Securing MQTT Traffic using cert-manager

I use MQTT in my home lab to connect different Home Lab services like ESPHome, Home Assistant, Node Red, etc. It’s great because it’s a light-weight way to decouple these services, but by default there’s no security. I can’t prevent a sensor from manipulating another sensor’s data, I can’t prevent somebody who has network access from monitoring messages. In this post, I’m going to walk through enabling TLS with usernames and passwords or mTLS (Mutual TLS) using cert-manager.

Auto switch between light and dark mode on GNOME

I recently got a Framework laptop and installed Ubuntu on it to give Linux for laptops a chance after using Windows and Mac for work for years. One thing I wanted was to be able to switch between light mode and dark mode automatically depending on the time of day. GNOME had a blue-light filter mode that could automatically turn on, but it didn’t appear to have a way to switch between light mode and dark mode at the same time.

GoDaddy is now blocking API access

I own few domains and one of those domains is registered at GoDaddy. This is for historical reasons because this domain is on the .es TLD but my preferred registrar, PorkBun or CloudFlare, do not support this TLD. I kept it there mainly because I’ve had it for 10+ years and there were some new identify requirements that I didn’t want to deal with yet. I use external-dns as a tool to automatically to take my Kubernetes Ingress resources and register them in my DNS zone.

The confusing world of scraping my own stock portfolio

This article is part of the Self-hosted Finances series.

Over the past few months, as part of my self hosted finances series I’ve been working to extract all of my stock portfolio into some kind of self hosted database. I came across Ghostfolio, which is an open-source (with a paid hosted edition) tool for tracking stock portfolios. It was able to give me a portfolio view across multiple brokerages, automatically fetched stock prices, and gave some basic allocation reporting.