Blog

An explanation of how to enable secure boot on NixOS, using a community project named ‘Lanzaboote’, and further how to automatically unlock a LUKS-encrypted disk using a TPM with systemd-cryptenroll.

The community-led organisation Snapcrafters maintains hundreds of Snap packages, with hundreds of thousands of users. This post looks at an upgraded test/release process with automated screenshotting of GUI apps, and a new Github Actions based workflow.

The homepage-dashboard NixOS service previously enabled the deployment of the wonderful homepage dashboard, but its configuration was not handled natively in Nix by the module. This post shows how I added support for native configuration, and how you can migrate.

A follow on from my last post, outlining the process of upstreaming Scrutiny to nixpkgs to make it easier to consume, and have it included in future NixOS releases.

A detailed walkthrough how I packaged Scrutiny, a S.M.A.R.T disk monitoring tool, for NixOS. Includes details of creating a NixOS module and using the NixOS testing framework to validate its functionality.

A write up of how I boot KVM accelerated NixOS VMs on Github Actions runners in order to run end-to-end tests for my packages.

Documenting how I render, serve, build and deploy my personal website and blog using a combination of Go, Hugo, Nix and Fly.io.

(Repost) A write-up of my adventures with Parca, and building a Snap package, as well as a set of charms for driving Parca and profiling applications run with Juju on machines and Kubernetes.

(Repost) Building a zero-trust, serverless authentication system for SSH on Microsoft Azure, complete with custom ssh-agent and serverless certificate authority.