fix: disable content security policy

Reviewed-on: #14

.gitea/workflows/build-container-image.yaml

@@ -1,7 +1,9 @@
-name: Build Docker Container
+name: Build and Deploy
 run-name: ${{ gitea.actor }} is building container
-on: [push]
-
+on:
+  push:
+    tags:
+      - "*"
 jobs:
   Build-Container-Image:
     runs-on: ubuntu-latest
@@ -59,4 +61,4 @@ jobs:
           DOCKER_HOST: "tcp://docker:2376/"
           DOCKER_TLS_CERTDIR: "/certs"
           DOCKER_TLS_VERIFY: 1
-          DOCKER_CERT_PATH: "/certs/client"
+          DOCKER_CERT_PATH: "/certs/client"

.gitea/workflows/renovate.yaml

@@ -10,7 +10,7 @@ on:
 jobs:
   renovate:
     runs-on: ubuntu-latest
-    container: ghcr.io/renovatebot/renovate:39.207.2
+    container: ghcr.io/renovatebot/renovate:41.62.4
     steps:
       - uses: actions/checkout@v4
       - run: renovate

CODE_OF_CONDUCT.md

@@ -1,128 +0,0 @@
-# Contributor Covenant Code of Conduct
-
-## Our Pledge
-
-We as members, contributors, and leaders pledge to make participation in our
-community a harassment-free experience for everyone, regardless of age, body
-size, visible or invisible disability, ethnicity, sex characteristics, gender
-identity and expression, level of experience, education, socio-economic status,
-nationality, personal appearance, race, religion, or sexual identity
-and orientation.
-
-We pledge to act and interact in ways that contribute to an open, welcoming,
-diverse, inclusive, and healthy community.
-
-## Our Standards
-
-Examples of behavior that contributes to a positive environment for our
-community include:
-
-* Demonstrating empathy and kindness toward other people
-* Being respectful of differing opinions, viewpoints, and experiences
-* Giving and gracefully accepting constructive feedback
-* Accepting responsibility and apologizing to those affected by our mistakes,
-  and learning from the experience
-* Focusing on what is best not just for us as individuals, but for the
-  overall community
-
-Examples of unacceptable behavior include:
-
-* The use of sexualized language or imagery, and sexual attention or
-  advances of any kind
-* Trolling, insulting or derogatory comments, and personal or political attacks
-* Public or private harassment
-* Publishing others' private information, such as a physical or email
-  address, without their explicit permission
-* Other conduct which could reasonably be considered inappropriate in a
-  professional setting
-
-## Enforcement Responsibilities
-
-Community leaders are responsible for clarifying and enforcing our standards of
-acceptable behavior and will take appropriate and fair corrective action in
-response to any behavior that they deem inappropriate, threatening, offensive,
-or harmful.
-
-Community leaders have the right and responsibility to remove, edit, or reject
-comments, commits, code, wiki edits, issues, and other contributions that are
-not aligned to this Code of Conduct, and will communicate reasons for moderation
-decisions when appropriate.
-
-## Scope
-
-This Code of Conduct applies within all community spaces, and also applies when
-an individual is officially representing the community in public spaces.
-Examples of representing our community include using an official e-mail address,
-posting via an official social media account, or acting as an appointed
-representative at an online or offline event.
-
-## Enforcement
-
-Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported to the community leaders responsible for enforcement at
-tabi@osc.garden.
-All complaints will be reviewed and investigated promptly and fairly.
-
-All community leaders are obligated to respect the privacy and security of the
-reporter of any incident.
-
-## Enforcement Guidelines
-
-Community leaders will follow these Community Impact Guidelines in determining
-the consequences for any action they deem in violation of this Code of Conduct:
-
-### 1. Correction
-
-**Community Impact**: Use of inappropriate language or other behavior deemed
-unprofessional or unwelcome in the community.
-
-**Consequence**: A private, written warning from community leaders, providing
-clarity around the nature of the violation and an explanation of why the
-behavior was inappropriate. A public apology may be requested.
-
-### 2. Warning
-
-**Community Impact**: A violation through a single incident or series
-of actions.
-
-**Consequence**: A warning with consequences for continued behavior. No
-interaction with the people involved, including unsolicited interaction with
-those enforcing the Code of Conduct, for a specified period of time. This
-includes avoiding interactions in community spaces as well as external channels
-like social media. Violating these terms may lead to a temporary or
-permanent ban.
-
-### 3. Temporary Ban
-
-**Community Impact**: A serious violation of community standards, including
-sustained inappropriate behavior.
-
-**Consequence**: A temporary ban from any sort of interaction or public
-communication with the community for a specified period of time. No public or
-private interaction with the people involved, including unsolicited interaction
-with those enforcing the Code of Conduct, is allowed during this period.
-Violating these terms may lead to a permanent ban.
-
-### 4. Permanent Ban
-
-**Community Impact**: Demonstrating a pattern of violation of community
-standards, including sustained inappropriate behavior,  harassment of an
-individual, or aggression toward or disparagement of classes of individuals.
-
-**Consequence**: A permanent ban from any sort of public interaction within
-the community.
-
-## Attribution
-
-This Code of Conduct is adapted from the [Contributor Covenant][homepage],
-version 2.0, available at
-https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
-
-Community Impact Guidelines were inspired by [Mozilla's code of conduct
-enforcement ladder](https://github.com/mozilla/diversity).
-
-[homepage]: https://www.contributor-covenant.org
-
-For answers to common questions about this code of conduct, see the FAQ at
-https://www.contributor-covenant.org/faq. Translations are available at
-https://www.contributor-covenant.org/translations.

