Posts

The journey from Chennai to Riyadh began not with plane tickets, but with a WhatsApp message on March 4th. “This is Sahil (name redacted for privacy) from XYZ Enterprises, Mumbai,” the message read. “We have received your contact number from Employer (my employer name)/visa sponsor Consultancy Name Co., KSA, regarding your medical and visa process.”

And just like that, my Saudi relocation adventure began.

Passport Renewal

The first challenge arrived immediately - my passport was in renewal. “My passport renewal is in progress,” I replied. “I am expecting it in my hand this week. In sha Allah!”

Yesterday, I had an experience that crystallized the kind of work culture I believe in. It wasn’t a complex technical problem or a groundbreaking new technology. It was a first-round interview for a DevOps Engineer position, but it was the human dynamic that made it truly memorable.

The atypical interview setup

On one side of the virtual table was me. I started my journey in the tech world 15 years ago as a Network Engineer right after graduation. Today, I work as a Cloud and Security Architect, carrying a decade and a half of experience.

Recently, I decided to enhance the security and user experience of my Grafana instance by implementing Single Sign-On (SSO) with Zitadel as the identity provider. I have written an article a year ago for something similar with Zitadel and Tailscale. In this blog post, I’ll share my experience following the process outlined in this helpful article, along with some additional insights and tips I discovered along the way.

What is Zitadel? (to those wonder)

Zitadel is an open-source identity management platform that provides authentication, authorization, and user management functionality. It supports various authentication protocols including OAuth 2.0 and OpenID Connect (OIDC), making it an excellent choice for implementing SSO across multiple applications.

I recently implemented a solution to automate my Bind9 zone file updates in my private infrastructure using GitHub Actions with free runners, all secured through a Tailscale overlay network. This setup has significantly improved my workflow and provided me with both flexibility and security. In this post, I’ll share my approach and compare it with cloud DNS solutions like AWS Route53 and Google Cloud DNS.

The Setup: GitHub Actions + Tailscale + Bind9

What I’ve built

My solution uses GitHub Actions to automatically deploy DNS zone changes to my private Bind9 server whenever I push updates to my repository. Here’s how it works:

In today’s digital landscape, securing your web applications with HTTPS is not just a recommendation but a necessity. In this blog post, I’ll share how I setup automated SSL certificate issuance for my domains, including wildcard certificates, using Traefik, Let’s Encrypt, and Cloudflare.

The Setup

My goal was to automate the management of SSL certificates for various subdomains and wildcard domains like:

• co.example.com
• io.example.com
• *.co.example.com
• *.io.example.com

By combining Traefik (a modern HTTP reverse proxy), Let’s Encrypt (for free SSL certificates), and Cloudflare (for DNS management), I created a fully automated SSL certificate renewal system for my homelab setup.

Listen up, fellow petrolheads and two-wheel warriors! Today, we’re diving deep into a topic that separates true automotive enthusiasts from casual buyers: why pre-owned vehicles aren’t just a compromise—they’re a lifestyle choice.

The Depreciation Myth Busted

Imagine walking into a dealership and watching $10,000 evaporate the moment you drive off the lot. New vehicles are financial black holes for enthusiasts. Pre-owned? That’s where the real magic happens. We’re talking about accessing dream machines at a fraction of the cost, with money left over for the upgrades that truly make a vehicle YOUR vehicle.

Introduction

Puppet is a powerful configuration management tool that helps system administrators automate the provisioning and management of servers. This guide will walk you through setting up Puppet on Debian Bookworm (Debian 12) and explain how to use it effectively for infrastructure automation.

Prerequisites

• Debian 12 (Bookworm) servers
• Root or sudo access
• Static IP addresses for all servers
• Properly configured hostname and DNS settings
• Minimum system requirements:
  • 2GB RAM
  • 2 CPU cores
  • 20GB disk space

Architecture Overview

Puppet follows a client-server architecture:

I think Tailscale is a great product. Despite this, I’ve been hesitant to use it for everything due to not being able to use it without using Big Tech as an identity provider. The options have historically been to use either Microsoft, GitHub (basically Microsoft), Google or Apple. None of these companies align with my personal values. One workaround is to use Headscale which is a self-hosted implementation of the Tailscale control server which removes the need to use an identity provider altogether.

May the peace and blessings of Almighty Allah be upon you.

I did my second Umrah in 2022 alone (first one was in 2017 with my family), All praise goes to Allah! Here it is how I did it with help from lord of the Universe.

The Trigger

It was a fine Sunday (I believe, I forgot when I write this, but I am more or less sure because I meet my friends on weekends), I was in half sleep and laying on my bed and the Reddit notification (How I got my multi-entry Saudi eVisa as the UAE resident) was popped up on my phone. Yes! You heard it right. Reddit!

If your idea of the ideal workplace is one where people wear suits and speak in hushed voices, you should probably stop reading this right now. Unfortunately, you should probably also stop reading if you want a job that you can leave at 5 pm on the dot every evening. If your job is not affected during this covid-19 pandemic, thank to Technology.

The mecca of research, development and innovation

Perhaps the biggest reason to work in the technology is the work itself. If you’re interested in being on the principle of research, discovery, development and innovation, there is likely no better industry to be in.