how compliance fails when process, ownership, and reality diverge. 21 Lessons Learned - Career-scale reflections on engineering, leverage, and long-term thinking, distilled without guru theatrics. Terraform vs Terragrunt - A balanced comparison focused on trade-offs, not ideology. Especially useful for growing infra teams. 12 On-Call Dashboards That Calm Everyone Down - Observability through a human lens: fewer surprises, clearer signals, lower stress. 🔐 Security & Research Notepad Hijacking by Lotus Blossom - A reminder that “boring” binaries remain valuable targets, and persistence often hides in plain sight. arXiv: 2601.19062 - Fresh research touching AI systems and reasoning. Dense, but rewarding if you enjoy first-principles thinking. 🎮 Culture & Light Reading What Book You Should Read Based on Your Favorite Game - A playful crossover between games and literature, surprisingly decent for inspiration. Thanks for reading! ...

🚀 Welcome to this week’s Friday Readings! A quick collection of must‑reads, tool announcements, and tech highlights that caught my eye recently. 📚 Books The Art of Scalability (O’Reilly, 2nd ed.) - Classic playbook on scaling orgs and systems in tandem-people, process, and architecture patterns for sustainable growth. The Software Engineer’s Guidebook - A pragmatic career map from junior to principal with focused chapters on delivery, testing, architecture, and team dynamics. 📚 Articles Worth Your Time Think First, AI Second - A crisp argument for a “brain→AI” workflow-do your own thinking before prompting to preserve attention/memory and get better outcomes from AI. Atlantis with Terragrunt (Spacelift) - How to wire Atlantis to Terragrunt with custom workflows/webhooks, plus pros/cons and alternatives. Using Atlantis Plan as a Quality Gate (ControlMonkey) - Treat atlantis plan as a merge gate, integrate scanners (Checkov/Trivy/KICS), and note self-hosted limitations. Cloud Cost Optimization - A Senior Engineer’s Guide - Practical levers across app-level tuning, storage lifecycle, K8s autoscaling, ARM/edge choices, and cost-aware culture. OpenWrt Mesh 802.11s - Step-by-step to build an OpenWrt 802.11s mesh (including replacing wpad and enabling BATMAN-adv) for seamless roaming. Your Brain on Incidents - Human-centric incident tips: blameless culture, tuned alerting, and shorter on-call rotations to reduce cognitive load. 🛠️ New Tools & Announcements Next AI Draw.io - Prompt-driven diagramming (flowcharts, AWS arch, animated connectors) with file and image input for rapid diagram generation. Zerobyte - Restic-based backup automation with a web UI for scheduling/retention, multi-protocol sources (NFS/SMB/WebDAV/local), and Docker deployment. DockMon - Self-hosted Docker monitoring with real-time dashboards, multi-host support, intelligent auto-restart, and multi-channel alerting. Ingress-NGINX Retirement (Kubernetes) - SIG Network announces best-effort maintenance until March 2026 and recommends migration to Gateway API or another controller. Thanks for reading! ...

Intro According to the Go command documentation: “The go command caches build outputs for reuse in future builds.” Locally, that’s awesome: first go build is slow, next ones are much faster thanks to the cache. Inside Docker, though, each build runs in a fresh container - so the Go build cache disappears unless you explicitly persist it. That’s what we’ll fix here. 🚀 Baseline: Dockerfile without Go cache Here’s a very typical multi-stage Dockerfile: ...

Pre-requisites USB drive with Proxmox (in my case, prepared by balenaetcher) Pre-configuration Adding public keys for host (for example from Github): mkdir -p ~/.ssh && chmod 700 ~/.ssh touch ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys curl -fsS https://github.com/g3rhard.keys | awk 'NF' | while IFS= read -r key; do grep -qxF "$key" ~/.ssh/authorized_keys 2>/dev/null || echo "$key" >> ~/.ssh/authorized_keys done Next configuration could be done via WebUI or via SSH connection to Proxmox host Option 1 Removing CEPH repo (do not have plans to use it at home): ...