CONTRIBUTING.md

@@ -1,122 +0,0 @@
-# Contributing to tabi
-
-Halló!
-
-Thanks for contributing to [tabi](https://github.com/welpo/tabi). Before implementing new features and changes, please [submit an issue](https://github.com/welpo/tabi/issues/new) so that we can discuss it.
-
-We welcome contributions in many forms, including:
-
-- Bug reports;
-- New translations;
-- Improvements to existing translations;
-- Feature requests;
-- Code patches;
-- Documentation improvements;
-- UI/UX suggestions.
-
-If you're not sure how to contribute or need help with something, please don't hesitate to reach out via the [issue tracker](https://github.com/welpo/tabi/issues) or [mail](mailto:tabi@osc.garden?subject=[GitHub]%20tabi).
-
-## Pull Requests
-
-Working on your first Pull Request? You can learn how from this free video series:
-
-[**How to Contribute to an Open Source Project on GitHub**](https://egghead.io/courses/how-to-contribute-to-an-open-source-project-on-github)
-
-Please make sure the following is done when submitting a pull request:
-
-1. **Keep your PR small**. Small pull requests are much easier to review and more likely to get merged. Make sure the PR does only one thing, otherwise please split it.
-2. **Use descriptive titles**. It is recommended to follow this [commit message style](#conventional-commit-messages-with-gitmoji).
-3. **Test your changes**. Make sure to test different configurations that might affect your changes.
-4. **Fill the PR template**. The template will guide you through the process of submitting a PR.
-
-### Conventional Commit Messages with Gitmoji
-
-See how a minor change to your commit message style can make you a better programmer.
-
-Format: `<gitmoji> <type>(<scope>): <description>`
-
-`<gitmoji>` is an emoji from the [gitmoji](https://gitmoji.dev/) list. It makes it easier to visually scan the commit history and quickly grasp the purpose of changes.
-
-`<scope>` is optional. If your change affects a specific part of the codebase, consider adding the scope. Scopes should be brief but recognizable, e.g. `config`, `feed`, or `search`.
-
-The various types of commits:
-
-- `feat`: a new API or behaviour **for the end user**.
-- `fix`: a bug fix **for the end user**.
-- `style`: changes to the visual appearance of the theme, e.g. CSS, fonts, images…
-- `docs`: a change to the website or other Markdown documents.
-- `refactor`: a change to code that doesn't change behaviour, e.g. splitting files, renaming internal variables, improving code style…
-- `chore`: upgrading dependencies, releasing new versions… Chores that are **regularly done** for maintenance purposes.
-- `misc`: anything else that doesn't change production code, yet is not `chore`. e.g. updating GitHub actions workflow.
-
-The commits within your PR don't need to follow this convention (we'll [squash them](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/configuring-commit-squashing-for-pull-requests)). However, the PR title should be in this format. If you're not sure about the title, don't worry, we'll help you fix it. Your code is more important than conventions!
-
-Example:
-
-```text
-🐛 fix(i18n): localise date in single taxonomy listing
-^  ^-^^----^  ^--------------------------------------^
-|  |  |       |
-|  |  |       +-> Description in imperative and lowercase.
-|  |  |
-|  |  +-> The scope of the change.
-|  |
-|  +-------> Type: see above for the list we use.
-|
-+----------> A valid gitmoji.
-```
-
-## Coding Style Guidelines
-
-While we don't enforce a strict coding style, we appreciate it when contributions follow the existing code style of the project (e.g. indenting with 4 spaces). This makes the codebase easier to read and maintain. If you are making significant changes or additions, please try to maintain consistency with the current coding patterns and idioms.
-
-For JavaScript files, we use [Prettier](https://prettier.io/) to format the code.
-
-The CSS properties are sorted following [Concentric-CSS](https://github.com/brandon-rhodes/Concentric-CSS). If you use VSCode, the [Sort CSS](https://marketplace.visualstudio.com/items?itemName=piyushsarkar.sort-css-properties) extension makes this super easy.
-
-## Pre-commit Githook
-
-### Introduction
-
-We use a pre-commit githook to maintain code and file quality. [This script](https://github.com/welpo/tabi/blob/main/.githooks/pre-commit) performs a series of checks and updates before a commit is made.
-
-### Setting Up
-
-To use the pre-commit githook, run the following command from the root of the repository to configure the git hooks path and make the script executable:
-
-```bash
-git config core.hooksPath .githooks
-chmod +x .githooks/pre-commit
-```
-
-### Features
-
-The pre-commit githook performs the following actions:
-
-#### Automatic Updates
-
-- **Front Matter in Markdown Files**: Automatically updates the "updated" field in the front matter of `.md` files.
-- **PNG Compression**: Compresses PNG files using either [`oxipng`](https://github.com/shssoichiro/oxipng) or [`optipng`](https://optipng.sourceforge.net/), whichever is available on your system.
-- **Font Subsetting**: Runs `subset_font` if `config.toml` has been modified.
-
-#### Commit Checks
-
-The script prevents you from committing if:
-
-- The `.md` file is marked as a draft.
-- Any file contains a "TODO".
-- A JavaScript file is being committed without a corresponding minified version.
-- A minified JavaScript file is not as small as it could be. Requires installing [UglifyJS](https://github.com/mishoo/UglifyJS) and/or [terser](https://github.com/terser/terser).
-- `config.toml` and `theme.toml` have different numbers of lines in their `[extra]` sections.
-
-These checks are in place to ensure code quality and consistency throughout the project.
-
-## Code of Conduct
-
-We expect all contributors to follow our [Code of Conduct](./CODE_OF_CONDUCT.md). Please be respectful and professional when interacting with other contributors.
-
-## License
-
-The code is available under the [MIT license](./LICENSE).
-
-Thank you for your contributions!

