Run Your Own IRC Server

2026-03-272026-03-25 ~ Tom's IT Cafe ~ Leave a comment

Want a private comms channel without relying on Discord or Slack?
IRC is alive, and you can run your own today.

A small, well-configured IRC server gives you privacy, control, and minimal attack surface – all in a few commands.

Some people think that IRC is dead.
Some of them don’t even know what is it.
They’re young, grew up on modern comms.

IRC is the protocol that laid the foundation of modern chats.

Networks used large footprint ircd daemons for the base.
They registered services daemons for channel and nick retention.
TLS settings were rare and uncomfortable.
SASL authentication was hardly set.

Then new developments appeared.
The old technology got a modern revision.

Continue reading →

The Operator’s WSL Bible

2026-03-202026-03-17 ~ Tom's IT Cafe ~ Leave a comment

Windows Subsystem for Linux: a practical way to run Linux on Windows.
Run Linux GUI applications – through WSLg.

There are situations when a powerful Linux desktop is not given.
In this case WSL can provide some Linux tooling and flexibility.

Operators don’t break. We bend – we adapt.

Continue reading →

The Operator’s LUKS Bible

2026-03-132026-03-14 ~ Tom's IT Cafe ~ Leave a comment

Sensitive information is everywhere:

from your user databases
to your accounting software
inside your backups
on your smartphones

Names. Password hashes. Emails.
Financials. Customers. Quotes.
Configurations. Passwords.

Every company has their own threat model.

Yet – everyone should protect their most sensitive data.

Continue reading →

The Operator’s KVM Bible

2026-03-062026-03-05 ~ Tom's IT Cafe ~ Leave a comment

When the enterprise behind one of the widespread hypervisors was acquired:
many sysadmins decided to move on.

Most of them chose a Linux-based open-source alternative.
Many of them migrated to the Microsoft ecosystem.
They chased the same workflow, the same features they had before.

Only a very few operators dared to rework their processes and architecture.

KVM (Kernel-based Virtual Machines) is part of the Linux kernel.
It is a stable and fast hypervisor.

A carefully configured host OS for KVM can reduce the attack surface compared to feature-heavy hypervisors.
The libvirt API enables secure automation and configuration management.
KVM can host Linux, Windows and BSD virtual machines as well.
It ships an ecosystem of mature tools for the operators in charge.

KVM is not a downgrade. It’s a sideways step.

Continue reading →

Gitea – Ansible Installer Role

2026-02-272026-03-17 ~ Tom's IT Cafe ~ Leave a comment

Automation and configuration management are not just about comfort.
They provide security, auditability and operational freedom.

For this reason Tom’s IT Cafe provides an Ansible role that:

Downloads and installs the Gitea Linux binary
Sets up a system service (as a non-root user)
Sets up PostgreSQL (or SQLite for lightweight setups)
Optionally sets up a reverse proxy with Certbot or self-signed keys
Highly configurable through variables

The role focuses on a small, auditable code base with strong security.

Continue reading →

Gitea – Your Self-Hosted Git Platform

2026-02-202026-02-19 ~ Tom's IT Cafe ~ Leave a comment

You feel the comfort of the cloud – low maintenance, fast setup.
Your source code, configuration and files are safe.

Or… are they?

You rely on a third party for infrastructure control, security operations and availability.
What would your business continuity plan look like if your SaaS provider became unavailable?

In this article we investigate a self-hosted solution for small businesses.

Continue reading →

The CI/CD Of The Small Business World

2026-02-132026-02-04 ~ Tom's IT Cafe ~ Leave a comment

DevSecOps is one of the most important shifts in modern systems.
It is not DevOps with security added later.
It is security designed into the CI/CD pipeline before the first commit.

Continue reading →

Borg Backup – Encrypt And Deduplicate Your Data

2026-02-062026-01-26 ~ Tom's IT Cafe ~ Leave a comment

If you have any data – backups are not optional.
Devices crash. Pendrives disappear. Houses burn down.

Your backups are useful only if you can restore them.

Continue reading →

WireGuard – Secret Path In The Shades

2026-01-302026-01-26 ~ Tom's IT Cafe ~ Leave a comment

Your Virtual Private Network isn’t there to watch geo-blocked content.
Once VPNs were used to connect networks, like remote offices of a company.
Today they protect your information and privacy.
This is why your VPN isn’t an optional tool anymore.
It’s your shield against the unwanted attention and passive monitoring.

Continue reading →

AI Agents – The New Corporate Security Holes

2026-01-212026-01-15 ~ Tom's IT Cafe ~ Leave a comment

The adoption of AI agents has accelerated.
More data. Faster hardware. More delegated tasks.

AI agents thrive in hidden corners of corporate IT.
They wait for work in silence – as privileged users.

What happens when an outsider gains access to such an agent?
Its privileges become the outsider’s access.

Continue reading →

Suspend Then Hibernate with LUKS and LVM (A Practical Setup)

2026-01-142026-01-15 ~ Tom's IT Cafe ~ Leave a comment

Linux power management was tricky in the early days.
Adding LUKS and LVM to the mix was a suicide combo.

Today it’s not just a possibility – it’s a baseline requirement for secure Linux setups.

Continue reading →

How To Avoid And Detect Phishing In 2026

2026-01-072026-01-15 ~ Tom's IT Cafe ~ Leave a comment

Phishing did not disappear.
It evolved.

In 2026, phishing emails look real.
SMS messages feel urgent.
Websites copy everything.

The goal is simple.
Make you rush.
Make you click.

This article shows how to slow down and spot phishing before it works.

Continue reading →

GPG Basics: Simple, Safe Encryption for Everyday IT Work

2025-12-092026-01-17 ~ Tom's IT Cafe ~ Leave a comment

When you hear the word encryption, it often sounds like something only security researchers and intelligence agencies deal with. But in reality, every IT professional – even small teams, freelancers, or home users – should understand the basics of protecting sensitive files.

GnuPG (or GPG) is one of the most trusted tools for this. It’s free, open-source, built into every Linux distribution, and works perfectly for encrypting files, verifying downloads, or signing work-related documents.

This guide walks you through a clean, beginner-friendly setup – no advanced OPSEC, no air-gapped machines, no master-key rituals. Just the essentials that anyone at home or at work can start using today.

Continue reading →

Solo Development Doesn’t Need Corporate Git Workflows

2025-12-042026-01-17 ~ Tom's IT Cafe ~ Leave a comment

Git is a powerful tool, but solo developers often inherit processes designed for large teams.
Corporate branching strategies solve coordination problems that an individual simply doesn’t have.
When you’re the only developer in the room, heavy processes become friction.
You don’t need gates, ceremonies, or complex merging rules to work effectively.

Continue reading →

Local LLMs for Privacy‑First Workflows A Practical Guide with LMStudio

2025-12-022026-01-15 ~ Tom's IT Cafe ~ Leave a comment

Why run a language model on your own machine?

Data stays local – No text leaves your computer, so sensitive information can’t be sent to the cloud.
No API limits or costs – Once you have the model file, you’re not paying per request.
Instant response time – The round‑trip latency of an internet call disappears; the model replies in milliseconds.

If you’re a developer, system admin, or just someone who values privacy, these benefits make local LLMs worth a look.

Continue reading →