Note from the ramblings

About

Sun, 14 Dec 2025 00:00:00 +0000

OSS Enthusiast | Arch Linux | Site “Restart” Engineer(SRE) | Kubernetes | Distributed Systems | Cultures of Learning

But so passionate about FOSS world since late 2011 within booting up my shipboard with some *-nix (mostly prefered Linux) system and end up with send magic craft spells ⏎ aka Enter key.

Had been a silent reader starting from local forums like Kaskus , IDWS and local FB groups then randomly rooted Android Gingerbread to Jelly Bean and a frequently bricked OpenWrt small routers.

Streaming Radio lokal dengan VLC

Sun, 09 Nov 2025 00:00:00 +0000

Lanjutan..

So ini adalah tulisan lanjutan dari tahun kemarin tentang Menghidupkan kembali radio dengan versi analog. Singkat cerita sebelum menghidupkan kembali radio analog ini, saya sudah melakukannya sejak tahun 2014 ketika sedang di luar kota dengan cara streaming-an melalui official situs web di stasiun radio dengan mangandalkan koneksi modem 3G pada waktu itu, dimana seingat saya menghabiskan kuota 50MB an untuk pengaliran radio dari jam 10 malam sampai keesokan paginya 😅.

Btw, this is Arch Linux

Fri, 23 Aug 2024 00:00:00 +0000

Why writing this post

It’s been some time using Arch Linux as my daily driver OS on a Thinkpad T14 (Intel) Gen 3. Also, as of now, luckily and amusingly, I’ve received a non-Macbook laptop then no need thinking a lot, just accidentally install it with Arch Linux 🤷.

The main reason is simple, I have been habitual of using Arch Linux as my personal daily driver and stored my config as a “dotfiles” repository. I was thinking my Arch setup goes profesional works right now lol.

Nginx: fixing 'http2 directive is deprecated'

Tue, 25 Jun 2024 00:00:00 +0000

Intro

Lately I’ve rarely checked the version updates on my VPS stacks. Well, when wanted to add some a new vhost to my Nginx, a lengthy validation message appeared with many [warn] outputs when I ran nginx -t. So that’s make me feel attacked what happen with my Nginx 👀.

Just googled and found that since Nginx version 1.25.1 there is Important changes and it mention deprecation of listen ... http2 directive.

Simulate Kubernetes Multi-Cluster Deployments Locally With ArgoCD: Part II

Mon, 03 Jun 2024 00:00:00 +0000

TL;DR

This the second part, continuing from Part 1 . It focuses on implementing Cluster Generator in the ApplicationSet object through an example case, then on how to design the repository structure with a simple approach ✌️.

Example case

We want to deploy the staging environment on the current existing Kind Cluster (kind-infra-mgmt/in-cluster), while the production will be deployed to two clusters (c1 and c2 Clusters). Sometimes, in real cases, it is divided by “region based” such as asia-cluster, eu-cluster and etc. Depending on how the organizations groups them.

Simulate Kubernetes Multi-Cluster Deployments Locally With ArgoCD: Part I

Tue, 28 May 2024 00:00:00 +0000

TL;DR

So this writing was reflectedfrom my tinkering experience while playing with GitOps in kubernetes when using ApplicationSet object with Cluster Generator approach with utilizing Kind (Kubernetes in Docker) , vCluster , and Argo CD itself.

With the trend of adopting Kubernetes clusters for main container workloads, startups, unicorns, and potential big enterprises sometimes treat multiple Kubernetes clusters as a fleet, referring to them as collections or groups of Kubernetes clusters.

Local Network SSL with Caddy and Cloudflare

Sun, 17 Mar 2024 00:00:00 +0000

Since I’ve been using OrangePi Zero as my current server for my homelab, I was so curious regarding the PKI or TLS/SSL world that can be implementation in the local area network (LAN). I’ve ever to try create raw/natively PKI server to using default OpenSSL then a bit doing automation it using Ansible or with a fresh tech stack using smallstep (might will write it out someday 🙄).