Dockerfile

@@ -6,4 +6,4 @@ RUN ["zola", "build"]
 
 FROM ghcr.io/static-web-server/static-web-server:2
 WORKDIR /
-COPY --from=zola /project/public /public
+COPY --from=zola /project/public /public

LICENSE

@@ -1,21 +0,0 @@
-MIT License
-
-Copyright (c) 2023 Óscar Fernández
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.

cliff.toml

@@ -1,148 +0,0 @@
-# git-cliff ~ default configuration file
-# https://git-cliff.org/docs/configuration
-#
-# Lines starting with "#" are comments.
-# Configuration options are organized into tables and keys.
-# See documentation for more information on available options.
-
-[remote.github]
-owner = "welpo"
-repo = "tabi"
-
-[changelog]
-# changelog header
-header = """
-# Changelog
-
-Welcome to the changelog for tabi. This document aims to provide a comprehensive list of all notable changes made to the project, organised chronologically by release version.
-
-We use Semantic Versioning (SemVer) for our version numbers, formatted as MAJOR.MINOR.PATCH. Major version changes involve significant (breaking) changes, minor versions introduce features and improvements in a backward compatible manner, and patch versions are for bug fixes and minor tweaks.\n
-"""
-# template for the changelog body
-# https://keats.github.io/tera/docs/#introduction
-body = """
-{%- macro remote_url() -%}
-  https://github.com/{{ remote.github.owner }}/{{ remote.github.repo }}
-{%- endmacro -%}
-{% if version %}\
-    {% if previous.version %}\
-        ## [{{ version | trim_start_matches(pat="v") }}]({{ self::remote_url() }}/compare/{{ previous.version }}..{{ version }}) - {{ timestamp | date(format="%Y-%m-%d") }}
-    {% else %}\
-        ## {{ version | trim_start_matches(pat="v") }} - {{ timestamp | date(format="%Y-%m-%d") }}
-    {% endif %}\
-{% else %}\
-    ## unreleased
-{% endif %}\
-
-{% macro commit(commit, in_breaking_section=false) -%}
-    - {% if commit.scope %}*({{ commit.scope }})* {% endif %}{% if commit.breaking and not in_breaking_section %}[**‼️BREAKING‼️**] {% endif %}\
-        {{ commit.message | upper_first }}\
-        {% if not commit.remote.pr_number %} ([{{ commit.id | truncate(length=7, end="") }}]({{ self::remote_url() }}/commit/{{ commit.id }})){%- endif -%}{% if commit.remote.username %} by @{{ commit.remote.username }} \
-        {%- set co_authors = commit.footers | filter(attribute="token", value="Co-authored-by") | map(attribute="value") -%}
-        {%- set number_of_co_authors = co_authors | length -%}
-        {%- for co_author in co_authors -%}
-            {%- if not loop.last %}, {% else %} and {% endif %}@{{ co_author | split(pat=" <") | first | trim }}
-        {%- endfor -%}
-        {%- endif -%}
-{% endmacro -%}
-
-{%- set breaking_header_shown = false -%}
-{% for commit in commits -%}
-    {% if commit.breaking and not breaking_header_shown -%}
-        {% raw %}\n### 💥 BREAKING CHANGES 💥\n{% endraw %}
-        {%- set_global breaking_header_shown = true -%}
-    {%- endif -%}
-    {%- if commit.breaking %}
-        {{ self::commit(commit=commit, in_breaking_section=true) -}}
-    {% endif -%}
-{%- endfor -%}
-{%- if breaking_header_shown == true -%}
-    {% raw %}\n{% endraw %}\
-{%- endif -%}
-
-{% for group, commits in commits | group_by(attribute="group") %}
-    ### {{ group | striptags | trim | upper_first }}
