braedach.com - Always Learning

Code

Proxmox VE 9.1 - Configuration

As previously stated, I have been reading a lot of Brandon Lee and realized that I have been configuring my LXC's and Proxmox server with obsolete iptables. This has resulted in a complete rewrite of the associated configuration scripts Brandon Lee is located here Complete Guide to Proxmox

Code

Zoraxy Reverse Proxy Setup

This script has been created to automate the process of creating the proxy Learnings: * Debian 13 uses nftables by default so I made a mess of it using iptables * Backup the LXC * Undo all the incorrect work and rebuild it using nftables * Test the code again * Put a reworking note

Cybersecurity

Dawn of Cyberwarfare

Recently released and award winning Don't think it applies to you, the business you own, the business you work for, your council, school, water utility, electricity supplier, state or federal government. You wrong. #enoughsaid

Projects

The Zoraxy Reverse Proxy

This proxy absolutely rocks Further information here. Brandon Lee again. Clever man. Why Zoraxy Might Be the Best Reverse Proxy for Home LabsLearn about Zoraxy reverse proxy for home labs, including Docker setup, TLS automation, WebSocket support, and how it compares to Nginx Proxy Manager.Virtualization HowtoBrandon Lee Any how

News

Merry Christmas 2025

From my horde to yours May life be kind to you and may you have a great new year Stay safe, strong and see you in another year #enoughsaid

Projects

I need a new Server

AI is causing me to steal threads, and juggle servers. Absolutely — let’s build this out properly. I’ll give you three clean, operationally‑useful hardware tiers, all mapped to Ollama + CUDA + Proxmox + LXC passthrough, exactly the environment you and I have been engineering. I’ll also give you a

Proxmox

KSM in Proxmox VE

KSM in Proxmox VE is primarily designed for QEMU/KVM virtual machines (VMs). It does not provide meaningful deduplication benefits for LXC containers, because containers share the host kernel and libraries directly rather than duplicating them in isolated memory spaces pve.proxmox.com. 🔍 Why KSM is VM-focused * VMs (QEMU/KVM)

Cybersecurity

Smart TV's - Case Study

Unbelievable, although this is a very small percentage of Smart TV's A new distributed denial-of-service (DDoS) botnet known as Kimwolf has enlisted a massive army of no less than 1.8 million infected devices comprising Android-based TVs, set-top boxes, and tablets, and may be associated with another botnet

Interests

The World's Fastest Drone - Australian

Another tick in the box An Australian man built a lightweight drone that has just earned itself a Guinness World Record after clocking a top speed of more than 388mph That's about 624 kph or 337 knots An Australian man just built a 388mph drone and it’s

News

NASA's New Leader

This will get interesting. I read his draft Project Athena plan last night (the link is in the post). NASA finally—and we really do mean it this time—has a full-time leaderA long and winding road to reach NASA’s headquarters in Washington, DC.Ars TechnicaEric BergerJared Isaacman -

Interests

Build vs buy is dead — AI just killed it

The following is an interesting post on the power of AI My son has mentioned more than once that some of his friends who actually are in cybersecurity are using AI more and more do solve, enhance and increase their efficiencies in their job roles. The following is from Siqi

Cybersecurity

📺 Texas Sues Smart TV Makers Over Spying Allegations

This is happening in America, but it’s hard to believe it will remain limited to the United States. The Texas Attorney General has filed lawsuits against Samsung, LG, Sony, Hisense, and TCL, alleging that their smart TVs secretly spy on users and sell viewing data without proper consent. 🔎 What’

Projects

Immich Photo Server

I am happy enough with this at the moment to publish it. Current status * Deployed * 33000 photos ingested * 1000 videos require transcoding due to old format - doing this for speed * Android applications deployed and working, syncing images * External web support not deployed at this time - internal use only

Proxmox

Privileged LXC Containers

A really handy post on the dangers of doing so. Guilty as charged but I run more than one LXC of various flavors, based on Docker or Podman, privileged and unprivileged. But it's a good head's up Be careful when using privileged LXCs on ProxmoxUnless you

ghost

Ghost - Pesky Newsletters

So, you have rebuilt your servers or restored data and now you need to clean up the archived newsletters. The following should be considered: * You cannot do this with Ghost Pro hosting to my knowledge * It is not supported by ghost.org and they don't recommend it. * However,

Projects

Proxmox LXC's & RAM

Make sure your LXC cache doesn't go into the red. I had to quadruple mine, up around 4Gb as the server basically stalled. When LXC cache usage goes critical and stalls the server, it's often due to Linux's memory pressure mechanisms—not a failure

Interests

What if - Your Genes

Once again - AI used to solve massive problems The DNA you’re born with isn’t the version you’re stuck with. Dyno Therapeutics CEO Eric Kelsic explores why gene therapy can be transformative and why it’s so difficult to pull off: you have to get the right

Interests

The Thinking Game

This man is a genius. If you find the time, please watch. Truely enjoyed watching this. The power of AI. #enoughsaid

Projects

Podman Update Service

Please use my code as a guide till I figure out what is going on. My bet is the label is missing from a lot of containers I don't want on the update list My second bet is that I have not enabled the remaining podman service that

Projects

Beszel Monitoring Service

I am still stuffing about with my server. I would be a lot further along with this if it was not for Docker version 29, Proxmox VE 9.1, Apparmor and Portainer CE. I think nearly every single one broke in some way after they updated their software. Anyhow moving

Interests

Chongqing East Railway Station

Damn, you have to admire the Chinese. The scale is unbelievable. Wife & I are in awe. Automation, return on Yuan spent, green and bloody fast. See the video below, and yes it has a few errors, but you will get the idea. No wonder we are falling behind. Chongqing

News

The Fugitive Father: The Extraordinary Case of Tom Phillips and His Children

Few stories in recent New Zealand history have captured the public imagination quite like the saga of Tom Phillips, the Marokopa father who vanished into the bush with his three children, evaded authorities for nearly four years, and ultimately died in a police shootout. His case has sparked outrage, sorrow,

Cybersecurity

Wireshark - Update now

Busy, busy, busy The Wireshark Foundation has rolled out a crucial security update for its widely used network protocol analyzer, addressing multiple vulnerabilities that could lead to denial-of-service conditions. The latest release, version 4.6.1, specifically targets flaws discovered in the Bundle Protocol version 7 (BPv7) and Kafka dissectors.

Cybersecurity

Fail2Ban - CVE-2025-45311

No further action required - until proven otherwise Direct Answer: CVE-2025-45311 was assigned to fail2ban-client v0.11.2, but the fail2ban developers themselves have stated that it is not a valid vulnerability. The CVE claims insecure permissions could allow privilege escalation, but the project maintainers reviewed it and concluded that

Interests

Watchtower Container Replacement

Apparently, watchtower has also been broken by version 29 of the docker engine Watchtower is an oldie and has worked so well for so long. However, as of now, it is going on three years stale without updates. In fact, with the latest update to Docker 29.x, it has