david

Cloud Infrastructure Engineer · Azure Terraform blueprints for ISO 27001 & NIS2 environments · woitzik.dev

Cologne, Germany Joined on May 15, 2026 https://woitzik.dev

Work

System Engineer · Cloud Infrastructure Solutions

david

Jun 24

SLO Burn-Rate Alerting with Prometheus: Beyond Threshold Alerts

#kubernetes #monitoring #homelab

5 min read

david

Jun 24

I Hardened Pod securityContext and Broke 9 Containers in Production

#kubernetes #security #homelab

6 min read

david

Jun 22

Hardening Unattended Raspberry Pi Edge Nodes: Watchdog, fail2ban, nftables, and the Mistakes That Take Down DNS

#homelab #security #networking

9 min read

david

Jun 22

IPv6 NAT66 Behind a FritzBox: The RouterOS 7 Bug That Broke WiFi Clients

#mikrotik #networking #homelab

6 min read

david

Jun 21

My Firewall Had 77 Rules. Terraform Knew About 22 of Them.

#mikrotik #terraform #security #networking

5 min read

david

Jun 21

Kyverno: Supply Chain Security as Admission Control on Kubernetes

#kubernetes #security #homelab

5 min read

david

Jun 21

I Ran Gitleaks Against My Own Repo and Found 12 Real Secrets

#security #kubernetes #homelab

6 min read

david

Jun 21

ArgoCD Gotchas: Cache Staleness and the SharedResourceWarning Nobody Explains

#kubernetes #gitops #homelab

5 min read

david

Jun 18

How a 1 GiB Memory Limit Took Down My Entire k3s Cluster

#kubernetes #homelab #debugging

6 min read

david

Jun 18

External Secrets Operator + HashiCorp Vault: GitOps Secret Lifecycle in Kubernetes

#kubernetes #security #homelab

6 min read

david

Jun 14

Full Observability on k3s: kube-prometheus-stack + Loki + Grafana OIDC

#kubernetes #homelab #monitoring

6 min read

david

Jun 14

HA DNS for Homelab: Unbound + AdGuard Home + Keepalived on Raspberry Pi

#homelab #networking #dns

5 min read

david

Jun 14

k3s Backup Without the Complexity: Velero + Garage S3 on Longhorn

#kubernetes #homelab

5 min read

david

Jun 14

Enterprise Homelab: K3s, Authelia & Longhorn on Proxmox with Terraform

#kubernetes #homelab #security

6 min read

david

Jun 14

Self-Hosted Tailscale Control Plane: Headscale on k3s with Authelia OIDC

#kubernetes #homelab #security #networking

4 min read

david

Jun 14

Bare-Metal LoadBalancer on K3s: MetalLB + Traefik with ArgoCD

#kubernetes #homelab #networking

4 min read

david

Jun 14

GitOps on K3s: Managing a Complete Homelab with ArgoCD

#kubernetes #gitops #homelab

4 min read

david

Jun 14

Deploying Gemma 4 26B on Proxmox: IaC Setup with Terraform, Ansible & AMD iGPU

#homelab #ai #terraform

4 min read

david

Jun 14

Automating MikroTik Bridge VLAN Filtering & Proxmox Trunks with Terraform

#mikrotik #terraform #networking

4 min read

david

Jun 14

Automating MikroTik WireGuard VPN with Role-Based Access via Terraform

#mikrotik #terraform #networking

3 min read

david

Jun 14

Implementing a Zero-Trust MikroTik Firewall with Terraform

#mikrotik #terraform #security #networking

3 min read

david

Jun 14

Hardening Azure Acmebot for ISO 27001 & NIS2 Compliance

#azure #terraform #security #compliance

4 min read

david

Jun 14

Zero-Trust RAG: Defeating the Shared Private Link Deadlock in Azure Terraform

#azure #terraform #ai

5 min read

david

Jun 14

NIS2 Article 21 in Azure: Implementing Network Security Controls with Terraform

#azure #terraform #compliance #security

5 min read

david

Jun 14

Wildcard TLS Certificates on K3s with cert-manager and Cloudflare DNS

#kubernetes #homelab #security

4 min read

david

Jun 14

Architecting an Enterprise-Grade Homelab: My Ansible Master Playbook

#homelab #ansible

3 min read

david

Jun 14

Surviving Azure Policies: Zero-Trust Hub & Spoke with Terraform

#azure #terraform #networking #security

4 min read

david

Jun 14

Breaking the Loop: Solving Circular Dependencies in Azure Firewall Routing

#azure #terraform #networking

4 min read

DEV Community

david

Badges

Writing Debut

Skills/Languages

SLO Burn-Rate Alerting with Prometheus: Beyond Threshold Alerts

I Hardened Pod securityContext and Broke 9 Containers in Production

Hardening Unattended Raspberry Pi Edge Nodes: Watchdog, fail2ban, nftables, and the Mistakes That Take Down DNS

IPv6 NAT66 Behind a FritzBox: The RouterOS 7 Bug That Broke WiFi Clients

My Firewall Had 77 Rules. Terraform Knew About 22 of Them.

Kyverno: Supply Chain Security as Admission Control on Kubernetes

I Ran Gitleaks Against My Own Repo and Found 12 Real Secrets

ArgoCD Gotchas: Cache Staleness and the SharedResourceWarning Nobody Explains

How a 1 GiB Memory Limit Took Down My Entire k3s Cluster

External Secrets Operator + HashiCorp Vault: GitOps Secret Lifecycle in Kubernetes

Full Observability on k3s: kube-prometheus-stack + Loki + Grafana OIDC

HA DNS for Homelab: Unbound + AdGuard Home + Keepalived on Raspberry Pi

k3s Backup Without the Complexity: Velero + Garage S3 on Longhorn

Enterprise Homelab: K3s, Authelia & Longhorn on Proxmox with Terraform

Self-Hosted Tailscale Control Plane: Headscale on k3s with Authelia OIDC

Bare-Metal LoadBalancer on K3s: MetalLB + Traefik with ArgoCD

GitOps on K3s: Managing a Complete Homelab with ArgoCD

Deploying Gemma 4 26B on Proxmox: IaC Setup with Terraform, Ansible & AMD iGPU

Automating MikroTik Bridge VLAN Filtering & Proxmox Trunks with Terraform

Automating MikroTik WireGuard VPN with Role-Based Access via Terraform

Implementing a Zero-Trust MikroTik Firewall with Terraform

Hardening Azure Acmebot for ISO 27001 & NIS2 Compliance

Zero-Trust RAG: Defeating the Shared Private Link Deadlock in Azure Terraform

NIS2 Article 21 in Azure: Implementing Network Security Controls with Terraform

Wildcard TLS Certificates on K3s with cert-manager and Cloudflare DNS

Architecting an Enterprise-Grade Homelab: My Ansible Master Playbook

Surviving Azure Policies: Zero-Trust Hub & Spoke with Terraform

Breaking the Loop: Solving Circular Dependencies in Azure Firewall Routing