But yeah after that, just found some interesting things when googling like is it possible if using the ACME concept? Like dealing with Let’s Encrypt but for local network and a bit just thinking then looks like i need some public IP to do that. But I found this great write up from SamEdwardes: Automatic Homelab HTTPS with Caddy and Cloudflare .

Menghidupkan kembali radio

Sat, 13 Jan 2024 00:00:00 +0000

Di era sekarang, mayoritas orang melakukan aktivitas mendengarkan musik sudah dalam bentuk platform digital seperti apple music, spotify, youtube music, dan sebagainya. Dengan iming-iming fitur mendengarkan tanpa iklan dan sebagainya, penyedia platform digital tersebut akan ask our pocket untuk melakukan langganan atau subscribe.

Terinspirasi dari beberapa warung kopi yang terkadang menyediakan fasilitas musik dengan cara memutar salah satu produk platform musik digital tersebut, seringkali terselip iklan yang menyela ketika akan memutar lagu selanjutnya seolah-olah seperti sedang mendengarkan radio. Setelah lagu selesai, terkadang muncul iklan dan ada juga setelah lagu lanjut acara monolog ataupun dialog dari sebuah program stasiun radio. Mungkin itu juga membuat platform musik digital tersebut memberikan fitur podcast?.

Implementing DNS over TLS (DoT) on a Budget with CoreDNS

Thu, 28 Sep 2023 00:00:00 +0000

Few months back I just started to finds a new SBC-based computer to replace my super trusty beast Raspberry Pi 2 and yeah eventually settled with OrangePi zero 2. The main reason for quick replacing it because I use DoH/DoT for my daily internet connectivity needs.

While searching for another option SBC-based computer, I got the plan that want to no longer using Pi-Hole as my main DNS server and having idea that Coredns its support for running DoH/DoT based DNS.

Homelab: Konfigurasi Wake on Lan pada Synology NAS

Fri, 23 Jun 2023 00:16:23 +0700

Hi! sudah lama tidak menulis tentang dunia per homelab an, well short story Mikrotik RB750 sudah tergantikan dengan Edgerouter X dan kehadiran perangkat baru NAS (Network Attached Storage) Synology 720+ 2 bay. Okay sebelum membahas lebih jauh, permasalahan tinggal di kota Yogyakarta bagian utara adalah soal listrik dari PLN sering mati lampu dadakan apalagi ketika cuaca hujan pasti bakal mati lampu beberapa menit (bahkan berjam-jam) atau sekedar mati sepersekian detik lalu menyala lagi.

Lagi, lupa backup data

Tue, 30 May 2023 22:23:25 +0700

Awal Cerita

Awal mula kadang sering ngulik-ngulik soal NIST or CIS Benchmark perihal standar security by default atau biasanya dipakai ketika di hadapin sama momen compliance things. Beberapa hari kemarin ngulik ternyata docker emang ada official CIS Benchmark standard nya.

Singkat cerita (karena lupa tulisan blog yang mana yang di pake). Di blog tersebut nulis kalau cara gampang buat check adalah pake docker-bench-security dan juga ngasih contoh how to buat fixnya, spontan langsung keinget di VPS sempet clone reponya dan update pake git pull buat jalanin scriptnya pake:

A journey static assets web server: Part II

Wed, 03 May 2023 00:00:00 +0000

Few weeks ago, I was write about A journey static assets web server: Part 1 and this is second post about the journey

Honestly I have been running my old school CDN (Content Delivery Network) since December 2021 (Sometimes so lazy to write it down :)) ). Few weeks back when I was feel to write some post here, I was discovered checked my server and it’s look so weird because the RAM usage always show ~750MB++ that’s so costly usage while my server only had 1GB RAM.

Overengineering this blog

Sat, 22 Apr 2023 16:17:23 +0000

Since I was added blogroll pages with RSS stuffs and reading about Tech news via lobste.rs and hckernews , It was gimme cool inspiration and care about simple things that can be works/done. Back then i was ever tweeted this:

https://nitter.it/i/status/1572990375962484736

Because of that tweet, make feel attacked want to write more about something that I personally maintain till now (aka this blog site). So in my current condition and perspective, it related to “it’s okay to not know everything” or something higher condition level is “just enjoy the process”.

