• Home Lab Setup Apr 18 Most of this is equipment I have had for a long time, but I have added a list of hardware in my home lab here, and will try to keep it current whenever anything changes.
  • Wordpress to Hugo Feb 17 After a few years of running this site on Wordpress (on a Gentoo Linux IaaS instance hosted at Linode), I decided to get with the times and switch over to using a static site generator, storing the site content as code. Over time I had become increasingly aware of the effort required to keep a Wordpress site secure, to the extent that I worried it would only be a matter of time before I’d take too long to patch the latest zero-day in a Wordpress plugin or similar, and the site would end up getting hacked.
  • WSL Nov 18 I have really been enjoying WSL lately, and felt it was worth writing a quick article about some of the opportunities it opens up. Clearly, choice of operating system is very much a personal preference, and it will (should) also vary according to the use-case. And although I appreciate that many people will want to do things differently, there are probably also many others whose preferences are similar to mine.
  • Desktop PC Upgrade Feb 3 It’s about time to upgrade my desktop PC - as the core components all date back to mid-2016. I think it has managed to last that long because I haven’t had the opportunity to do much gaming in the last 2 years. I intend to take my usual approach of just upgrading a few components at a time (on this occasion it’ll be the CPU (and cooler), motherboard, and perhaps RAM, but nothing else), and carrying forward the existing Windows installation.
  • GRE over IPSec with IKEv2 between IOS and OpenBSD Apr 27 Although the enterprise WAN connectivity market is increasingly focused on SD-WAN nowadays, there are still plenty of scenarios which call for more standards-based VPN technologies. In particular, inter-organisational connectivity (such as between partner companies). Not only does the proprietary nature of the SD-WAN solutions available today mean they are unsuitable for such environments, but their architecture generally involves a single central controller / point of management. Admittedly I don’t have much direct experience of SD-WAN at this point, but I would be very surprised if the permissions model in such a design is capable of catering for environments in which no single person can have admin rights to the entire deployment, making them unsuitable for spanning multiple autonomous systems - where each AS wants full control over their own network.
  • Easy-RSA as the basis for a PKI Apr 24 This will be the first of a number of posts that I would have made in the past if I’d had a blog at the time. In other words the contents dates back a couple of years. But it should nevertheless (hopefully) still be relevant/interesting! Why bother with a private PKI at all? Just use Let’s Encrypt… For publicly-trusted X.509 certificates, Let’s Encrypt has undoubtedly become the go-to solution for most use-cases (pretty much anything that doesn’t require OV or EV certificates).
  • Deus Ex Walkthrough Apr 11 I have now reinstated the walkthrough that I wrote many years ago for the original Deus Ex game. Redirects from the original URLs should be in place too, just in case anyone has been eagerly awaiting its return for such a long time 😉 You’ll find the walkthrough at
  • ioquake3 / Quake3e / OSP / CPMA / CNQ3 Apr 4 Since our little boy arrived 8 months ago, opportunities to spend time gaming have become extremely scarce. So I find myself gravitating back towards Quake 3 Arena, rather than the single-player FPS games I’ve mostly been playing over the past 15 years or so, as a quick game of Quake 3 is typically short enough that it’s actually possible to fit one in occasionally. I should perhaps add that I have no expectation of playing online – I just play against nightmare bots nowadays.
  • Welcome! Apr 3 So I finally decided that the time has come to reinstate my website, having taken the previous incarnation offline around 7 years ago or so. The previous site had been built using Joomla (originally Mambo), but this time around it seemed like an easy decision to go with WordPress, given its popularity. For now I’m deliberately keeping the design very spartan, although I will no doubt customise it further in the future.