Caddy + CaddyUI + AdGuard Home DNS setup made simple
🐛 Release + Recipe
Linux Server
57 posts
How to Fix VMware Module Errors When Secure Boot Is Enabled on Linux
If you've ever tried to start VMware on a Linux machine and hit an error about vmmon or vmnet modules failing to load, there's a good chance Secure Boot is the culprit. This guide walks you through exactly what's happening and gives you two ways to fix it — the quick-and-easy way and the cleaner lon
Watchtower Fork: Fixing Abandoned Docker Auto-Update Tool
If you've ever relied on Watchtower to automatically update your Docker containers, you may have noticed something alarming: the project was officially abandoned in late 2024. The maintainers posted a deprecation notice and walked away, leaving thousands of homelab enthusiasts and self-hosters witho
Install Docker & Docker Compose on Ubuntu 24.04
Platform: Ubuntu Server 24.04.4 LTS — Intel / AMD (x86_64)
Speed Up AppImages on Ubuntu: GPU Acceleration Guide
If you are running a powerful Linux setup with an Intel Core Ultra 9 (Evo Edition) paired with an NVIDIA RTX 5050, you expect your apps to open instantly. Yet AppImages often feel surprisingly sluggish — even on high-end hardware. The reason is straightforward: by default, AppImages are compressed S
Fail2Ban SSH Ban Integration with n8n Webhooks
Document Owner: IT / Network
Move Docker to Separate Drive on Ubuntu
Every Linux server failure I’ve witnessed from disk issues starts the same way: the root filesystem slowly fills up. No alarms. No drama. Just creeping usage until something breaks.
Uptime Kuma to Slack Alerts via n8n
Uptime Kuma → n8n → Slack Alert Workflow
ERPNext v15 Slack Notifications for Stock Movements
If you are running ERPNext v15 and want real-time Slack notifications whenever stock movements occur, this step-by-step guide shows you exactly how to set up webhook-based alerts for Material Issues, Material Transfers, and Purchase Receipts. You will also learn how to avoid the common Jinja templat
Disable IPv6 on Linux Permanently with sysctl
Disable IPv6 on Linux
UFW Firewall: Allow TCP Port 8123 from Specific IP
Firewalls are a foundational component of any secure Linux server environment. On Ubuntu and other Debian-based distributions, UFW (Uncomplicated Firewall) provides a straightforward yet powerful interface for managing iptables rules without requiring deep knowledge of low-level networking syntax. I
Secure WireGuard Homelab: Complete Setup Guide
This page documents the complete, final configuration of a secure homelab environment built around WireGuard, Raspberry Pis, UFW, AdGuard Home, Fail2Ban, n8n workflow automation, and Uptime Kuma. It is structured as a top-to-bottom technical reference, covering design intent, implementation details,
Homelab Security: WireGuard VPN & Firewall Setup Guide
Goals Achieved
WireGuard Split-Tunnel VPN: Secure Setup Guide
This document is the final, stable Standard Operating Procedure (SOP) for a small production homelab built on WireGuard, AdGuard Home, Docker monitoring, and UFW. It reflects all configuration decisions, corrections, and lessons learned through implementation and testing. It is intended to serve as
N8N Production Server Monitoring & Security Automation
Production Monitoring & Security Automation Runbook
Mailu Behind Caddy: Complete Email Setup Guide
Self-hosting email is one of those projects that sounds straightforward until you actually attempt it. Between TLS configuration, reverse proxy behavior, Autodiscover requirements, and the expectations of modern mail clients, it is remarkably easy to end up with redirect loops, broken SMTP connectio
WordPress on Portainer with Caddy: Auto HTTPS Guide
Running WordPress behind a modern, automatic HTTPS reverse proxy is more accessible than ever with Docker, Portainer, and Caddy. What used to require manual certificate management, complex nginx configurations, and careful coordination between services can now be accomplished with a single Docker Co
Install Inkscape AppImage on Ubuntu: Step-by-Step
If you want to install Inkscape on Ubuntu using an AppImage, this step-by-step guide covers everything you need — from installing the required FUSE dependency to creating a fully integrated desktop shortcut that appears in your application menu with the official Inkscape icon. Whether you are runnin
Deploy Nextcloud with Cloudron in 30 Minutes
Want to break free from Google Drive and Dropbox without drowning in server administration? This step-by-step guide walks you through deploying Nextcloud using Cloudron — a powerful server management platform that handles TLS certificates, automatic updates, and backups on your behalf, making self-h
Install Cloudron & WordPress: Complete Setup Guide
This guide walks you through deploying a self-hosted WordPress site using Cloudron — a powerful server management platform that handles TLS certificates, automatic updates, and backups, so you can focus on building your site rather than maintaining infrastructure. By the end, you will have a fully o