A journey static assets web server: Part I

Fri, 04 Nov 2022 00:16:25 +0700

The main idea build this stuffs it’s just for want to learn how Caching works on Nginx because I was read bunch of great articles that’s inspired me like Why Netflix Chose NGINX as the Heart of Its CDN and Serving 100 Gbps from an Open Connect Appliance then suddenly my curious thoughts told me to browse deep about that and I was found cool The 5-hour CDN and this repository .

Kubernetes Endpoint and externalName Service

Thu, 14 Jul 2022 00:33:45 +0700

It’s been a while since I did not write some Kubernetes things because a few months back I just played with another workload/container orchestration tools, the Hashicorp Nomad and Consul stacks (Will write it someday hahaha ✌️).

From the Hashicorp Nomad and Consul stacks, i just got some miracle about how basic things the workload works, especially when you deal with container stuff, horizontal/vertical scaling or something most people call distributed system and yeah its about DNS (Domain Name System) implementation for your workload mapping and how they call or communicate each others (for this one i learn much from main features of Consul).

Sidecar Container Pattern With Docker Compose

Sun, 12 Dec 2021 03:31:38 +0700

Few weeks ago, I just think how to applying a sidecar container pattern on Docker then how to make it as keep it simple s*****, also the main goal it’s trying to tunnel my Raspberry Pi to my VPS (Virtual Private Server).

For the goals about tunneling my old Raspberry Pi to VPS, around 1 years ago I was trying to install VPN like wireguard and tailscale. Both VPN’s look like running fine without issue for me (yeah, just personal use :D).

Nginx Extras and Ubuntu 20.04

Sat, 04 Sep 2021 01:12:49 +0700

It’s been a while since my last post, so I haven’t written anything on my blog. So here we go. Just want to share about issues on my VPS that were around 2 month before.

Suddenly I checked my junk mail and there was a bunch of inbox from Uptime Robot and notified that my blog and some dummy services is down. Yea, around 1 or 2 month before it’s busy day and much work task, so just don’t care about what happen on my VPS 🤣 (read: i hope my service can do autoheal like the blues one).

A Notes About Graceful Shutdown on Container World

Thu, 11 Mar 2021 01:57:11 +0700

Well, Graceful shutdown it’s one of method for turning off safely some system or may your computer also it can be applied on some service application. Previously I thought this is like an unimportant method but after gaining more practice and experience this one can be very useful when you have a more complex system build as well you can’t ignore to used this method.

Before I write more about how to use it in the container world, Graceful Shutdown is so closely related with IPC (Interprocess Communication) mechanisms that mean every process or activity that goes top of Kernel has a signal process communicating with one or more processes. A signals can be generated by keyboard interrupt or some error condition like virtual memory exhausted. Every signals had their defined number code and total signals that defined on Kernel is 30 signals CMIIW but as long as i know for common signals that used in Graceful shutdown are

Blog Update

Tue, 29 Dec 2020 20:23:06 +0700

Tulisan ini merupakan update lanjutan dari tulisan sebelumnya tentang bagaimana blog ini dibuat, notes ini merupakan kumpulan dari beberapa pencapain dalam Research n Dev pengembangan pada blog ini, Well mungkin bisa disebut pembaharuan blog dengan versi v.2.0 (Rofl! hahaha).

Berikut dibawah ini merupakan beberapa daftar notes perubahanya :

Pembaharuan Dockerfile

Bagian pertama lebih tepatnya tentang pembaharuan artifactory dari container yang secara pribadi berusaha menekan besarnya ukuran dari kontainer. Dari menggunakan base image keluarga debian:*^slim sampai proses penulisan yang dibuat secara multistage (kombinasi dari base builder alpine dan final write images menggunakan nginx:alpine). Dockerfile yang ditulis sebelumnya menggunakan base image yang terinspirasi dari monachus/hugo dan memakan ukuran sekitar ~150 MB++. Menurut dari laman dokumentasi Docker, salah satu cara terbaik menekan ukuran adalah dengan metode multistage dan mungkin kalian dapat mencari contoh untuk proses contoh penulisan multistage seperti dari blog.callr.tech , Hugo and Nginx multi-stage build Dockerfile .

