Sysadmin field notes

Deep dives on
Linux, infra
& the command line.

Practical guides for engineers who live in the terminal. No fluff — just reproducible steps and honest trade-offs.

Identity Management DNS & Networking Kerberos Containers Security Hardening LDAP Ansible Monitoring
Featured post
Featured

Installing FreeIPA on Rocky Linux 9

A complete walkthrough — from hostname prep and DNS, to enrolling your first client and setting up sudo rules. Everything you need to stand up enterprise identity management on RHEL-compatible distros.

📅 Mar 2026 ⏱ 20 min Identity
Read the guide →
All posts
Kerberos Feb 2026

Cross-Forest Trusts between FreeIPA and Active Directory

Bridge your Linux identity infrastructure with an existing Windows domain. Step-by-step trust configuration with gotchas explained.

⏱ 15 min
DNS Feb 2026

BIND9 on Rocky Linux — Views, TSIG & DNSSEC

Lock down your authoritative name server with split-horizon views, transaction signatures, and full DNSSEC signing.

⏱ 25 min
Containers Jan 2026

Rootless Podman with systemd User Services

Run containers as unprivileged users, auto-start them with loginctl, and generate quadlets — all without touching the root account.

⏱ 12 min
Security Jan 2026

CIS Benchmarks for RHEL 9 — Practical Hardening

Which CIS Level 2 controls actually matter in a lab vs. production, and how to audit compliance with OpenSCAP without breaking your system.

⏱ 30 min
Ansible Dec 2025

Idempotent FreeIPA Provisioning with Ansible

Use the freeipa.ansible_freeipa collection to automate users, HBAC rules, sudo policies, and DNS records — all in version control.

⏱ 18 min
Monitoring Dec 2025

Grafana + Prometheus for FreeIPA Health Checks

Expose replication status, KDC ticket counts, and cert expiry as Prometheus metrics, then build a Grafana dashboard that pages you before things break.

⏱ 22 min