Search for {created_by:eslam-shapsough} {type:book}

Setting Up Proxmox VE on Hetzner Root Servers (on Debian 13)

A step-by-step guide to deploying a production-ready Proxmox VE 9.1 node on a Hetzner dedicated root server, starting from a clean Debian 13 (Trixie) base installation. Covers OS setup via Hetzner's rescue system and installimage, Proxmox VE installation, netw...

Public VM Connectivity on Hetzner via PfSense

How to provide public IP connectivity to Proxmox VMs using PfSense as a gateway on Hetzner dedicated servers. Covers three methods: single extra IP with MAC reservation (full guide including PfSense setup), extra subnet routed to the host, and Hetzner vSwitch ...

Building a 3-Node Proxmox Cluster on Hetzner with vSwitch Networking

A complete guide to deploying a production-ready 3-node Proxmox VE cluster on Hetzner dedicated servers using two Hetzner vSwitches — one for private cluster heartbeat and VM traffic, one for public IP connectivity. Covers Hetzner Robot vSwitch provisioning, b...

Planning & Capacity

How the cluster was sized: CPU/RAM/disk math, memory overcommit on a swapless host, ZFS ARC capping, and the live VM right-sizing that paid for it.

Kubernetes Cluster (kubeadm + Calico)

Standing up a 4-node Kubernetes cluster from scratch: node prep, containerd, kubeadm init and join, the Calico CNI via manifest, host firewall, and the control-plane taint.

Cluster Storage with NFS (CSI)

Dynamic ReadWriteMany volumes for the cluster: a dedicated NFS server plus the NFS CSI driver wired up as the default StorageClass.

Networking & the API Gateway

Bare-metal LoadBalancer services with MetalLB, and Kong as the API gateway/ingress, including an admin surface secured behind a reverse proxy.

CI/CD & the Container Registry

A Gitea Actions runner that builds container images (Docker-out-of-Docker) and a private registry to publish them to: the build half of the platform.

Data & Observability

The stateful side: tuned PostgreSQL and MariaDB servers with per-app credentials, plus shipping cluster and database logs into the central log store.

The Lab, End-to-End

The 10,000-foot view: every moving part of the lab, how traffic flows from the edge to a pod, and where each service lives. Start here.

Edge Networking with pfSense

The front door: NAT for the private subnet, HAProxy as a reverse proxy, and TLS termination with a wildcard certificate.

The SSH Bastion (Jump Host)

Why every internal box is reached through one hardened jump host, and how the ProxyJump pattern works in practice.

Golden-Image VM Provisioning

Cloning one cloud-init template into consistent VMs: per-VM config injection, grow-on-first-boot, and a clean teardown flow.

Ubuntu VM Baseline & Tuning

The common baseline every VM gets: swap, the I/O scheduler, periodic TRIM, TCP congestion control, and kernel housekeeping.

Self-hosted Git with Gitea

Running your own Git forge: the server, repositories, and the API the rest of the platform automates against.

Documenting with BookStack

The wiki you are reading, documented: the web stack behind it and how content is organised into shelves, books, and pages.

Monitoring with InfluxDB & Grafana

The metrics pipeline: host telemetry into a time-series database, visualised and alerted on through dashboards.

Centralized Logging with Loki

One place for every log line: Loki as the store and Promtail agents on every host shipping syslog, journald, and application logs.

Advanced Search

Search Terms

Content Type

Exact Matches

Tag Searches

Date Options

Search Results

33 total results found