Thinkpad L390: A Journey Under Linux

Wed, 25 Nov 2020 00:00:00 +0000

Here I will write and share a journey using Thinkpad L390 under Linux for around 1 year of use it. This laptop was replacement my “Old Beast” Asus K43s* series which has been adventures for about 7 years. This laptop is coming through with following specifications like :

Item	Value
Processor	i7-8565U
RAM	8GB
Storage	512 SSD Nvme
Display	13.3" FHD IPS (1920 x 1080)

Lenovo Thinkpad L390 comes with OEM Windows 10, so I hated it then broke up and started dealing with Linux Ubuntu 20.04. Well, finally there are some problems that might be common to face it with L390 based on my experience

Rootless Docker Engine

Tue, 15 Sep 2020 00:00:00 +0000

Back around 1-2 years ago, Container World had some security issue about privileges escalation and hundred of vulnerable host had Expolited . Common Vulnerabilities and Exposures (CVE) like CVE-2016-9962 and CVE-2019-5736 it’s about issue on privileges escalation. Because usually cases Docker Engine or Docker Daemon used group on root level user.

One of trick to reduce or to avoid the potential vulnerabilities is using Rootless Mode especially when you running on stag or production mode (potentially exposed). Meaning of Rootless is you does not require root privileges and same like doing docker run --userns-remap mode but its just rootless on level container but not in Daemon / Docker Engine.

Pihole with Dnscrypt-proxy

Sat, 04 Jul 2020 00:00:00 +0000

Some nothing to do project is re-purposing my old Raspberry Pi 2 B and I was thinking to moved my local DNS server to this Pi. This note will contain few steps to play with Dnscrypt and Pihole one of my priority reason to combine with Dnscrypt is I hate “ads” and take my freedom about “privacy” tracking from social media, vendor (ISP’s) and whatever they calling (yeah trying ROFL!).

Private Infrastructure (Home Lab): Part II

Fri, 10 Apr 2020 00:00:00 +0000

Lanjutin dari Part 1, dalam tulisan ini merupakan evolusi besar dari progres Building Home Lab. Dimulai dari pertengahan 2017 mulai ada tambahan hardware laptop Toshiba tahun 2011-an yang berfungsi as Hypervisor Type 2 running menggunakan Virtualbox dan Hyper-V.

Mulai kerasa lama kelamaan selain untuk tujuan ngulik dan ngoprek, Home Lab ini mulai merambah fungsi daily private usage seperti host repo git sendiri, adblock + DNS server sendiri, dan private cloud storage.

Private Infrastructure (Home Lab): Part I

Thu, 09 Apr 2020 00:00:00 +0000

Kegiatan Home Lab merupakan salah satu bentuk atau cara untuk melakukan ngoprek ngulik di dunia IT. Di dalam part pertama ini, penulis akan membagikan pengalaman cerita membangun Home Lab untuk pertama kalinya.

Berawal dari akhir tahun 2015 mulai sering nongkrong di subredit r/homelab , rasa ingin untuk membangun Home Lab semakin besar apalagi dengan mulai sering ngulik dunia Container dkk dan akhirnya mulai ngumpulin beberapa hardware networking secara murmer dan kere hore.

Istio on KinD

Mon, 16 Mar 2020 00:00:00 +0000

Prerequisite

Prepare your Kubernetes in Docker Cluster

Get Helm

Before we go install Istio, we need install some added tool like Helm. Helm is one of tool for package management tool similar like aptitude on Debian based, yum on Centos fam’s, npm or pip3 (whatever you say). Its possible for create, pull, search and many more and considering Istio installation via Helm just supported Helm version 2

Below is example how to get and install Helm

Canary Release With Istio

Sat, 26 Oct 2019 00:00:00 +0000

Service Mesh

Sebelum masuk ke hal teknis, kita akan membahas tentang apa itu service mesh sendiri. Service mesh merupakan metode yang menyediakan sebuah policy-based tentang bagaimana cara microservices berkomunikasi berdasarkan pola perilaku yang diinginkan pada microservices tersebut. Secara gampangnya adalah services mesh memudahkan kita untuk mengatur manajemen dari microservices yang kita punya.

