Notes

After a year of relying on managed services for everything, I moved my side projects back to bare VPSes. The trade-off is real: more time setting up systemd units and writing backup scripts, but predictable bills and no surprise deprecations. Caddy handles TLS automatically and that solved 80% of the friction. The rest is just discipline.

pg_dump + gzip + openssl enc -aes-256-cbc -pbkdf2, dropped into S3-compatible storage via rclone, triggered by a systemd timer every six hours. Encryption key lives in a separate vault. Restore tested monthly. That's the entire setup.

Currently working through Designing Data-Intensive Applications (re-read), Building Microservices, and a couple of Russian-language essays on systems architecture. Slow going but enjoyable.

Setting up a place to write down what I'm working on. No comments, no analytics, no newsletter. Just notes.