pfSense and Tor
I have recently moved from a pfSense vm to dedicated hardware. I may move back, but while I was evaluating the system, I installed TOR ( The Onion Router) package on to my firewall to allow me to route traffic.
Self hosted
Welcome to the Self-Hosted section of PHP Systems Blog. Here, I share how I run my own infrastructure - from hosting web apps and game servers to managing automation, backups, and security. Whether you’re looking to reclaim control from the cloud or just enjoy the challenge of running your own services, you’ll find tutorials, walkthroughs, and real-world setups here.
Using Kestra to update my proxmox IPSet
I've been using Kestra for a while now to automate some of the more mundane tasks around my network. One of these tasks is keeping the firewall up to date. This blog sits behind cloudflare, and as such, only cloudflare needs to access it. All other sources should be be denied (except internally).
FreePBX and Zen Digital Voice
As part of a money saving effort along with improving my internet speeds, I needed to do something with the telephone number coming in to my house. Fortunately, I have been playing with Asterisk for quite a few years now.
Fixing booting issues with LVM
Earlier this yaer, I bought a Firebat N100 pc to add to my proxmox cluster. The device itself is great. Apart from when updating, it sometimes reboots. Recently, this reboot was while the kernel was being updated.
Proxmox, LXC and Terraform
Even before Broadcom appeared to be doing it's best to kill off VMWare, I've been looking to migrate from VMWare to Proxmox. I already have 2 Proxmox nodes, and just have one last node to migrate, along with 1 VM. I have been migrating for a while and the import tool seems to work very well.
Fixing affliate links in Ghost
At some point (hopefully soon ...) I would like my blog to at least be able to generate some income. Getting off the ground is a bit of a pain. Amazon have minium of 3 sales before you can properly become an affliate.
Deploying vault via docker and ansible
Adding to my in-promptu series on automating docker containers with ansible, this time I'm looking at Hashicorp's Vault. This is slightly different, in that it required a binary to be installed on the ansible controller (a raspberry pi). Once vault is deployed, we need to unseal the containter.
Monitoring DMARC with Docker
In this post, I deploy a docker container via docker compose and ansible to read my dmarc reports.
Using ansible to deploy a gitlab runner.
After deploying watchtower to one of my docker instances, I noticed that it was having issues with restarting the container. The actual fault turned out to be the networking with portainer, but in the meantime, I wrote an ansible playbook to redeploy / restart the container.
Deploying Plex with docker and ansible
After deploying watchtower to one of my docker instances, I noticed that it was having issues with restarting the container. The actual fault turned out to be the networking with portainer, but in the meantime, I wrote an ansible playbook to redeploy / restart the container.
About the author
Tim Wilkes is a UK-based security architect with over 15 years of experience in electronics, Linux, and Unix systems administration. Since 2021, he's been designing secure systems for a telecom company while indulging his passions for programming, automation, and 3D printing. Tim shares his projects, tinkering adventures, and tech insights here - partly as a personal log, and partly in the hopes that others will find them useful.
Want to connect or follow along?
LinkedIn: [phpsytems]
Twitter / X: [@timmehwimmy]
Mastodon: [@timmehwimmy@infosec.exchange]
If you've found a post helpful, consider supporting the blog - it's a part-time passion that your support helps keep alive.