LogoBotmonster Tech
AI Smart Home Self-Hosting Coding Web Dev Hardware Bootpag Image2SVG Tags

Docker

  • ◀︎
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • ▶︎
Wildcard SSL Certificates with Let's Encrypt and DNS-01

Wildcard SSL Certificates with Let's Encrypt and DNS-01

A wildcard SSL cert for *.example.com from Let’s Encrypt covers every one-level subdomain. You get one through the DNS-01 challenge, or, since February 2026, through the new DNS-PERSIST-01 challenge that skips per-renewal DNS edits. One wildcard cert replaces the per-service certs you’d otherwise juggle behind your reverse proxy.

Key Takeaways

  • One wildcard cert covers every one-level subdomain under a domain, replacing dozens of per-service certs.
  • Only DNS-based challenges (DNS-01 and DNS-PERSIST-01) issue wildcards; HTTP-01 and TLS-ALPN-01 won’t work.
  • The newer DNS-PERSIST-01 challenge lets you authorize once and skip DNS edits on every renewal.
  • Certbot and acme.sh both automate the DNS challenge through provider-specific plugins or tags.
  • Systemd timers handle the 90-day renewal window cleanly, with deploy hooks to reload your reverse proxy.

Why Wildcard Certificates and When You Need Them

If you run three subdomains, single certs work fine. Each one gets its own HTTP-01 challenge, Certbot handles renewal, and life is simple. Once you pass 10 or 15 subdomains, the chore list grows. Every new service needs its own cert request, its own renewal entry, and its own way to break. A wildcard cert folds all of that into one.

Build a Fanless Home Server for Under $300: Silent, Efficient, and Powerful

Build a Fanless Home Server for Under $300: Silent, Efficient, and Powerful

A fanless home server under $300 is real in 2026. Using an Intel N150 or N305 mini PC - the Beelink EQ12 Pro or GMK NucBox G3 - you get a passively cooled machine that draws 6-15W under load, makes zero noise, and handles a full stack of self-hosted services: Home Assistant, Jellyfin, Vaultwarden, Nextcloud, Immich, and a WireGuard VPN all running simultaneously without a single fan spinning.

Podman vs Docker for Self-Hosting: I Measured the Difference

Podman vs Docker for Self-Hosting: I Measured the Difference

For self-hosting on Linux in 2026, Podman is the better default. It has no daemon, runs rootless out of the box, and its Quadlet unit files make containers behave like any other systemd service on your box. I say that as someone whose own stack still runs on Docker . After years of reading that Podman is lighter, faster, and safer, I installed it next to Docker and measured the difference on my own hardware. Some claims held up: rootless Podman with pasta networking (Podman’s user-mode network layer) beat rootful Docker’s bridge on download throughput in every run. There is also no daemon holding memory between deployments. One claim did not survive: the often-repeated “Podman starts containers about 50 ms faster” was a statistical tie on my machine.

Self-Host Plausible Analytics: 1 KB Script, No Cookies

Self-Host Plausible Analytics: 1 KB Script, No Cookies

You can run a self-hosted Plausible Analytics instance on a $6/month VPS. It uses Docker Compose and a Caddy reverse proxy for automatic HTTPS. The whole process takes under 30 minutes. Once it runs, you add one <script> tag to your site and you’re done. No cookie banners, no personal data collected. The tracking script weighs under 1 KB gzipped. It stores everything in a ClickHouse database on your own server, and gives you a clean, fast dashboard for your traffic.

Private Package Registries: PyPI, npm, Supply Chain Control

Private Package Registries: PyPI, npm, Supply Chain Control

You can self-host a private PyPI registry with pypiserver and a private npm registry with Verdaccio . Both run on a single box or inside Docker containers. You get three wins that public registries cannot match: faster installs from a LAN cache, a safe home for private packages, and cover against outages, typosquatting, and supply chain attacks. Both tools are free, open-source, and take under 30 minutes to set up.

Testcontainers: PostgreSQL, Redis, Kafka Testing

Testcontainers: PostgreSQL, Redis, Kafka Testing

Testcontainers spins up real databases and services as Docker containers inside your test suite. Tests run against production-grade PostgreSQL, Redis, or Kafka instead of flaky mocks. The testcontainers-python v4.14.2 library works with pytest . It automates the container life cycle. You get isolated, reproducible integration tests that catch bugs unit tests miss.

Below: setup with pytest, testing services beyond databases, performance patterns, and CI/CD configuration.

Why Mocks and In-Memory Databases Are Not Enough

Mocking db.execute() only checks if your code calls the function. It does not check if the SQL is valid. It also misses schema errors and type mismatches. You might have passing tests while your queries fail in production.

  • ◀︎
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • ▶︎

Most Popular

Gemma 4 vs Qwen 3.5 vs Llama 4: Which Open Model Should You Actually Use? (2026)

Gemma 4 vs Qwen 3.5 vs Llama 4: Which Open Model Should You Actually Use? (2026)

Gemma 4, Qwen 3.5, and Llama 4 compared on benchmarks, licensing, speed, and hardware so you can pick the right open model fast.

5 Open Source Repos That Make Claude Code Unstoppable

5 Open Source Repos That Make Claude Code Unstoppable

Five March 2026 repos extend Claude Code with autonomous ML, self-healing skills, GUI automation, multi-agent coordination, and Google Workspace access.

Cross-section of a translucent crystal brain threaded by red, gold, and teal attention ribbons resting on a doubly-stochastic matrix pedestal beside a guitar-tuning lab figure.

DeepSeek V4 Tech Report: 3 Tricks That Cut Compute 73%

DeepSeek V4 ships 1.6T parameters and 1M context using only 27% of V3.2's inference FLOPs. Inside the hybrid attention, mHC residuals, and Muon optimizer.

Cracked stone tablet engraved with a bulleted system prompt, four crossed-out goblin silhouettes repeated, a tiny goblin escaping with upvote-arrow sparks, a giant dollar-sign price tag, and figures refusing to step onto a glossier pedestal.

GPT 5.5 Reddit Reception: Goblins and the Cost Backlash

GPT-5.5 Reddit reception: viral goblin prompt leak, doubled pricing backlash, and 5.4 holdouts citing hallucination regressions in factual recall workflows.

What X and Reddit Users Are Saying about Claude Opus 4.7

What X and Reddit Users Are Saying about Claude Opus 4.7

How power users on X and Reddit reacted to Claude Opus 4.7: praise for agentic coding, token burn concerns, and teams' practical prompting habits.

Qwen3.6-35B-A3B: Alibaba's Open-Weight Coding MoE

Qwen3.6-35B-A3B: Alibaba's Open-Weight Coding MoE

Alibaba's sparse Mixture-of-Experts: 35B total parameters, 3B active per token. Q4 quantization runs on MacBook Pro M5, matches Claude Sonnet performance.

Alacritty vs. Kitty: Best High-Performance Linux Terminal

Alacritty vs. Kitty: Best High-Performance Linux Terminal

Alacritty vs Kitty in 2026: emoji and Unicode rendering, real benchmarks, latency, memory, maintainer reputation, and the right terminal for your workflow.

Like what you read?

Get new posts on Linux, AI, and self-hosting delivered to your inbox weekly.

Privacy Policy  ·  Terms of Service
2026 Botmonster