Operations

TL;DR Goss tests the image, not the running container. Use dgoss run --env-file .env to inject your environment and then assert in three layers: does the var exist, is it non-empty, and does it actually authenticate? That layering tells you exactly where the chain breaks instead of just “MySQL connection failed.” The problem I saw someone in a DevOps forum wrestling with this exact thing. They were manually debugging why their .env values weren’t translating properly into MySQL credentials, and had turned to Goss to automate sanity checks. Two questions tripped them up: ...

TL;DR Someone leaked the Claude Code source on GitHub. OpenClaw, the open-source AI coding agent with 346k stars, solves the same problem with a completely different architecture. I compared both codebases at the structural level. The verdict: these are independent implementations that converge on the same tool-use patterns because that is what the problem demands — not because one copied the other. Background In late March 2026, a repository appeared on GitHub containing what appears to be the full source code for Anthropic’s Claude Code — the terminal-based AI coding agent I wrote about switching to last month. The repo has two commits (“init” and “add readme”), 1,932 files, and weighs 43MB. ...

TL;DR Busy week. Three CVE patches shipped on the same day. OpenClaw stabilized with OpenRouter support and a cost exporter. The Wiki.js fork with Mermaid 11 went live after clearing a Trivy scan. PiKey — a Raspberry Pi that pretends to be a Bluetooth keyboard — shipped as a side project. A self-hosted GitHub Actions cache server cut CI restore times from minutes to seconds. And a Reddit comment defending “I use Claude to manage my infrastructure” turned into five new blog posts and a documentation sprint. ...

TL;DR Wiki.js 2.x ships Mermaid 8.8.2, released in 2020. Mermaid 11 — the current stable release — adds timeline diagrams, improved gitGraph, better theming, and fixes years of rendering bugs. The upstream project defers this upgrade to Wiki.js v3, which has no release date. The PR queue has sat idle for over a year. I forked requarks/wiki at tag v2.5.312, upgraded Mermaid in-place, patched 8 CVEs including one Critical SAML authentication bypass, reduced the vulnerability count from 8 Critical / 48 High to 3 Critical / 42 High, and deployed it to the cluster. The fork stays close to upstream — Vue 2 and Webpack 4 are untouched. Only the Mermaid surface and security dependencies are modified. ...

TL;DR If you run self-hosted GitHub Actions runners, every actions/cache step is round-tripping to GitHub’s cloud storage. For a homelab cluster with local runners, that means cache restores travel from GitHub’s CDN to your runner, through your ISP, and back – even though the runner is 10 feet from your NAS. I deployed falcondev-oss/github-actions-cache-server as a Kubernetes deployment, pointed it at NFS storage on my NAS, set one environment variable on my runners, and flushed all the GitHub-hosted caches. Zero workflow changes required. ...

TL;DR The Linux kernel is 36 million lines of C. Rust has been slowly entering the kernel since Linux 6.1, but progress is measured in individual drivers and abstractions – a few thousand lines per release cycle. What if you skipped the incremental approach and asked Claude to rewrite major subsystems wholesale? I spent a weekend scoping this as a serious project plan: breaking the kernel into translatable units, estimating token costs, identifying the hard walls, and testing Claude’s ability to produce correct Rust translations of real kernel C. The conclusion: Claude can translate isolated, well-bounded kernel modules with surprising accuracy. It cannot translate the kernel. The difference between those two statements is the entire lesson. ...

TL;DR Regulatory compliance – SOC 2, GDPR, HIPAA, PCI DSS, ISO 27001 – looks impenetrable from the outside. Hundreds of controls, dozens of policy documents, auditor-specific jargon, and no clear starting point. Before you hire a $300/hour consultant or drop $50K on a GRC platform, you can use Claude to do the initial heavy lifting: map which frameworks apply to your business, identify your biggest gaps, draft policies that match your actual infrastructure, build a prioritized remediation plan, and prepare for your first auditor conversation. This post walks through the process I used, with real prompts and outputs, to go from “we probably need SOC 2” to a concrete compliance roadmap in a single afternoon. ...

TL;DR On March 21, I shipped meaningful work across five repositories in a single day: a 13,674-line stock trading platform from scratch, a Harbor container registry replacing AWS ECR across 13 CI workflows, API key authentication and an HA proxy for digital signage, inventory sell signals for a trading card tracker, and an OpenClaw cost optimization that killed an idle token burn. Every commit was co-authored with Claude. This post breaks down the mechanics of how that actually works – the prompting patterns, the failure modes, the things I would not let the AI do, and the real throughput multiplier. ...

TL;DR GitHub Copilot is more capable than most people give it credit for. I used it heavily – not just for autocomplete, but for multi-file edits, chat-driven debugging, and workspace-aware refactoring. After a year of intensive Copilot usage and a month with Claude Code Max ($100/month for the Max plan with Opus), I moved my primary workflow to Claude Code for infrastructure and backend work. The reason is not that Copilot cannot do these things – it is that Claude Code is faster and I can hand it a task and let it run without babysitting. Copilot still wins for inline code completion in the editor. Claude Code wins when I want to describe a goal and walk away while it executes. ...

TL;DR One month ago, I had three empty Lenovo ThinkCentre M920q mini PCs and a Proxmox installer USB. Today, the cluster runs 8 Kubernetes nodes, 15+ applications, full observability with Prometheus and Grafana, AI-powered alert analysis, self-hosted CI/CD, 10GbE networking, and a 3D printer fabricating custom hardware. Total hardware cost: under $800. This post traces the entire journey, day by day, including the things that went wrong. ...