Linux System Administrator: 5 Essential Lessons
From Wide-Eyed Beginner to Confident Administrator
Arista Edge Firewall 7.0.0-7.1.1 Upgrade: Fix Realtek Kernel Panic
If you are upgrading from Arista Edge Firewall 7.0.0 to 7.1.1 and your system uses Realtek Ethernet devices, you may encounter a critical issue: Linux Ethernet drivers trigger kernel panics when Energy-Efficient Ethernet (EEE) is enabled. This guide walks you through every step to apply the official
Migrate Google Drive to Nextcloud: Self-Hosted Guide
I recently migrated all of my Google Drive data to my own self-hosted Nextcloud server—and I haven’t looked back. Now, I have complete control over my personal data. Everything is stored securely on my own hardware, rather than on third-party platforms like Google Drive, OneDrive, or iCl
Build Hardware Firewall: BOSGAME Mini PC + WireGuard
Server security is something I take seriously. I recently upgraded my entire network protection setup by deploying a dedicated hardware firewall using a BOSGAME E1 Mini PC. This compact machine handles multi-server firewall duties with ease, and I also installed WireGuard VPN directly on the firewal
Set Up DNS-over-HTTPS on TP-Link Omada with AdGuard
I finally got DNS-over-HTTPS (DoH) working with Cloudron AdGuard Home. The key issue is that AdGuard Home will not accept connections on the encrypted DNS port until you add an IP address or Client ID to the Allowed Clients list. In this guide I use a Client ID. Follow the steps below to configure D
Secure SSH with Fail2Ban on Ubuntu: Stop Brute-Force
Fail2Ban is a free Python tool that helps protect Linux servers from brute-force attacks. It’s especially useful for securing SSH. With Fail2Ban, you can automatically block IPs that try to guess passwords on your server.
Linux Beginners Guide: Essential Commands to Know
This command line can be used to look up the operating system. The command is here. hostnamectl
Auto-Update Docker Containers with Watchtower & Ntfy
Maintaining Docker containers is easy—in theory. In practice, keeping your stack up-to-date with the latest images can be tedious and time-consuming. Here’s a solution: Watchtower can update containers automatically, and with Ntfy, you get real-time notifications right on your phone or desktop whene
Auto-Update Docker Containers with Watchtower & Ntfy
<!-- wp:paragraph --><p>Keep Docker containers automatically updated with Watchtower and receive instant notifications via Ntfy through Portainer's GUI. No command line needed.</p><!-- /wp:paragraph -->
Ntfy Push Notifications: SSH Alerts & Docker Updates
I am using Ntfy for my SSH alert and watchtower update. It is pretty cool to have this feature, so I can know who is accessing my server without my authorization. And know my docker needs to be updated as well.
Self-Hosted Bitwarden Setup & Login Guide
Step by step:
Build Dockerfile on Windows 10: Step-by-Step
Building a Dockerfile on Windows 11 is a common workflow for containerized development. Here's how you can do it—step by step:
Build Dockerfile on Windows 10: Step-by-Step
<!-- wp:paragraph --><p>Learn to build Dockerfiles on Windows 10 with Docker Desktop. This guide covers installation, setup, container building, and solutions for common issues.</p><!-- /wp:paragraph -->
DNS DDoS Attack: How Port 853 Saved My Servers
What a wild ride! As someone who cares deeply about keeping ads and trackers away, I run not one, not two, but three Adguard Home DNS servers for my network and my work and a few trusted friends. Things were smooth…until today’s wake-up call.
Prevent DNS Amplification Attacks: Secure AdGuard Home
Today, I turned off the DNS port 53. Since we have been cutting off our store's DNS server, it has been a DNS amplification attack. So I found out that my Router does have a DNS Proxy, My DNS Server does have HTTP over TLS and DNS-over-HTTPS. Everything is working and attacking is currently stopped
Comcast Business Free Speed Upgrade to 500 Mbps
Indeed, it was the correct decision. Comcast Business has recently upgraded our plans to 250 MBPS, automatically upgrading with download speeds reaching 500 MBPS and upload speeds at 200 MBPS. I have decided to relocate my server from medical to another location that offers the highest upload speeds
Deploy MariaDB with Portainer Stacks & Docker
If you’re looking to run a robust relational database in your Dockerized environment, MariaDB is an excellent open-source choice. With Portainer, managing your databases and application stacks becomes super easy—even with little Docker experience. In this post, I’ll walk you step by step through dep
phpMyAdmin MariaDB Setup on Portainer with NGINX
PhpMyAdmin is easy to set up for any app and fix the table database or troubleshoot. So, we will set up PhpMyAdmin with NGINX SSL secure for our HTTPS. Due to the possibility of a grabber username and password exploit, we would prefer not to expose this on HTTP.