-    {% for commit in commits
-    | filter(attribute="scope")
-    | sort(attribute="scope") %}
-        {{ self::commit(commit=commit) }}
-    {%- endfor -%}
-    {% raw %}\n{% endraw %}\
-    {%- for commit in commits %}
-        {%- if not commit.scope -%}
-            {{ self::commit(commit=commit) }}
-        {% endif -%}
-    {% endfor -%}
-{% endfor %}
-
-{%- if github.contributors | filter(attribute="is_first_time", value=true) | length != 0 -%}
-  {% raw %}\n{% endraw %}### 👥 New contributors
-  {% raw -%}\n{% endraw -%}
-{% for contributor in github.contributors | filter(attribute="is_first_time", value=true) %}
-  🫶 @{{ contributor.username }} made their first contribution
-    {%- if contributor.pr_number %} in \
-      [#{{ contributor.pr_number }}]({{ self::remote_url() }}/pull/{{ contributor.pr_number }}) \
-    {%- endif %}
-{% endfor %}
-{%- endif %}
-{% raw -%}\n{% endraw -%}
-"""
-
-# remove the leading and trailing whitespace from the template
-trim = true
-# changelog footer
-footer = """
-<!-- generated by git-cliff -->
-"""
-# postprocessors
-postprocessors = [
-    # { pattern = " @([a-zA-Z0-9](?:[a-zA-Z0-9]+-?)*[a-zA-Z0-9])", replace = " [@$1](https://github.com/$1)"}, # add link to GitHub usernames (done in release script instead)
-]
-
-[git]
-# parse the commits based on https://www.conventionalcommits.org
-conventional_commits = true
-# filter out the commits that are not conventional
-filter_unconventional = true
-# process each line of a commit as an individual commit
-split_commits = false
-# regex for preprocessing the commit messages
-commit_preprocessors = [
-    # Replace the issue number with the link.
-    { pattern = "\\(#([0-9]+)\\)", replace = "([#${1}](https://github.com/welpo/tabi/issues/${1}))" },
-    # Remove trailing whitespace.
-    { pattern = ' +$', replace = "" },
-    # Replace multiple spaces with a single space.
-    { pattern = ' +', replace = " " },
-    # Remove gitmoji, both actual UTF emoji and :emoji:
-    { pattern = ' *(:\w+:|[\p{Emoji_Presentation}\p{Extended_Pictographic}](?:\u{FE0F})?\u{200D}?) *', replace = "" },
-]
-# regex for parsing and grouping commits
-commit_parsers = [
-    { message = "^feat", group = "<!-- 0 -->✨ Features" },
-    { message = "^fix", group = "<!-- 1 -->🐛 Bug fixes" },
-    { message = "^style", group = "<!-- 2 -->💄 Styling" },
-    { message = "^doc", group = "<!-- 3 -->📝 Documentation" },
-    { message = "^refactor", group = "<!-- 4 -->♻️ Refactor" },
-    { message = "^test", group = "<!-- 5 -->✅ Testing" },
-    { message = "^misc", group = "<!-- 6 -->🔧 Miscellaneous tasks" },
-    { message = "^deprecate", group = "<!-- 7 -->🗑️️ Deprecations" },
-    { message = "^chore", skip = true },
-]
-# protect breaking changes from being skipped due to matching a skipping commit_parser
-protect_breaking_commits = true
-# filter out the commits that are not matched by commit parsers
-filter_commits = true
-# regex for matching git tags
-tag_pattern = "v[0-9].*"
-
-# regex for skipping tags
-skip_tags = "v0.1.0-beta.1"
-# regex for ignoring tags
-ignore_tags = ""
-# sort the tags topologically
-topo_order = false
-# sort the commits inside sections by oldest/newest order
-sort_commits = "newest"
-# limit the number of commits included in the changelog.
-# limit_commits = 42

