Infrastructure

Overview This project documents the design and implementation of a production-grade backup system for a Linux workstation, replicating critical system directories to a Synology NAS. The objectives were: Fully automated operation Safe execution from both CLI and scheduler No overlapping runs Protection against hung transfers Reliable email reporting Support for machines that are not always powered on All hostnames, IP addresses, and email domains below are intentionally anonymised. Architecture Source: Linux workstation Destination: Synology NAS (SSH, non-standard port) Transport: rsync over SSH (key-based authentication) Scheduler: anacron Reporting: msmtp (sendmail-compatible) ...

Introduction As part of building my self-hosted Hugo publishing workflow, I wanted something simple: Edit content Commit changes Push to Git Deploy automatically I didn’t want to manually SSH into the server every time. So I wrote a small helper script called hillpush. What hillpush Does The script automates the full deployment workflow: Detects the Git repository root Checks for remote updates Rebases cleanly if required Stages and commits changes Pushes to Git Triggers the publish script on the web server In short: ...

As part of building my self-hosted Hugo publishing workflow, I ended up with a surprisingly useful reminder: Even if your deployment looks simple, it often relies on more than one network flow. This came up when I started tightening firewall rules around my DMZ web server. The Setup (High Level) My environment looks roughly like this: A trusted workstation where I write content An internal Git server (Gitea) on the LAN A public-facing web server in a DMZ A deployment script that pulls updates and rebuilds the Hugo site The publishing workflow is: ...

Overview This article documents a practical pattern for reliable outbound mail in a small network: A dedicated mail relay host (hl-mail) running Postfix Workstations using msmtp (via msmtp-mta) as a lightweight sendmail-compatible client Postfix relays mail to an upstream provider (a “smart host”) using SASL authentication and (typically) STARTTLS All hostnames, IP addresses, and email addresses are anonymised. Replace placeholders like: hl-mail.lan (mail relay host) mail.example.com (upstream SMTP provider / smart host) user@example.com (mailbox) 192.168.x.x (LAN IPs) Architecture Workstation(s) sendmail → msmtp → SMTP to hl-mail.lan:25 ...