Beberapa fitur yang dimiliki service mesh adalah:

Observability (monitoring, logging, tracing)
Traffic Control (canary release, A/B test)
Service Resiliency (retry, timeout)
Security (mTLS, Policy, JWT)

Untuk lanjutan tetang beberapa dokumentasi dan penjelasan lebih silahkan cek link dibawah ini

Local Kubernetes Lab

Wed, 07 Aug 2019 00:00:00 +0000

Kubernetes on Laptop

Beberapa tahun belakangan ini mungkin di kalangan orang IT baik dari sisi Dev maupun Ops sering mendengar tentang hype nya kubernetes. Kubernetes merupakan sebuah orchestration tool untuk manage docker container. Ada banyak tool untuk melakukan developing, testing dan learning Kubernetes secara lokal di laptop seperti minikube, Microk8s dari ubuntu dan Kind dari SIGS (Special Interests Groups) dari komunitas open sources Kubernetes.

Kubernetes in Docker

Kind mempunyai kepanjangan “Kubernetes in Docker” dimana di setiap node yang berjalan secara lokal dalam bentuk kontainer docker. Berikut merupakan proses instalasi Kind

Hugo static and Gitlab-ci

Mon, 19 Nov 2018 20:23:06 +0700

Build this blog

Dikarenakan sudah mulai bingung dan gabut di depan laptop (stuck ngoprek soalnya). Mulailah iseng buat bikin blog tapi yang agak rumit ga sekedar klik n run. Awalnya dulu sempat tertarik dengan Jekyll - static site dengan bahasa Ruby. Ngulik-ngulik lagi dan ternyata ada static site yang basic bahasanya menggunakan bahasa GO (agak interest sih).

Hugo combine with Docker

Fase ini sudah mulai mencoba dev hugo secara lokal di laptop, dan memikirkan gimana kalau Hugo-nya di pack ke dalam bentuk container dengan docker ?. Cari-cari dari Dockerhub dan menemukan image ini monachus/hugo . Baca-baca dokumentasi yang lumayan lengkap di reponya, dengan susunan tree project yang sama seperti di link tersebut. Berikut merupakan contoh Dockerfile yang digunakan untuk build hugo and docker.

Welcome world!

Fri, 09 Nov 2018 00:00:00 +0000

Hello this my first post

Whoops! Page not found

Mon, 01 Jan 0001 00:00:00 +0000

Please go back and find the best ways…

Note from the ramblings

About

Streaming Radio lokal dengan VLC

Lanjutan..

Btw, this is Arch Linux

Why writing this post

Nginx: fixing 'http2 directive is deprecated'

Intro

Simulate Kubernetes Multi-Cluster Deployments Locally With ArgoCD: Part II

TL;DR

Example case

Simulate Kubernetes Multi-Cluster Deployments Locally With ArgoCD: Part I

TL;DR

Local Network SSL with Caddy and Cloudflare

Menghidupkan kembali radio

Implementing DNS over TLS (DoT) on a Budget with CoreDNS

Homelab: Konfigurasi Wake on Lan pada Synology NAS

Lagi, lupa backup data

Awal Cerita

A journey static assets web server: Part II

Overengineering this blog

A journey static assets web server: Part I

Kubernetes Endpoint and externalName Service

Sidecar Container Pattern With Docker Compose

Nginx Extras and Ubuntu 20.04

A Notes About Graceful Shutdown on Container World

Blog Update

Pembaharuan Dockerfile

Thinkpad L390: A Journey Under Linux

Rootless Docker Engine

Pihole with Dnscrypt-proxy

Private Infrastructure (Home Lab): Part II

Private Infrastructure (Home Lab): Part I

Istio on KinD

Prerequisite

Get Helm

Canary Release With Istio

Service Mesh

Local Kubernetes Lab

Kubernetes on Laptop

Kubernetes in Docker

Hugo static and Gitlab-ci

Build this blog

Hugo combine with Docker

Welcome world!

Blogroll

Blog

OSS Projects

Photo

Whoops! Page not found