config.toml

@@ -101,10 +101,10 @@ stylesheets = []
 # Remote repository for your Zola site.
 # Used for `show_remote_changes` and `show_remote_source` (see below).
 # Supports GitHub, GitLab, Gitea, and Codeberg.
-remote_repository_url = "https://github.com/alexohneander/alexohneander-zola"
+remote_repository_url = "https://git.dev-null.rocks/alexohneander/alexohneander-zola"
 # Set this to "auto" to try and auto-detect the platform based on the repository URL.
 # Accepted values are "github", "gitlab", "gitea", and "codeberg".
-remote_repository_git_platform = "auto"  # Defaults to "auto".
+remote_repository_git_platform = "gitea"  # Defaults to "auto".
 # Branch in the repo hosting the Zola site.
 remote_repository_branch = "main"  # Defaults to "main".
 # Show a link to the commit history of updated posts, right next to the last updated date.

content/blog/use-real-servers-again/index.md

@@ -0,0 +1,30 @@
++++
+title = "Use real Servers again"
+date = 2025-03-18
+updated = 2025-03-18
+description = "Is the cloud really the ultimate solution? This post questions the current cloud-first mentality, arguing for a return to 'real' servers and discussing the hidden costs, dependency, and political vulnerabilities of relying solely on the cloud."
+
+[taxonomies]
+tags = ["baremetal", "cloud", "google", "aws", "cloud"]
+
+[extra]
+toc = false
+pinned = true
+quick_navigation_buttons = true
++++
+
+![Private Cluster](https://preview.redd.it/k3pj0bjpr7s61.jpg?width=1080&crop=smart&auto=webp&s=8f1cee3bfc17c36c165e9e7dd7d5fafda6c943c6)
+
+## The Case for Bringing Back "Real" Servers: Why the Cloud Isn't Always King
+
+For years now, the narrative has been clear: the cloud is the future. Businesses big and small have flocked to platforms like Google Cloud and AWS, lured by promises of scalability, flexibility, and cost savings. But lately, I've been thinking: is this headlong rush to the cloud truly the best path? I believe it's time we seriously consider a return to "real" servers and acknowledge the limitations and potential pitfalls of relying solely on these tech giants.
+
+Let's be honest, the cloud providers aren't doing anything magical. At their core, Google, Amazon, and the rest are simply running massive data centers filled with… you guessed it… servers. They've built impressive infrastructure and offer a wide range of services on top, but fundamentally, "they also just cook with water," as the saying goes. The perceived complexity and innovation can sometimes mask the underlying reality.
+
+One of the biggest issues I've encountered, and I know many others have too, is the often-opaque pricing structure of cloud services. While the initial allure might be pay-as-you-go flexibility, the reality can be a tangled web of instance types, storage tiers, network egress fees, and a host of other charges that can quickly balloon your monthly bill. These "hidden costs" can be difficult to predict and manage, often negating the promised cost savings compared to the more predictable expenses of owning and maintaining your own hardware.
+
