| Age | Commit message (Collapse) | Author |
|---|
|
content-gemtext
|
|
|
|
Removed the LAN ingress update notice from Part 8 entirely, as the LAN
ingress content has been moved to Part 7 where ingresses were originally
introduced.
|
|
Relocated the "Exposing services via LAN ingress" section from Part 8
(Observability) to Part 7 (k3s and first pod deployments), as Part 7 is
where ingresses were originally introduced. Updated the Part 8 update
notice to reference Part 7 for LAN ingress implementation details.
|
|
Removed the detailed CARP failover testing section including
failover/failback test commands and results. The section was too
detailed for the blog post scope.
|
|
Updated client-side setup section to include DNS configuration.
Added instructions for adding /etc/hosts entries pointing LAN
service domains to the CARP VIP (192.168.1.138).
Renamed section from 'Client-side CA trust' to 'Client-side DNS
and CA setup' to reflect both DNS and certificate configuration.
|
|
Keep only Linux/FreeBSD setup instructions that match the actual
infrastructure. Removed unnecessary platform-specific instructions
for macOS and Windows from the Client-side CA trust section.
|
|
Gemini gemtext only supports headers up to ###. Changed all ####
headers to the *Header*: format for proper Gemini compatibility.
|
|
Added update notice at the beginning of the blog post to inform
readers about the LAN ingress feature addition in February 2026.
The notice references the new section and summarizes key features.
|
|
- Document CARP + relayd architecture for LAN access
- Explain cert-manager setup with self-signed CA
- Provide example LAN ingress configuration for Grafana
- Include CARP failover testing results
- Document three TLS offloaders (OpenBSD, Traefik, stunnel)
- Show step-by-step setup for FreeBSD relayd
- Add client-side CA trust instructions for Linux/macOS/Windows
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Amp-Thread-ID: https://ampcode.com/threads/T-019c086d-c760-779d-b740-0f748094b62a
Co-authored-by: Amp <amp@ampcode.com>
|
|
Amp-Thread-ID: https://ampcode.com/threads/T-019c086d-c760-779d-b740-0f748094b62a
Co-authored-by: Amp <amp@ampcode.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Updated all `wg show` output examples to include IPv6 addresses
in the "allowed ips" field for mesh peers.
Changes:
- All mesh peers now show dual-stack: 192.168.2.X/32, fd42:beef:cafe:2::X/128
- Roaming client output updated to show single gateway peer
- Reflects actual dual-stack WireGuard configuration
This makes the example outputs consistent with the IPv6 implementation
documented earlier in the blog post.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
|
|
Removed invalid Gemtext formatting:
- Changed #### headers to plain text with colons (Gemtext only supports # ## ###)
- Removed ** bold formatting (Gemtext has no inline formatting)
Gemtext is a minimal format with no support for inline bold/italic
or 4-level headers. Changed to plain text formatting.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
Restructured "Managing Roaming Client Tunnels" section to follow
a more logical flow:
1. First: Manual gateway failover configuration (create the configs)
- Configuration files for pixel7pro (QR codes)
- Configuration files for earth (systemd services)
2. Then: Usage instructions
- Starting/stopping on earth (using the configured services)
- Starting/stopping on pixel7pro (using the imported profiles)
- Verifying connectivity
This "configure first, then use" approach is more intuitive than
the previous order where usage instructions came before explaining
the failover configuration.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
Moved "Manual gateway failover for roaming clients" section into
"Managing Roaming Client Tunnels" as a subsection. This provides
better flow:
1. First explains basic roaming client setup and management
2. Then explains start/stop operations
3. Finally discusses the failover limitation and manual solution
The manual failover discussion now comes after readers understand
the basic roaming client operations, making it easier to follow.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
|
