// /writing
Field notes
Walkthroughs of things I built and why. Mostly self-hosted infrastructure — the kind of writeups I wish existed when I was hunting for the answer at 2am.
SecureCRT Button Command Suite - Full NOC Automation Pack
200+ commands across 13 sections, platform-tagged for IOS/IOS-XE, IOS-XR, NX-OS, ASA, and FTD/FMC — wired into SecureCRT's button bar to cut the time spent typing the same commands during every troubleshooting call.
Why TLS made my homelab actually usable
Running eight internal services without HTTPS is a friction tax you pay every day. Here's how I fixed it with nginx, acme.sh, and a single wildcard cert — no manual renewals, no browser warnings.
When the firewall isn't the edge
Half the lab was misbehaving in unrelated ways. The common cause was one NAT I didn't own.
Putting the platform under Ansible
A host crash exposed config drift across 8 machines. Ansible closed the gap in an afternoon.
Dual-repo pattern for self-hosted platforms — public portfolio, private source of truth
Real configs and portfolio screenshots don't belong in the same git history. Here's the pattern I use, why it matters, and the gh commands to set it up.
Wildcard TLS for a self-hosted homelab — Cloudflare DNS-01, end to end
How I gave eight internal services real Let's Encrypt certificates with one wildcard, no port forwards, and automated renewal. Walks through the Cloudflare token, acme.sh setup, nginx wiring, and the gotchas that bit me.
The NIC that wouldn't bridge — Intel I350-T4V2 as the foundation for a segmented lab
The onboard NIC that couldn't pull DHCP through VMware bridged networking, the diagnosis that pointed at consumer hardware limits, and why I picked a server-grade Intel quad-port over cheaper alternatives.