+Furthermore, the increasing reliance on a handful of major cloud providers creates a significant dependency. We are essentially entrusting critical data and infrastructure to these companies, making ourselves vulnerable to their pricing changes, service outages, and even their long-term strategic decisions. This lack of control is a worrying trend, especially when considering the potential for vendor lock-in, where migrating away from a specific cloud platform becomes prohibitively expensive and complex.
+
+Beyond the technical and economic considerations, the current political landscape adds another layer of risk to our cloud dependency. Imagine a scenario where political tensions rise, and a country like the United States, under a potential future administration, decides to impose tariffs on cloud services. Someone like Trump, for example, has shown a willingness to use tariffs as a political tool. If such tariffs were levied on cloud usage, businesses relying heavily on these platforms would face significant and potentially crippling cost increases. This geopolitical uncertainty makes the idea of having more control over our own infrastructure increasingly appealing.
+
+In conclusion, while the cloud offers undeniable benefits in certain situations, it's crucial to have a more balanced perspective. We need to recognize that "real" servers still hold significant value, offering greater control, potentially more predictable costs, and insulation from the unpredictable nature of both cloud pricing and international politics. It's time to re-evaluate our cloud-first mentality and consider whether bringing some workloads back in-house, or at least diversifying our infrastructure, might be a more resilient and ultimately more cost-effective strategy in the long run.

content/pages/experience/index.md

@@ -53,9 +53,19 @@ Agency for internet and design founded in 1998, established in Kastellaun in the
 
 ## Projects
 
+### DevOps Engineer, AEF AgIN Common-Connector
+
+The Common-Connector is being developed by the Agricultural Industry Electronics Foundation (AEF) as part of their Agricultural Interoperability Network (AgIN) initiative. In my role as a DevOps engineer, I supported the tender and contributed to the development of the MVP. Our team developed a Java Spring Boot application to facilitate seamless data exchange between platforms.
+
+- Conception and Development of a Dev Cluster based on AWS EKS (IaC)
+- Setting up build and deployment pipelines (GitLab)
+- Development of a test concept (Playwright, Testcontainers)
+- Development and integration of the operator pattern in a Java Spring Boot application
+- Development of the security pipelines (SonarQube, Mend, SAST)
+
 ### DevOps Engineer, Cofinity-X
 
-**since 2023**
+**until 2024**
 
 Cofinity-X is the first operator of the Catena-X network, connecting automotive partners at every level of the value chain. As a DevOps engineer, I was responsible for the enablement services.
 
@@ -84,4 +94,5 @@ Just right for your pharmacy! amamed is the only digital solution on the market
 - Provision of various services (including backend APIs, MariaDB clusters, NATs, Redis)
 - Design and operation of Kubernetes clusters (3 locations)
 - Management of automated pipelines via Bitbucket Pipelines (continuous integration)
-- IT administration for 6 individuals (SysOps)
+- IT administration for 6 individuals (SysOps)
+

