Latest Posts

A Parsec outage looked like DNS trouble at first, but the real issue was hostname-specific TLS failure on one network path. This post follows the investigation from misleading symptoms to the hotspot-based fix that exposed what was really happening.

Swift's Observation framework rethinks how model objects communicate changes to SwiftUI. This is the first post in my Swift series, walking through @Observable and @State with a concrete drag-coordination class as the running example.

I've been building a habit-logging iOS app called ProjectDawn. Not because the App Store needs another habit tracker, but because I wanted a personal project that was genuinely mine and open source, and a project that can answer this openly: what does it feel like to build a real, modular, native iOS app with AI as a primary collaborator?

This post is part personal log, part technical retrospective. It covers the tools I used, what surprised me, where the AI fell flat, and the biggest shifts in how I think about building things now.

A practical overview of Zig, from its C-replacement goals and LLVM backend to its toolchain design, cross-compilation model, and appeal for systems and CLI software.

Browsers failing while `ping`, `ssh`, and `dig` still work can point to a split macOS resolver failure. In this post, I break down how a Tailscale + Pi-hole setup triggered resolver state corruption and how resetting DNS settings immediately fixed it.

Most personal projects and homelab services don’t need to be public, but they do need to be reachable. I want to access my dev tools, internal dashboards, and side projects from anywhere, on any of my own devices, without opening ports, exposing IPs, or worrying about who might stumble across them on the internet.

This post walks through how I built an everywhere-accessible but publicly invisible ingress engine using Tailscale, Docker, Caddy, and DNS rewrites. The result is a private, domain-based setup that behaves like a small cloud. It has HTTPS, clean hostnames, and reverse proxying, but is only accessible to me, lives on my own machine, and never touches the public internet.

I wanted a Docker setup for my Eleventy resume project that also generates a PDF using Puppeteer. I assumed this would be straightforward. It wasn’t.

Here’s the real path, from zero to working, with the errors along the way and what each one actually meant.

I wanted first-party analytics on my blog without handing traffic data to a SaaS vendor. Umami checked every box: open source, self-hostable, and friendly to privacy. I already keep a small VPS online 24/7, so dedicating a slice of that machine to Umami felt like a perfect fit.

Analytics turned into a blind spot once I shut off the usual trackers. I needed something:

I’ve had the Umami + Ansible post in my head for ages, but it touched three different repositories and a whole bunch of code snippets. Totally doable, but undeniably tedious — which is why it kept slipping down the backlog. You can read the finished article here: Private Analytics With Umami, Docker Compose, and Ansible.

The idea that finally nudged it forward was simple: why not let GPT (Codex) do the heavy lifting while I steer?

Catch up on the three rapid releases that reshape Subspace Builder with a tag hub, refreshed navigation, and a data-driven projects page.