LINUX Unplugged 651: Uptime Funk
47 snips
Jan 26, 2026 They dig into DNS across mesh VPNs and LANs, exploring Pi-hole binding, MagicDNS, and delegation techniques. Networking isolation ideas pop up with sidecars and containerized interfaces. Monitoring gets a deep look from Uptime Kuma to a federated Prometheus+Grafana setup with tiered alerts and Telegram escalation. Automation, resource trade-offs, and sharing config safely round out the conversation.
AI Snips
Chapters
Transcript
Episode notes
Layered Network Hardening For DNS Services
- Bind services to specific VPN interfaces and enforce that with network ACLs to avoid accidental public exposure.
- Use layered protections (app config + iptables) to reduce risk when a service must see multiple interfaces.
Mesh VPN Simplicity Reduces External Dependencies
- Nebula's model is extremely simple: exchanging key files creates a working mesh without a complex control plane.
- That simplicity makes Nebula resilient to third-party account failures (e.g., suspended Google access).
Automate Nebula Certs With An API
- Automate Nebula host certificate issuance using an API-backed service to simplify onboarding.
- Use a short-lived API-key flow to mint signed host certs for small/home networks without a managed control plane.