Set Up Baserow on Portainer With Nginx Proxy Manager
This baserow is my absolute favorite, it's more like a spreadsheet with more options and an easy-to-use database. It also had a Grid and Form and a Gallery and a Calendar! It's great for our list of things to do.
Deploy Agent Edge Multi-Server with Docker Compose
Docker-compose is my go-to for secondary or distributed servers. It's better than docker run because it's more clean and organized and easier to set up. And one time, too.
Unban IP Address in Fail2ban SSH: Step-by-Step
IP address unban
Docker Compose Backup & Restore: Safe Data Recovery
When you're running apps with Docker Compose, your data is the heart and soul of your services—databases, media files, configurations, and more. Without a solid backup and restore plan, a simple mistake (or disk failure!) can lead to a world of pain. Here’s a step-by-step guide to properly back up a
Whitelist Your Website in Comcast SecurityEdge
Log in to your Comcast Business Account.
Deploy Immich v1.99.0 on Docker with Portainer
This document presents Docker compose version 3.8 for Immich Latest (1.99.0). I just changed the volume to the correct path because I want them to save in our large storage data and permission user so that any users can't see our file except root.
Fix Nextcloud Maintenance Window Error: Configure Start Time
Nextcloud Version: 28.0.3
Automate Mailcow SSL Certificate Renewal with Nginx
Make a file called "scriptmailssl.sh" and open the nano file editor. Paste these codes and save it!
Fix Nextcloud 28 Log Errors on Portainer
Delete Nextcoud.log to fix the error, but it will come back again and make sure you fix the error, so it won't pop up again. This is similar to the engine light.
Ed25519 SSH Keys: Secure Server Access Guide
If you are looking to remote your server from home, you can, but you cannot simply install OpenSSH with a password, which is very insecure. I strongly recommend using type Ed25519 ssh, which is the most secure and fast access to ssh. I recommend checking out this website. Follow the instructions on
Network Cabinet Installation at Anthem Coffee & Tea
Just wrapped up a much-needed network upgrade at Anthem Coffee & Tea! We’ve moved from a basic shelf to a secure, professional cabinet. This isn’t just about looks—it’s about reliability and maintenance.
DNS Amplification Attack: How to Prevent Server Compromise
This attack trigger was found on October 16, 2023, when I received an email that my server was nearly full. This is not a typical occurrence. Therefore, I discovered that my AdGuard Home DNS Server had been compromised, and that a significant number of IP addresses exceeding 20K were targeted specif
RustDesk on Portainer: Setup with Cloudflare Domain
This version is not PRO. Please note that. Soon, PRO will be coming. I just set up RustDesk pro with WebGui a couple of months ago.
Self-Host LanguageTool API: Deploy with Portainer & Nginx
I have been using Grammarly for my work and to strengthen my writing skills. I was looking for something cheaper and more affordable, and I found this LanguageTool, which offers an API on Docker, and it works great. We won't get premium, though… they're not yet available for self-hosted premium.
Self-Hosted Collabora Office: Setup with Portainer & Nginx
My goal to make my Nextcloud to become Google Workspace because my goal is our data most important to privacy with our data sensitive. And I would like to purchase free instead of paid Google Workspace because we have our server, and we use it for IT documents and resources.
Deploy Redis on Portainer Stacks for Nextcloud
If you’re self-hosting Nextcloud using Docker, integrating Redis as a caching and file locking service is a must for better speed and reliability. Portainer makes managing Docker super easy, especially with its user-friendly "Stacks" feature. In this post, you'll learn step by step how to:
VaultWarden Docker Setup: MariaDB, Portainer & Nginx
VaultWarden is a lightweight, open-source Bitwarden server. Deploying it on Docker with Portainer and securing it via Nginx Proxy Manager ensures easy access, security, and maintenance for your password manager. While MariaDB isn’t officially supported instead of SQLite, experienced users can try it
How to Set Up Portainer with Nginx Proxy Manager: Complete Guide
Learn how to set up Portainer with Nginx Proxy Manager in this step-by-step tutorial. First, install Docker and Docker Compose on your Linux server, then create and configure Portainer using Docker Compose via SSH.