content/projects/updates-sucks/index.md

@@ -0,0 +1,62 @@
++++
+title = "Updates-Sucks"
+description = "A command-line tool for automating software version monitoring for DevOps engineers and system administrators."
+weight = 30
+
+[taxonomies]
+tags = ["Golang", "Monitoring", "DevOps", "Versioning", "Repositories" ]
+
+[extra]
+local_image = "projects/rustysearch/doteki_logo.webp"
+social_media_card = "social_cards/projects_doteki.jpg"
+canonical_url = "https://alexohneander.de/projects/updates-sucks/"
+add_src_to_code_block = true
++++
+
+## That 3 AM Cold Sweat: Did I Update That Thing?
+
+You know the feeling. It’s that gentle, peaceful moment just before you drift off to sleep. Or maybe it’s 3 AM on a Tuesday. Your mind is blissfully empty, and then, a rogue thought, fired from the darkest recesses of your subconscious, slams into your brain:
+
+*“That server I spun up for that ‘quick test’ in Q2 2022… is it still running?”*
+
+A cold sweat follows. What was it running? Is it patched? Is it secretly hosting the world's largest collection of pirated cat videos? You have no idea.
+
+As a DevOps Engineer, I’m basically a professional juggler. But instead of juggling cute, fluffy balls, I’m juggling servers, containers, microservices, and the lingering ghosts of projects past. I’m spread across so many clients and internal projects that my brain has more tabs open than a web developer on a research binge.
+
+The biggest nightmare? The *unmanaged* resources. The ones that aren’t neatly tucked into an Ansible playbook or a Terraform state file. The digital strays you adopted out of necessity and now have to feed, walk, and occasionally scrape digital chewing gum off of. Keeping track of what’s running is hard enough. Remembering what needs to be updated is a Herculean task.
+
+### The Breaking Point
+
+My breaking point came after a frantic afternoon spent auditing a forgotten corner of a client’s network. I found a container running a version of a service so old, its logo was probably still carved in stone. The feeling wasn't anger, it was a deep, existential sigh. There has to be a better way than relying on my own faulty, coffee-powered memory.
+
+I complained to my rubber duck. I stared into the void. The void stared back and whispered, “Dude, just script it.”
+
+And you know what? The void was right.
+
+### Introducing: updates-sucks
+
+Because let’s be honest, they do. The process of checking for them, that is.
+
+So, I built a beautifully simple tool to scratch my own itch: **[updates-sucks](https://github.com/wellcom-rocks/updates-sucks)**.
+
+It’s not fancy. It won’t make you a latte or file your taxes. But what it *will* do is save your sanity.
+
+I created a dead-simple pipeline that runs once a week. It quietly scans for my digital flock and checks which resources are lagging behind, crying out for a fresh update. It then gives me a neat little nudge, a “Hey, don’t forget this thing!” report.
+
+It’s like having a hyper-organized, slightly passive-aggressive robot assistant whose only job is to prevent me from becoming the subject of a future IT horror story.
+
+### How It Saves Your Bacon
+
+The beauty of `updates-sucks` is its simplicity. It’s a lightweight Go application that focuses on one thing: checking for container image updates. No bloated dashboards, no 200-page user manuals.
+
+1. **It checks:** It looks at the resources you tell it to watch.
+2. **It compares:** It sees if a newer, shinier version is available.
+3. **It reports:** It lets you know what needs your attention.
+
+That’s it. It’s the digital equivalent of putting sticky notes on everything, but the notes apply themselves automatically and don't fall off.
+
+### Stop the Madness. Reclaim Your Sleep
+
+If you’re a DevOps engineer, a sysadmin, or just someone who has spun up one too many “temporary” things, I invite you to check it out. Stop letting the ghosts of servers past haunt your nights.
+
+Give **[updates-sucks](https://github.com/wellcom-rocks/updates-sucks)** a look on GitHub. Fork it, star it, use it. Let’s make that 3 AM cold sweat a thing of the past. Your sanity (and your security team) will thank you.

deploy/deployment.yaml

@@ -0,0 +1,22 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: alexohneander-zola-deployment
+  namespace: websites
+  labels:
+    app: alexohneander-zola
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: alexohneander-zola
+  template:
+    metadata:
+      labels:
+        app: alexohneander-zola
+    spec:
+      containers:
+        - name: alexohneander-zola
+          image: git.dev-null.rocks/alexohneander/alexohneander-zola:0.1.11
+          ports:
+            - containerPort: 80

deploy/ingress.yaml

@@ -0,0 +1,59 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: alexohneander-zola-ingress
+  namespace: websites
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+    kubernetes.io/ingress.class: nginx
+    kubernetes.io/tls-acme: "true"
+spec:
+  ingressClassName: nginx
+  tls:
+    - hosts:
+        - alexohneander.de
+        - wellnitz-alex.de
+        - www.alexohneander.de
+        - www.wellnitz-alex.de
+      secretName: alexohneander-tls
+  rules:
+    - host: www.wellnitz-alex.de
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: alexohneander-zola-service
+                port:
+                  number: 80
+    - host: www.alexohneander.de
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: alexohneander-zola-service
+                port:
+                  number: 80
+    - host: wellnitz-alex.de
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: alexohneander-zola-service
+                port:
+                  number: 80
+    - host: alexohneander.de
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: alexohneander-zola-service
+                port:
+                  number: 80

