Latest Posts

Recently, a few hours after setting up Umami with Docker and Nginx on my VPS, I stumbled into a misconfiguration that left the admin dashboard exposed to the public web. Thankfully, there was no immediate danger. Since right after creating Umami's docker instance, I have updated the admin username and password immediately, and locked it down before anything bad could happen. Still, it was a stressful reminder that small mistakes in deployment can have big consequences.

Here’s the story of what happened and what I learned along the way.

Like a lot of developers coming from Linux or a server environment, I hit some confusion when setting up Docker on my Mac. On Linux, you just install Docker and it works natively. On macOS, it’s a bit different — there’s no native Docker Engine because we don’t have a Linux kernel. That’s where tools like Docker Desktop and Colima come in.

Let me walk through what I’ve learned.

I spent the better half of today getting Umami analytics to cooperate with a static blog served through Cloudflare and an Nginx proxy. The tracking script was having issue in Safari (CORS) and Firefox (nothing showed up in the Developer Tools' Network tab).

This is the story of following the trail from mysterious redirects to CORS ghosts and finally to Firefox’s stealthy sendBeacon API.

Over the past few weeks, I’ve spent quite a bit of time experimenting with Tailscale, and it has quickly become one of my favorite tools.

If you haven’t heard of it, Tailscale is a secure, easy-to-use mesh VPN built on WireGuard. It lets your devices talk to each other as if they were on the same local network, no matter where in the world they are.

What started as a simple question — "Why can’t I reach my MacBook over Tailscale from my iPhone on mobile data?" — turned into a deep dive into NAT types, relay servers, and the hidden power of IPv6. This post documents the technical journey, the dead ends, and the final conclusion.

So the mystery: why do VPS connections work, but Mac connections fail?

For years, I thought of coding as something tied to my desk — Mac in front of me, full keyboard, full IDE. But recently, I found myself dreaming: what if I could carry my entire creative coding studio in my pocket? Not just SSH access, but a true AI-assisted environment where I could code, commit, and preview my projects anywhere.

This blog is half technical walkthrough, half personal reflection. It’s the story of how I explored Cloudflare Tunnel, discovered Tailscale, refined my workflow with tmux and iTerm, and ultimately unlocked the freedom of having a fully fledged Mac in my pocket.

I’ve always loved how iMessage or WhatsApp automatically turn a shared link into a little postcard. Until this week, that magic felt like a black box. I suspected there had to be an open standard behind it, but I’d never hooked it up myself. Cue a pairing session with GPT-5 Codex, and about two hours later, the 11ty Subspace Builder can mint its own branded previews for every post.

Here is an example card for this blog post.

Building small websites with GPT-5 Codex turned out to be less about typing code and more about collaboration. From crude sketches to polished sites, the model took on the heavy lifting while I guided direction and design.

Along the way I discovered both the joy of fast iteration and the limits of relying on an AI partner. These projects became less about the sites themselves and more about exploring a new style of programming — conversational, creative, and sometimes flawed, but always eye-opening.

Last month, my girlfriend mentioned she needed a sleek portfolio site, and I realized I’d been meaning to start a personal tech blog.

I wanted something lightweight—easy to spin up and even easier to tweak. So I dove in: building a small 11ty + Tachyons site from scratch, pushing every iteration live in under a minute, and watching her face light up with each update even though she’s halfway across the country.