The Operator’s LUKS Bible

2026-03-132026-03-14 ~ Tom's IT Cafe ~ Leave a comment

Sensitive information is everywhere:

from your user databases
to your accounting software
inside your backups
on your smartphones

Names. Password hashes. Emails.
Financials. Customers. Quotes.
Configurations. Passwords.

Every company has their own threat model.

Yet – everyone should protect their most sensitive data.

Continue reading →

The Operator’s KVM Bible

2026-03-062026-03-05 ~ Tom's IT Cafe ~ Leave a comment

When the enterprise behind one of the widespread hypervisors was acquired:
many sysadmins decided to move on.

Most of them chose a Linux-based open-source alternative.
Many of them migrated to the Microsoft ecosystem.
They chased the same workflow, the same features they had before.

Only a very few operators dared to rework their processes and architecture.

KVM (Kernel-based Virtual Machines) is part of the Linux kernel.
It is a stable and fast hypervisor.

A carefully configured host OS for KVM can reduce the attack surface compared to feature-heavy hypervisors.
The libvirt API enables secure automation and configuration management.
KVM can host Linux, Windows and BSD virtual machines as well.
It ships an ecosystem of mature tools for the operators in charge.

KVM is not a downgrade. It’s a sideways step.

Continue reading →

Gitea – Ansible Installer Role

2026-02-272026-03-08 ~ Tom's IT Cafe ~ Leave a comment

Automation and configuration management are not just about comfort.
They provide security, auditability and operational freedom.

For this reason Tom’s IT Cafe provides an Ansible role that:

Downloads and installs the Gitea Linux binary
Sets up a system service (as a non-root user)
Sets up PostgreSQL (or SQLite for lightweight setups)
Optionally sets up a reverse proxy with Certbot or self-signed keys
Highly configurable through variables

The role focuses on a small, auditable code base with strong security.

Continue reading →

Gitea – Your Self-Hosted Git Platform

2026-02-202026-02-19 ~ Tom's IT Cafe ~ Leave a comment

You feel the comfort of the cloud – low maintenance, fast setup.
Your source code, configuration and files are safe.

Or… are they?

You rely on a third party for infrastructure control, security operations and availability.
What would your business continuity plan look like if your SaaS provider became unavailable?

In this article we investigate a self-hosted solution for small businesses.

Continue reading →

Borg Backup – Encrypt And Deduplicate Your Data

2026-02-062026-01-26 ~ Tom's IT Cafe ~ Leave a comment

If you have any data – backups are not optional.
Devices crash. Pendrives disappear. Houses burn down.

Your backups are useful only if you can restore them.

Continue reading →

Suspend Then Hibernate with LUKS and LVM (A Practical Setup)

2026-01-142026-01-15 ~ Tom's IT Cafe ~ Leave a comment

Linux power management was tricky in the early days.
Adding LUKS and LVM to the mix was a suicide combo.

Today it’s not just a possibility – it’s a baseline requirement for secure Linux setups.

Continue reading →

M	T	W	T	F	S	S
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30	31