deploy/service.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: alexohneander-zola-service
+  namespace: websites
+spec:
+  selector:
+    app: alexohneander-zola
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 80

sumi.toml

@@ -1,57 +0,0 @@
-# git-sumi ~ configuration file
-# Config: https://sumi.rs/docs/configuration
-# Rules: https://sumi.rs/docs/rules
-
-# Suppresses progress messages.
-quiet = false
-
-# Displays parsed commit message.
-display = true
-
-# Sets display format: cli, json, table, toml.
-format = "cli"
-
-# Processes each non-empty line as an individual commit.
-split_lines = false
-
-# Rule: Include one valid Gitmoji.
-# See https://gitmoji.dev/.
-gitmoji = true
-
-# Rule: Description must start with the specified case.
-# Options: 'any', 'lower', 'upper'.
-description_case = "lower"
-
-# Rule: Use the imperative mood in the description.
-# Example: 'Fix bug' instead of 'Fixed bug'.
-imperative = true
-
-# Rule: Do not end commit header with a period.
-no_period = true
-
-# Rule: Header length limit.
-# A value of 0 disables the rule.
-max_header_length = 55
-
-# Rule: Body line length limit.
-# A value of 0 disables the rule.
-max_body_length = 80
-
-# Rule: No leading, trailing, or consecutive spaces.
-whitespace = true
-
-# Rule: Follow Conventional Commits format.
-# See https://www.conventionalcommits.org/.
-conventional = true
-
-# Rule: List of allowed commit scopes.
-# An empty list allows all scopes. Example: ["docs", "cli"].
-scopes_allowed = []
-
-# Rule: List of allowed commit types.
-# An empty list allows all types. Example: ["feat", "fix", "docs"].
-types_allowed = ["feat", "fix", "docs", "refactor", "test", "chore", "misc", "style"]
-
-# Rule: Header must match regex pattern.
-# Example: '^JIRA-\d+:'.
-header_pattern = '^([\p{Emoji_Presentation}\p{Extended_Pictographic}](?:\u{FE0F})?\u{200D}?) \w' # The first character must be an emoji.

templates/partials/footer.html

@@ -8,7 +8,7 @@
     {%- set blank_target = "" -%}
 {%- endif -%}
 
-<footer>
+<footer>        
     <section>
         <nav class="socials nav-navs">
             {%- if config.extra.socials or config.extra.email %}
@@ -66,6 +66,9 @@
             {% endif %}
         </nav>
 
+        <p align="center">
+            <iframe src="https://tryhackme.com/api/v2/badges/public-profile?userPublicId=4027495" style='border:none;'></iframe>
+        </p>
         {# Footer menu #}
         <nav class="nav-navs">
             {%- if config.extra.footer_menu %}
@@ -103,8 +106,7 @@
 
                 {# Shows "Powered by Zola & tabi" notice #}
                 {{ macros_translate::translate(key="powered_by", default="Powered by", language_strings=language_strings) }}
-                <a rel="{{ rel_attributes }}" {{ blank_target }} href="https://www.getzola.org">Zola</a>
-
+                  <a rel="{{ rel_attributes }}" {{ blank_target }} href="https://www.getzola.org">Zola</a> and running on real <a {{ blank_target }} href="/blog/use-real-servers-again">Servers</a>
                 {# Shows link to remote repository #}
                 {%- if config.extra.remote_repository_url and config.extra.show_remote_source | default(value=true) -%}
                 {{ separator }}

templates/partials/header.html

@@ -131,7 +131,7 @@
     <meta property="og:site_name" content="{{ config.title }}">
 
     {%- if macros_settings::evaluate_setting_priority(setting="enable_csp", page=page | default(value=""), section=section | default(value=""), default_global_value="true") == "true" -%}
-        {%- include "partials/content_security_policy.html" -%}
+    {#   {%- include "partials/content_security_policy.html" -%} #}
     {%- endif -%}
 
     {%- if config.extra.theme_switcher and config.extra.theme_switcher == true -%}
@@ -176,4 +176,6 @@
         {%- endif -%}
     {%- endif -%}
 
+    {# Analytics Script #}
+    <script defer src="https://analytics.paas.wellcom.rocks/script.js" data-website-id="feaa9394-9ef8-4a5c-8671-884b00e67d7f"></script>
 </head>